Code testing verifies that software is functioning properly, and it is a critical step in the development of secure code. In this video, learn about the two major types of code testing—static and dynamic testing. Also learn how these tests may be conducted in a manual or automated fashion, and the use of synthetic transactions.
- [Tutor] Code tests verify that software…is functioning properly and these tests are a critical step…in the development of secure code.…While code reviews play an important role…in software security,…reviews involve developers examining code…and inspecting it for defects.…Code tests go beyond code reviews…and use technology to assist in the code inspection process.…It's common for organizations to use both…code tests and code reviews on the same software…to gain different perspectives…on software quality and security.…
There are two main types of code testing,…static tests and dynamic tests.…In a static code test,…developers use specialized testing software…to examine the code for common defects.…The code doesn't actually get executed during a static test,…but it is examined for common errors…and those errors are reported as defects,…that require correction.…You can think of static code tests…as the automated version of a code review.…In a dynamic code test,…the testing software actually executes the code.…
It supplies input to the code…
- Risk management actions
- Ongoing risk management
- Risk management frameworks
- Scanning for threats and vulnerabilities
- Advanced vulnerability scanning
- Monitoring log files
- Code review and code tests
- Test coverage analysis
Skill Level Intermediate
Q: This course was updated on 05/18/2018. What changed?
A: New videos were added that cover identifying threats, understanding attacks, technology and process remediation, remediating vulnerabilities, and security monitoring. In addition, the following topics were updated: risk management and monitoring log files.
IT Security Foundations: Core Conceptswith Lisa Bock1h 13m Beginner
Insights from a Cybersecurity Professionalwith Mike Chapple32m 15s Intermediate
1. Risk Management
2. Threat Modeling
3. Threat Assessment
4. Remediating Vulnerabilites
5. Security Monitoring
6. Software Testing
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.