Security-driven Software Development Pdf __exclusive__ Page
| Tool Category | Function | Example Tools | | :--- | :--- | :--- | | | Check for secrets/keys before code is committed. | Git-secrets, TruffleHog | | SAST | Identifies coding errors in the build phase. | SonarQube, Checkmarx, Semgrep | | SCA | Scans 3rd party libraries for vulnerabilities. | Snyk, OWASP Dependency-Check | | DAST | Penetration testing in staging/production. | OWASP ZAP, Burp Suite | | IAST | Interactive testing via agents in the runtime. | Contrast Security, Hdiv Security |
: Utilizing Dynamic Application Security Testing (DAST) tools like OWASP ZAP and Burp Suite to test running applications. security-driven software development pdf
Recent research highlights the transformative role of AI and Machine Learning in automating security: Security-Driven Software Practices | PDF - Scribd | Tool Category | Function | Example Tools
: Adherence to secure coding standards and use of Static Application Security Testing (SAST) tools like SonarQube or Checkmarx to find vulnerabilities in source code. | Snyk, OWASP Dependency-Check | | DAST |