Skip to content
Navigation menu
Search
Powered by Algolia
Search
Log in
Create account
DEV Community
Close
#
sast
Follow
Hide
Posts
Left menu
👋
Sign in
for the ability to sort posts by
relevant
,
latest
, or
top
.
Right menu
Applying SAST Tools to Real Applications — A Hands-On Look at Bandit
Mauricio Choqueña Choque
Mauricio Choqueña Choque
Mauricio Choqueña Choque
Follow
Jul 5
Applying SAST Tools to Real Applications — A Hands-On Look at Bandit
#
security
#
python
#
sast
#
devsecops
Comments
Add Comment
4 min read
Why Your SAST Scanner Misses 86% of Real Vulnerabilities
mattybellx
mattybellx
mattybellx
Follow
Jul 2
Why Your SAST Scanner Misses 86% of Real Vulnerabilities
#
security
#
python
#
devops
#
sast
Comments
Add Comment
7 min read
Finding Security Bugs Before They Ship: Applying Bandit (SAST) to a Python Web App
DAYAN ELVIS JAHUIRA PILCO
DAYAN ELVIS JAHUIRA PILCO
DAYAN ELVIS JAHUIRA PILCO
Follow
Jul 4
Finding Security Bugs Before They Ship: Applying Bandit (SAST) to a Python Web App
#
security
#
python
#
devsecops
#
sast
40
 reactions
Comments
1
 comment
5 min read
Applying SAST to Any Application with CodeQL
Andre Carbajal
Andre Carbajal
Andre Carbajal
Follow
Jun 30
Applying SAST to Any Application with CodeQL
#
security
#
sast
#
github
#
codeql
Comments
Add Comment
3 min read
DAST false negatives vs SAST false positives: a real case
Stefan
Stefan
Stefan
Follow
Jun 29
DAST false negatives vs SAST false positives: a real case
#
security
#
appsec
#
sast
#
dast
1
 reaction
Comments
Add Comment
10 min read
SAST vs SCA: why your CI pipeline needs both
Rushabh Shah
Rushabh Shah
Rushabh Shah
Follow
Jun 29
SAST vs SCA: why your CI pipeline needs both
#
sast
#
security
#
devsecops
#
webdev
Comments
Add Comment
4 min read
CI/CD Seguro: Dependabot, SAST e DAST no GitHub
Lincoln Zocateli
Lincoln Zocateli
Lincoln Zocateli
Follow
Jun 18
CI/CD Seguro: Dependabot, SAST e DAST no GitHub
#
portuguese
#
cicd
#
dependabot
#
sast
Comments
Add Comment
10 min read
GitHub Advanced Security vs Kolega: why it is already in our repo is not the same as we are covered
Muhammad Hasan
Muhammad Hasan
Muhammad Hasan
Follow
Jun 12
GitHub Advanced Security vs Kolega: why it is already in our repo is not the same as we are covered
#
security
#
devops
#
sast
#
github
Comments
Add Comment
2 min read
Semgrep vs Kolega: a great floor, but a floor is not a finish line
Muhammad Hasan
Muhammad Hasan
Muhammad Hasan
Follow
Jun 11
Semgrep vs Kolega: a great floor, but a floor is not a finish line
#
security
#
devops
#
sast
#
opensource
Comments
Add Comment
2 min read
Aikido vs Kolega: the all-in-one platform is wide, but wide is not deep
Muhammad Hasan
Muhammad Hasan
Muhammad Hasan
Follow
Jun 10
Aikido vs Kolega: the all-in-one platform is wide, but wide is not deep
#
security
#
devops
#
aspm
#
sast
Comments
Add Comment
2 min read
Snyk vs Kolega: why pattern matching has a ceiling, and what sits above it
Muhammad Hasan
Muhammad Hasan
Muhammad Hasan
Follow
Jun 9
Snyk vs Kolega: why pattern matching has a ceiling, and what sits above it
#
security
#
devops
#
sast
#
programming
Comments
Add Comment
2 min read
We benchmarked 24 SAST tools on ~700 real vulnerabilities. The 3 best known ones came last
Muhammad Hasan
Muhammad Hasan
Muhammad Hasan
Follow
Jun 9
We benchmarked 24 SAST tools on ~700 real vulnerabilities. The 3 best known ones came last
#
security
#
sast
#
devops
#
devsecops
Comments
Add Comment
1 min read
SonarQube vs Kolega: why a code quality tool keeps getting sold as a security tool
Muhammad Hasan
Muhammad Hasan
Muhammad Hasan
Follow
Jun 8
SonarQube vs Kolega: why a code quality tool keeps getting sold as a security tool
#
security
#
devops
#
sast
#
codequality
Comments
Add Comment
2 min read
DevSecOps Automation: A Deep Dive into SAST
Eazybright😊😊
Eazybright😊😊
Eazybright😊😊
Follow
Jun 25
DevSecOps Automation: A Deep Dive into SAST
#
devsecops
#
sast
#
cicd
#
security
1
 reaction
Comments
Add Comment
4 min read
Static Analysis Without Sending Your Code to the Cloud: Building KCode
GaltRanch
GaltRanch
GaltRanch
Follow
May 21
Static Analysis Without Sending Your Code to the Cloud: Building KCode
#
security
#
ai
#
sast
#
opensource
1
 reaction
Comments
Add Comment
8 min read
👋
Sign in
for the ability to sort posts by
relevant
,
latest
, or
top
.
We're a place where coders share, stay up-to-date and grow their careers.
Log in
Create account