Learn how to add static application security testing (SAST) to your CI/CD workflows to constantly verify code changes and improve application integrity.
Learn how to combine static application security testing (SAST) and software composition analysis (SCA) to strengthen your software security program.
David Woodhouse at AWS, who maintains the open source OpenConnect VPN client, explains how he integrated Coverity Scan with GitLab CI.
MITRE’s 2019 CWE Top 25 list contains many code quality issues that can result in security vulnerabilities. Static analysis can help you mitigate them.
Web frameworks can introduce security issues into web applications. Mitigate this risk with a static analysis tool that understands the frameworks you use.
With so many application security tools, how do you choose the best ones for your environment? Learn how to assemble your application security toolkit.
Code quality and code security aren’t the same, but they’re closely related. And in the current cyberthreat environment, developers should care about both.
The Code Sight IDE plugin uses the Coverity static analysis engine to find issues as developers code. Release 2019.4 supports more languages and IDEs.
Posted in Static Analysis (SAST) | Comments Off on Announcing Code Sight 2019.4
Static application security testing helps you find and fix vulnerabilities earlier in the development life cycle, resulting in more secure software.
Posted in Static Analysis (SAST) | Comments Off on How to win the application security arms race
Improve your web application security management by finding and fixing security vulnerabilities earlier and achieving compliance with industry standards.
Posted in Static Analysis (SAST) | Comments Off on How to manage web application security with Coverity