Do Your Pipelines Remember? They Must If You Want to Go Fast With Static Analysis

June 2, 2019

All static analysis tools produce false positives, and often require developer context to determine exploitability of a security risk. Automating a static scan is usually straightforward but building automation workflows around SAST findings require that your Pipelines become smarter over time.

Optimizing the data provided by SAST tools is an often overlooked aspect to integrating SAST tooling into the CI / CD pipeline but it is required to be successful.

Come learn from Jimmy Rabon, Senior Product Manager at Micro Focus, about best practices for DevSecOps / SAST integration and about how machine learning can help us predict the future, based on our past.

Previous Video
Container Security at the Speed of CI/CD
Container Security at the Speed of CI/CD

Next Video
Security vs Developers - How to Make DevSecOps Work Together
Security vs Developers - How to Make DevSecOps Work Together