Security Code Scanning
Having your code tested automatically for common security problem is a crucial aspect for ensuring secure applications – not only but especially for agile development and DevOps. A number of enterprise solutions and tool categories such as SAST, DAST and IAST are available, all with differnent features and suitability for specific (development) organizations.
We gained expierence with many years We are completely vendor independend and will always act in the best interest of our customers!
Here are some professional services that we can provide you in this area:
- Objective and vendor independent consulting
- Definition of requirements and shortlists
- Planing and execution of proof of concepts (PoCs)
- Configuration, rule & policy customization and integration (e.g. in CI/CD pipeline)
- Development of individual plugins and report templates
- Training and coaching of employees (developers, admins, testers)
- Execution of scans as well as review and assessment of findings