The Benefits of SAST and SCA in Your IDE – Utsav Sanghani – ASW #101

Static application security testing (SAST) is critical for uncovering and eliminating issues in proprietary code. However, over 60% of the code in an average application today is composed of open source components. SAST isn’t designed to find open source vulnerabilities (CVEs) or identify open source licenses. And manually maintaining a repository of approved open source components for developers is inefficient and time-consuming. That’s where software composition analysis (SCA) comes in. Introducing a new functionality within the Code Sight IDE plugin that combines SAST and SCA in one place to enable secure development.

Visit https://www.securityweekly.com/asw for all the latest episodes!

Full Episode Show Notes

To learn more about our sponsors visit: The Security Weekly Sponsor’s Page

The Benefits of SAST and SCA in Your IDE – Utsav Sanghani

Hosts

John Kinsella
John Kinsella – Vice President of Container Security
Matt Alderman
Matt Alderman – CEO
Mike Shema
Mike Shema – Product Security Lead

Guests

Utsav Sanghani
Utsav Sanghani – Senior Product Manager