Learn how to add static application security testing (SAST) to your CI/CD workflows to constantly verify code changes and improve application integrity.
Static Analysis Security Testing (SAST) in CI/CD: Why and How
Traditionally, and often unfortunately, organizations have treated security as a secondary and isolated process considered only at the end of the software development life cycle (SDLC). Noble as their intentions are, it can be frustrating to discover security vulnerabilities at such a late stage.
With the proliferation of the agile development methodology and CI/CD, is it possible to use a static application security testing (SAST) tool to constantly verify code changes and improve application integrity throughout the SDLC?
In this webinar, we’ll provide insights into the following:
- What is SAST? Are SAST tools just glorified grep?
- What can SAST help you do?
- Where and how do you apply SAST in CI/CD pipeline?
- What should you consider when choosing a SAST tool?
When: Thursday, Dec. 5 @ 1 p.m. Eastern / 10 a.m. Pacific
Who: Shi Chao, senior sales engineering manager, Synopsys
*** This is a Security Bloggers Network syndicated blog from Software Integrity Blog authored by Synopsys Editorial Team. Read the original post at: https://www.synopsys.com/blogs/software-security/webinars-dec-2-6/