Software Integrity Blog

 

[Webinars] Developing track and trace apps, integrating SAST into DevSecOps

Learn about the security considerations for COVID-19 track and trace mobile apps and how to integrate static analysis into your DevSecOps pipeline.

Register for our webinar on track and trace mobile apps

Developing a COVID-19 Track and Trace App—Through the Lens of Synopsys

Adversaries continuously evolve their behaviours, and defenders must respond accordingly. Governments around the world are striving to supplement manual tracing efforts with track and trace mobile applications to help prevent further spread of COVID-19 and restore economic activity. In this short interactive session, Synopsys experts will discuss the topic as seen through their “security eyes” with some key takeaways:

  • How can you develop applications at speed and remain security aware?
  • What security measures are essential in building mobile applications?
  • Where is your data being recorded and used? Does this feel too much like Big Brother is watching your every move?
  • How can Synopsys support you through your own software development life cycle?

What: Developing a COVID-19 Track and Trace App—Through the Lens of Synopsys

When: Available on demand

Who: Ian Ashworth, Synopsys; Bhavin Shah, Synopsys

Watch now


Register for our webinar on SAST in DevSecOps

5 Steps to Integrate SAST Into the DevSecOps Pipeline

Even software with a solid architecture and design can harbor vulnerabilities, whether due to mistakes or shortcuts. But limited security staff don’t have the resources to perform code reviews and provide remediation guidance on the entire application portfolio. Static analysis, also known as static application security testing (SAST), is an automated way to find bugs, back doors, and other code-based vulnerabilities so the team can mitigate those risks.

First, though, you must choose a static analysis model that fits your needs. You might have questions such as these:

  • How do I manage false positives?
  • How do I triage the results?
  • What happens to new issues identified?
  • My scan takes hours to complete. How can I use this tool in my DevSecOps pipeline?
  • What is a “baseline scan”?

Join us as we walk you through the challenges and benefits of integrating a SAST tool into your DevSecOps pipeline and how we’ve helped other organizations with this process.

What: 5 Steps to Integrate SAST Into the DevSecOps Pipeline

When: Wednesday, Aug. 5 @ 9:30 a.m. CEST

Who: Meera Rao, Senior Principal Consultant, Synopsys

Register now

 

More by this author