Static Code Scans (SAST)

Static security applications security testing (SAST) is used to analyze the programmcode (source code, binary code or byte code) in respect of possible security problems. By using SAST tools, we can identify security vulnerabilities such as:

  • Cross-site Scripting (XSS)
  • SQL Injection
  • LDAP Injection
  • Code Injection
  • Buffer Overflows
  • Race Conditions
  • Insecure APIs
  • Hardcoded¬†Passwords
  • Insecure API¬†Calls

The advantages of this approach is that it can be used very early in the development lifecycle, does not require technical expert skills like a pentest and that it can be automated very nicely (e.g. by integrating it into a build or QA infrastructure). Automated scans generally do not provide as much depth as a manual assessment (e.g. a security code analysis) and will not cover all vulnerability categories of such a manual approach too.

Instead we focuse on specific vulnerabilities and requirements, but due to the automation (including regression testing) that can be executed with every build or release, the use of a proper configured SAST tool can ensure a certain level of security and will, verify coding requirements and provides great feedback to the development as well.

We support you with every aspect of evaluating, selecting, configuring and using such a solution. We are completely vendor independend and help you fiding and integrating the best solution for you!