Effective SAST: Secure Code Analysis in the CI/CD
Offered By: DevConf via YouTube
Course Description
Overview
Explore an in-depth look at using semgrep, an open-source tool for static code analysis, to enhance application security in this DevConf.CZ 2023 conference talk. Learn how to run semgrep on your codebase, interpret results, and create custom rules to tailor the tool to specific needs while reducing false positives. Discover techniques for integrating semgrep into CI/CD pipelines, automating the process of running static code analysis and catching security vulnerabilities early in development. Gain valuable insights on improving application security through effective Static Application Security Testing (SAST), suitable for developers of all experience levels.
Syllabus
Effective SAST: Secure Code Analysis in the CI/CD - DevConf.CZ 2023
Taught by
DevConf
Related Courses
Raining CVEs on WordPress Plugins with Semgrepnullcon via YouTube Writing a Language Server in OCaml for Emacs - Fun and Profit
EmacsConf and Emacs hangouts via YouTube Detecting Malicious Dependencies at Scale with Static Analysis
OWASP Foundation via YouTube No Size Fits All: Empowering Engineers with Custom Application Security Tests
NDC Conferences via YouTube Introduzione a SAST e Mobile Security Testing
DevSecCon via YouTube