Introduction DevSecOps is a set of practices that aims to integrate security (Sec) into the DevOps process. DevOps is a software development approach that emphasizes collaboration and communication between development (Dev) and IT operations (Ops) teams to automate the process of software delivery and infrastructure changes. DevSecOps extends this approach by including security as an … Read moreWhat is DevSecOps? Why? How?
📍 Code lints are the pre-commit hooks in DevSecOps pipeline to automate checking the code for the following:📌 detect code errors that can lead to a security vulnerabilities📌 check for “bad code smells” flagging programming errors, bugs, style, and construct errors📌 suggest code quality improvements📌 identify unreachable codes📌 help dereferencing null pointers📌 help to measure quality … Read moreCybersecurity 101 – DevSecOps: Code Linting
🚀 What is SAST?🛡️ SAST is a white-box security testing technique which analyzes source code for security vulnerabilities and flaws.🛡️ It helps developers identify and fix vulnerabilities during the coding phase.🛡️ SAST can detect security vulnerabilities such as input validation, range errors, API abuse, code quality issues, and any vulnerabilities from the OWASP Top 10 … Read moreCybersecurity 101 – DevSecOps: Static Application Security Testing (SAST)