Automating Security With Static Analysis - Josh Goldberg - ASW #233

Static analysis is the art of scrutinizing your code without building or running it. Common static analysis tools are formatters (which change whitespace and other trivia), linters (which detect likely best practice and style issues), and type checkers (which detect likely bugs). Each of these can aid in improving application security by detecting real issues at development-time. Segment Resources: - https://typescript-eslint.io - https://eslint.org - https://blog.joshuakgoldberg.com Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw233 00:00 - Application Security Weekly 02:12 - Cyber Security Summit 05:24 - Unusual Questions 14:15 - What are the advantages of switching to something like typescript? 19:05 - What are some ways to get people up-to speed very quickly? 27:41 - How to work together? 28:14 - What would you want from an appsec team?

Видео Automating Security With Static Analysis - Josh Goldberg - ASW #233 автора Физические законы