SAST, DAST, SCA … is this really necessary?

Presented by

Julian Totzek-Hallhuber, Senior Principal Solution Architect

About this talk

In a word, yes. Would you consider yourself 100 percent healthy after one blood pressure check? No, you’d need to see more test results! Similarly, you can’t call your software secure after one static analysis test, or one pen test. Each testing type looks for different vulnerabilities, meaning multiple testing types are required for effective application security. And we now have some new data to back up that claim. Join this session to find out: • Our data on the fix rates of organizations that employ multiple testing types vs. those that use just one • Why you need multiple testing types • How and when the different testing types work together throughout the software lifecycle. Interested in learning more about the findings from this year's SOSS report? Tune into sessions from this year's Hot SOSS virtual summit:

Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (396)
Subscribers (30824)
Veracode delivers the most widely used cloud-based platform for securing web, mobile, legacy and third-party enterprise applications. By identifying critical application-layer threats before cyber-attackers can find and exploit them, Veracode helps enterprises deliver innovation to market faster — without sacrificing security.