Using static code analysis (SAST) and software composition analysis (SCA) together makes your software development process better, faster, and stronger.
Posted in Application Security, Open Source Security, Software Composition Analysis (SCA), Static Analysis (SAST) | Comments Off on Coverity & Black Duck together. Better. Faster. Stronger.
GitHub Actions brings the platform into the CI/CD market, making it simple to integrate SAST and SCA into workflows with the Synopsys Detect GitHub Action.
Posted in Agile, CI/CD & DevOps, Software Composition Analysis (SCA), Static Analysis (SAST) | Comments Off on Synopsys adds GitHub Action for SAST and SCA
Learn how to add static application security testing (SAST) to your CI/CD workflows to constantly verify code changes and improve application integrity.
Posted in Agile, CI/CD & DevOps, Static Analysis (SAST), Webinars | Comments Off on [Webinar] Static Analysis Security Testing (SAST) in CI/CD: Why and How
Learn how to combine static application security testing (SAST) and software composition analysis (SCA) to strengthen your software security program.
Posted in Application Security, Software Composition Analysis (SCA), Static Analysis (SAST) | Comments Off on SAST vs. SCA: What’s the difference? Do I need both?
David Woodhouse at AWS, who maintains the open source OpenConnect VPN client, explains how he integrated Coverity Scan with GitLab CI.
Posted in Agile, CI/CD & DevOps, Static Analysis (SAST) | Comments Off on Integrating Coverity Scan with GitLab CI
MITRE’s 2019 CWE Top 25 list contains many code quality issues that can result in security vulnerabilities. Static analysis can help you mitigate them.
Posted in Software Compliance, Quality & Standards, Static Analysis (SAST) | Comments Off on Coverity release ties in well to the latest MITRE CWE Top 25
Web frameworks can introduce security issues into web applications. Mitigate this risk with a static analysis tool that understands the frameworks you use.
Posted in Static Analysis (SAST), Web Application Security | Comments Off on Why your SAST tool needs to understand your web framework
With so many application security tools, how do you choose the best ones for your environment? Learn how to assemble your application security toolkit.
Posted in Static Analysis (SAST), Web Application Security | Comments Off on Do you have the right tools in your application security toolkit?
Code quality and code security aren’t the same, but they’re closely related. And in the current cyberthreat environment, developers should care about both.
Posted in IoT Security, Static Analysis (SAST), Web Application Security | Comments Off on How are code quality and code security related?
The Code Sight IDE plugin uses the Coverity static analysis engine to find issues as developers code. Release 2019.4 supports more languages and IDEs.
Posted in Static Analysis (SAST) | Comments Off on Announcing Code Sight 2019.4
