SAST

Jenkins Sast integration to SonarQube

How to Integrate Jenkins SAST to SonarQube – DevSecOps.

SonarQube is an excellent application that will capture, analyze, and visualize the functional bugs and Security Vulnerabilities. We discussed how to perform static Analysis with Jenkins and before that, we discussed how to implement Security testing in IDE and capture the Vulnerabilities. For both the cases, SonarQube provides an excellent solution with Jenkins to capture […]

How to Integrate Jenkins SAST to SonarQube – DevSecOps. Read More »

Static Analysis SAST with Jenkins Pipeline

DevSecOps – Static Analysis SAST with Jenkins Pipeline.

As part of the DevSecOps implementation in the CICD pipeline, Scanning the Source code and performing Static Analysis SAST is important. SAST is basically Whitebox testing which will be performed on source code. This will help in finding very important vulnerabilities in the source code. Specifically, vulnerabilities defined by OWASP Top 10 should be mitigated.

DevSecOps – Static Analysis SAST with Jenkins Pipeline. Read More »