Tag Archives: Secure SDLC

Automatic Testing for Security Headers

Today, performing unit tests has become a standard in many development teams for automatically performing various tests on code (e.g. as a compulsory part of the build process). Especially in agile development, the existence, completeness and quality of such tests … Continue reading

Posted in Java, Security Test Automation | Tagged , , , , | Leave a comment

Code Scanning Models: Factory vs. Self Service

A few months ago, Gary McGraw wrote an interesting article on SAST deployments in the field. In it, he basically differentiates two service┬ámodels: Code Scanning Factory (actually he called it “centralized code review scanning factory for code review”) Self Service … Continue reading

Posted in SAST | Tagged , , , , , | Leave a comment

10 Reasons why we need Application Security Testing Tools

Despite the fact that there are quite a few reservations concerning the use of application security scanning technologies (e.g. false positives, false negatives, usability and of course the price), there are also a couple of good reasons for using such … Continue reading

Posted in SAST | Tagged , , , , , | Leave a comment