Static code analysis and dynamic application security tools are two different approaches to security testing, with each playing a crucial role in identifying and addressing vulnerabilities in software applications. Scott Moore talks to Ron Foster of Saltworks Security about this and more.
Static Code Analysis Insights
🕵 “It’s better if I have the source code already than to generate your code and see if there’s vulnerabilities in that.”
💡 Testing the application as deployed on a web server can uncover unexpected issues that may not be related to the app itself, highlighting the importance of comprehensive security testing.
âš– Management plays a key role in security testing by evaluating the business risk associated with identified vulnerabilities and deciding whether to allocate resources for their resolution.
Sponsors
🔥 Like and Subscribe 🔥
The Security Champions show is sponsored by:
💙 Saltworks Security ► https://saltworks.io/
Make sure to visit them and tell them “Thank You” for making this show possible.
Want to support the show? Buy Me A Coffee! https://bit.ly/3NadcPK
Connect with me 👋
TWITTER â–º https://bit.ly/3HmWF8d
LINKEDIN COMPANY â–º https://bit.ly/3kICS9g
LINKEDIN PROFILE â–º https://bit.ly/30Eshp7
🔗 Links:
- Scott Moore Consulting: https://scottmoore.consulting
- Perftour Website: https://theperformancetour.com
- SMC Journal: https://smcjournal.com
- DevOps Driving: https://devopsdriving.com
- Security Champions https://thesecuritychampions.com