Static code analysis and dynamic application security tools are two different approaches to security testing, with each playing a crucial role in identifying and addressing vulnerabilities in software applications. Scott Moore talks to Ron Foster of Saltworks Security about this and more.
Static Code Analysis Insights
π΅ “It’s better if I have the source code already than to generate your code and see if there’s vulnerabilities in that.”
π‘ Testing the application as deployed on a web server can uncover unexpected issues that may not be related to the app itself, highlighting the importance of comprehensive security testing.
β Management plays a key role in security testing by evaluating the business risk associated with identified vulnerabilities and deciding whether to allocate resources for their resolution.
Sponsors
π₯ Like and Subscribe π₯
The Security Champions show is sponsored by:
π Saltworks Security βΊ https://saltworks.io/
Make sure to visit them and tell them βThank Youβ for making this show possible.
Want to support the show? Buy Me A Coffee! https://bit.ly/3NadcPK
Connect with me π
TWITTER βΊ https://bit.ly/3HmWF8d
LINKEDIN COMPANY βΊ https://bit.ly/3kICS9g
LINKEDIN PROFILE βΊ https://bit.ly/30Eshp7
π Links:
- Scott Moore Consulting: https://scottmoore.consulting
- Perftour Website: https://theperformancetour.com
- SMC Journal: https://smcjournal.com
- DevOps Driving: https://devopsdriving.com
- Security Champions https://thesecuritychampions.com