DevOps Classroomnotes 13/Apr/2022

OWASP Guidelines to be Followed

Automated Security Tests

  • If you are interested in learning about continuous security and do not have an application to test, the OWASP Benchmark Refer Here is the fully runnable open source web application
  • SAST Tools: Refer Here

Lets Use Some SAST Tools

  • Bandit:
    • Clone the code into local system and run the bandit scan
  • FindSecurityBugs: Refer Here renamed as spotbugs
  • The popular SAST PAID Version tools are
    • Coverity from synopys
    • Fortify from MicroFocus

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

About continuous learner

devops & cloud enthusiastic learner