Online Courses
Security in the Pipeline
Online Courses
Security in the Pipeline
  • Introduction
  • Dependency Management
    • Introduction
    • What are dependencies?
    • Internal vs External
    • Securing External Dependencies
    • Securing Internal Dependencies
    • Theory of a Dependency Confusion
    • Conclusion
  • SAST
    • Introduction
    • Code Review
      • Automated Code Review
    • SAST in the Development Cycle
    • Conclusion
  • DAST
    • Introduction
    • Dynamic Application Security Testing (DAST)
    • Spiders and Crawlers
    • Scanning for Vulnerabilities
    • Authenticated Scans
    • Checking APIs with ZAP
    • Integrating DAST into the development pipeline
    • Conclusion
Powered by GitBook
On this page
  1. SAST

Conclusion

SAST is one of the many techniques we can use to improve the security of our applications while they are still being developed. We have shown how to use Psalm, one of the many available SAST tools and how much time it saves us compared to manual reviews. As with any other automated tool, it is essential to validate the results manually, as false positives may be reported.

PreviousSAST in the Development CycleNextIntroduction

Last updated 8 months ago