filmov
tv
GitLab Advanced SAST: Accelerating Vulnerability Resolution
Показать описание
GitLab Advanced SAST is a Static Application Security Testing (SAST) analyzer designed to discover vulnerabilities by performing cross-function and cross-file taint analysis.
By following the paths user inputs take, the analyzer identifies potential points where untrusted data can influence the execution of your application in unsafe ways, ensuring that injection vulnerabilities, such as SQL injection and cross-site scripting (XSS), are detected even when they span multiple functions and files.
OUTLINE
00:00 - Introduction
00:32 - Advanced SAST Overview
01:06 - Supported Languages
01:18 - Enabling Advanced SAST
01:42 - Vulnerabilities Detected in a Merge Request
02:15 - Vulnerability Report Population
03:10 - Examining the Code Flow
04:30 - Using AI to Explain Code
04:46 - Conclusion
USEFUL LINKS
Thanks for watching! Be sure to subscribe and follow @awkwardferny and @gitlab on twitter for similar content.
By following the paths user inputs take, the analyzer identifies potential points where untrusted data can influence the execution of your application in unsafe ways, ensuring that injection vulnerabilities, such as SQL injection and cross-site scripting (XSS), are detected even when they span multiple functions and files.
OUTLINE
00:00 - Introduction
00:32 - Advanced SAST Overview
01:06 - Supported Languages
01:18 - Enabling Advanced SAST
01:42 - Vulnerabilities Detected in a Merge Request
02:15 - Vulnerability Report Population
03:10 - Examining the Code Flow
04:30 - Using AI to Explain Code
04:46 - Conclusion
USEFUL LINKS
Thanks for watching! Be sure to subscribe and follow @awkwardferny and @gitlab on twitter for similar content.
0:05:07
GitLab Advanced SAST: Accelerating Vulnerability Resolution
0:39:34
GitLab Advanced SAST + Duo Vulnerability Explanation Walkthrough
0:00:57
DAST On Demand - Advanced Security Testing (HD)
0:04:23
GitLab 14.4 Release: New Security Features
0:15:10
Webinar - Secure - Implementing Security Scans and Dashboards
0:04:29
Accelerate AppSec Efficiency with the GitLab Security Dashboard (DevSecOps)
0:31:56
Walk through of GitLab's APEX Static Application Security Testing (SAST) for Salesforce Develop...
0:01:03
Security Dashboard - Advanced Security Testing (v2) (HD)
0:25:06
Commit Virtual 2021: Prevent Vulnerabilities Using Secure Guardrails With Semgrep
0:57:18
GitLab Ultimate Demo - 5/4/21
0:50:17
A tour of GitLab Security capabilities
0:58:55
GitLab - DevSecOps and Compliance EMEA Webinar
1:02:27
Dependency Scanning Live Demo
0:32:15
Security Dashboard - Sales Enablement 2018-11-15
0:20:40
Managing Security & Compliance with GitLab - DevSecOps SKILup Day, 17th Sept 2020
0:07:32
🔴 LIVE DEMO | How to Automate Vulnerability Scans? | #DevSecOps LIVE
0:04:21
A DevSecOps Controversy? Failing the Build with Jenkins in SAST
0:15:39
Managing security and compliance with GitLab
0:18:06
Secure Stage Strategy Review - November 2023
0:29:06
Security 101 Sales Enablement
0:03:26
GitHub Secret-Scanning Could Create False Sense of Security
0:26:08
Commit Virtual 2020: GitLab Product Keynote
0:23:20
Next Generation DAST
0:05:11
How to Build a DevSecOps Pipeline in Jenkins - Part 2 of 2
Комментарии