Code Audits

14 Jul 2021, 14:00
1h
Zoom

Zoom

Description

"Code audits - how to improve the quality of the code"

Software without bugs or vulnerabilities doesn't exist. If your
organization runs software development teams they would be aware of the importance of the secure software development lifecycles and relating subjects. This webinar will introduce some basic concepts as well as tools that help developers to identify bugs before the software goes into production.

What you will learn:

What are code audits?
Why code audits?
Planning
- How to deal with closed source software?
- How to deal with open source software?
Tools
- Code Scanner
- SonarQube
- White Source
- Coverity?
- OWASP Dependency Check
Fuzzing/Fuzzer
- Web apps:
- OWASP ZAP-Proxy
- Burp suite
- Microsoft One Fuzz https://github.com/microsoft/onefuzz
Static Application Security Testing (SAST) Tools
Dynamic Application Security Testing (DAST) Tools (Primarily for web apps)
Interactive Application Security Testing (IAST) Tools - (Primarily for web apps and web APIs)
Static Code Quality Tools

Duration: 1 hour

Presenter(s)/Facilitator(s): Stefan Kelm, DFN-CERT

Affiliation (WP/Task): WP8 Task 1

Authors (content is created by): Tobias Dussa, Klaus Möller, DFN-CERT

Presentation Materials

There are no materials yet.
Your browser is out of date!

Update your browser to view this website correctly. Update my browser now

×