John Peyton, Enterprise Software Architect, HCL AppScan
As the "shift-left" paradigm extends through development organizations, addressing application security presents new constraints on time, usability, and accuracy - especially with regards to static application security testing, or SAST. These hurdles demand that SAST solutions adapt to an ever-evolving digital landscape; yet development organizations are often held back by the tools they use. In this talk, John Peyton, Enterprise Software Architect for HCL AppScan, explores how the underlying techniques of SAST solutions can be adapted to meet the needs of modern DevOps environments.
After the discussion you'll come away with a better understanding on:
· How to adapt SAST for DevSecOps and how to consider any performance and accuracy tradeoffs
· The variety of SAST techniques and how they work
·The challenges of automatically deciphering source code