Harley Davidson Karel
Security / EN
Find Vulnerability on Your Python Code
Find vulnerability on development stage should be implemented to find vulnerability on earlier stage (development stage) on Software Development Life Cycle (SDLC). Most of vulnerability found on final stage of SDLC through penetration testing. Security issues were accidentally created on design and development stage, meanwhile developer couldn't identify the vulnerability because they should wait until application passing through penetration testing, which mean on final stage. If vulnerability figured out by developer earlier, they can realize and fixed the vulnerability without waiting till penetration testing.
Static Application Security Tools (SAST) can be used to find vulnerability on development stage. SAST is a set of technologies designed to analyze application source code, byte code and binaries for coding and design conditions that are indicative of security vulnerabilities"(gartner.com).
This topic will cover how to find vulnerability using free/open source SAST. It will cover SAST which has capability to scan python. SAST usage will demonstrate with several scenario, CLI usage and Jenkins integration. Jenkins is open source CI/CD tools commonly used for supporting Devops.