Static Code Scans (SAST)
Static security applications security testing (SAST) is used to analyze the program code (source code, binary code, or byte code) in respect of possible security problems. By using SAST tools, we can identify security vulnerabilities such as:
- Cross-site Scripting (XSS)
- SQL Injection
- LDAP Injection
- Code Injection
- Buffer Overflows
- Race Conditions
- Insecure APIs
- Hardcoded Passwords
- Insecure API Calls
The advantages of this approach are that it can be used very early in the development lifecycle, does not require technical expert skills like a pentest, and that it can be automated very nicely (e.g. by integrating it into a build or QA infrastructure). Automated scans generally do not provide as much depth as a manual assessment (e.g. a security code analysis) and will not cover all vulnerability categories of such a manual approach too.
Instead, we focus on specific vulnerabilities and requirements, but due to the automation (including regression testing) that can be executed with every build or release, the use of a properly configured SAST tool can ensure a certain level of security and will, verify coding requirements and provides great feedback to the development as well.
We support you with every aspect of evaluating, selecting, configuring, and using such a solution. We are completely vendor-independent and help you find and integrate the best solution for you!