Static analysis security testing (SAST)

Static code analysis (also known as source code analysis) is usually performed on the source code from the repo as part of the CI/CD pipeline during the software development. It finds many different security vulnerabilities, and is usually called white box security testing, since it looks at the internals of the code to detect security vulnerabilities. These tools can also monitor code smells, code coverage, and other parameters. An example of a good tool is SonarQube. Have a look at this sample SonarQube report:

The SonarQube dashboard, detailing the code quality and vulnerabilities

The following ...

Get Industrial Internet Application Development now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.