Better, Faster, More Secure Code By Combining SAST and SCA

Static application security testing (SAST) is critical for uncovering and eliminating issues in proprietary code. However, over 60% of the code in an average application today is composed of open source components. SAST isn’t designed to find open source vulnerabilities (CVEs) or identify open source licenses, that’s where software composition analysis (SCA) comes in. In this webcast, Paul Asadoorian and Matt Alderman will discuss the challenges of SAST and SCA as separate steps in the build process. An overview of some of the open source tools will also be discussed. Next, Utsav Sanghani, product manager at Synopsys, will explore the benefits of bringing SAST and SCA together as part of a software development strategy. He’ll also demonstrate how developers, by combining SAST and SCA analysis in the IDE, can address issues holistically as they code, saving time and increasing productivity so they can deliver secure, high-quality software faster. Link to slide deck: https://securityweekly.com/better-faster-more-secure-code-by-combining-sast-and-sca/ →Visit our website: https://www.securityweekly.com →Follow us on Twitter: https://www.twitter.com/secweekly →Join our Discord Server: https://securityweekly.com/discord →Like us on Facebook: https://www.facebook.com/secweekly #SecurityWeekly #SecureCode #SAST #SCA

Видео Better, Faster, More Secure Code By Combining SAST and SCA автора Эксперты по CSS