Practical Static Analysis for Continuous Application Security

Practical Static Analysis for Continuous Application Security

OWASP Foundation via YouTube Direct link

Intro

1 of 37

1 of 37

Intro

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Practical Static Analysis for Continuous Application Security

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 Continuous Security
  3. 3 Practical Static Analysis
  4. 4 Why Static Analysis?
  5. 5 Tool Cycle
  6. 6 Enforce the Solution
  7. 7 Automate Enforcement
  8. 8 Continuous Integration
  9. 9 Code Review
  10. 10 Deployment Gate
  11. 11 Separate Process
  12. 12 Local Tests/Git Hook
  13. 13 1 - Identify a Problem
  14. 14 2 - Identify a Solution
  15. 15 Regular Expressions
  16. 16 Desired Flow
  17. 17 Bash
  18. 18 git diff --name-status
  19. 19 Multiple Rules
  20. 20 Create a Rule
  21. 21 Base Rule Class class Rule
  22. 22 Code to Run It
  23. 23 False Positives
  24. 24 False Negatives
  25. 25 Compilation vs. Static Analysis Input Program Text
  26. 26 S-Expressions
  27. 27 Ruby (RubyParser)
  28. 28 Python (Astroid) AstroidBuilder().string_build( get_survey(survey_id))
  29. 29 JavaScript (Esprima)
  30. 30 Bandit Custom Rule import bandit from bandit.core import test properties as test
  31. 31 Bandit Custom Warning
  32. 32 Brakeman Custom Check
  33. 33 Brakeman Custom Warning
  34. 34 Walking Esprima AST
  35. 35 Walking RubyParser AST
  36. 36 Summary
  37. 37 Thank you

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.