Bytecode scanners assess the security of source code by examining the compiled byte code for vulnerabilities. In this video, learn about popular bytecode scanners.
- [Instructor] I've said it before … and I'm going to keep saying it: … When it comes to application security testing, … especially static code analysis, … automation is where it's at. … The only way you're going to achieve the coverage you need … to actually secure your source code … is by adding automated scanners to the mix, … but there are a lot, … and I mean a lot of code security scanners to pick from. … How do you know which scanner to use? … The best place to start … is with the programming language you'll be assessing. … Wait, did I say language? … Sorry, I meant languages. … During the documentation review … you should have uncovered the languages … that your development team or teams … are using under the covers. … This information is absolutely essential … when it comes to selecting the tools or tools you'll use … to perform this automated static code security testing. … Take these three tools, for example. … If you've ever tested Python apps for security flaws, … then you may have heard of Bandit. …
- Security frameworks
- OWASP Top Ten
- Building Security In Maturity Model (BSIMM)
- Planning your testing projects
- Creating security policies
- Source code reviews
- Application threat modeling
- Offline testing for OWASP Top Ten vulnerabilities
Skill Level Intermediate
DevSecOps: Automated Security Testingwith James Wickett1h 35m Intermediate
Security Testing Essential Trainingwith Jerod Brennen2h 48m Beginner
Security Testing: Nmap Security Scanningwith Mike Chapple1h 46m Intermediate
What you should know1m 17s
1. Leading Practices
2. Security Documentation
3. Source Code Security Reviews
4. Offline Testing for the OWASP Top Ten (2017)
Next steps3m 18s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.