Source Code Analysis
About This Course
Through this training, participants will understand how Source Code Analysis (SCA) helps in identifying which statement on which line of code is vulnerable and the added advantage of identifying the tainted variable that introduces the vulnerability. We shall look into how SCA solutions provide application developers with an end to end overview of each instance of vulnerability, allowing them to quickly understand the nature of the problem.
What is Source Code Analysis (SCA)?
Source code analysis (SCA) not only identifies which statement on which line of code is vulnerable, but is also able to identify the tainted variable that introduces the vulnerability. In this way it illustrates the propagation from root cause, to end result. This provides application developers with an end to end overview of each instance of vulnerability, allowing them to quickly understand the nature of the problem.
Who should attend this training?
- Software Designers
- Application Developers
- Security Team
- IT Managers
- Chief Information Officer (CIO)
- Senior Management
Why should you attend?
Source Code Analysis helps us to fix the issue at the source. Analysis of the web application source code for vulnerabilities and fixing them is the best solution to protecting your web application. Source Code Analysis solution helps us to:
- Scan the source code for all OWASP Top 10 vulnerabilities
- Report identifies exact function / line of code where the origin of the vulnerability exists helping fixing of code faster
- WAF plug-in helps protect web applications from the exploits while source code is being fixed
- Help to monitor website as normal user to check for malicious injection attacks and generate alerts to remove suspicious or malicious data
Knowledge of OWASP Top 10 vulnerabilities would help to understand the risk impact more deeply.
Table of Contents
Module 1: Introduction to Source Code Analysis
Module 2: What is SCA?
Module 3: Need for SCA security solution
Module 4: Various types of SCA security solutions
Module 5: Selection criteria for SCA security solution
Module 6: Implementation strategy for SCA
Module 7: Access Interface
- Accessing the Access Interface
- Getting to Know the Access Interface
Module 8: Creating and Managing Scans
- Creating Scans
- Viewing the Scans
- Working with Results
- Working with Profiles and Reports
Module 9: Scan List
- Viewing the List
- Scan Actions
Module 10: Scan Results
- Viewing the Results
- Results Actions
- Understanding Scan Results