Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Everything-as-Code: Pushing the Boundaries of SAST

OWASP Foundation via YouTube

Overview

Explore the evolving landscape of Static Application Security Testing (SAST) in this 45-minute conference talk from OWASP Foundation. Delve into the challenges and opportunities presented by the "everything as code" era, examining how traditional SAST approaches must adapt to analyze infrastructure-as-code, smart contracts, and other emerging code paradigms. Learn about the limitations of current SAST techniques when applied to declarative languages like Bicep and blockchain-oriented languages like Solidity. Gain insights into new analysis algorithms, such as constant propagation, and understand how threat models differ across various coding domains. Discover the future directions of SAST solutions and acquire valuable knowledge to evaluate and implement more comprehensive application security testing strategies in an increasingly diverse coding ecosystem.

Syllabus

Everything-as-Code: Pushing the boundaries of SAST

Taught by

OWASP Foundation

Reviews

Start your review of Everything-as-Code: Pushing the Boundaries of SAST

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.