Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore the fundamentals of Static Application Security Testing (SAST) through this comprehensive 27-minute conference talk that introduces open-source security analysis with Semgrep. Begin by understanding what SAST is and how it differs from first and second-generation security testing tools, then dive into the technical mechanics of how SAST works in practice. Learn about Abstract Syntax Trees (AST) and see practical examples of how Python programs are converted into AST structures for analysis. Discover Semgrep, a powerful open-source SAST tool, and understand its underlying architecture and operational principles. Master the creation and implementation of custom Semgrep rules through detailed explanations and hands-on examples. Gain insights into integrating Semgrep seamlessly into your development workflow and CI/CD pipelines. Learn industry best practices for adopting Semgrep in your organization, including configuration strategies and team onboarding approaches. Watch a live demonstration showing Semgrep rules in action, analyzing real code for security vulnerabilities and code quality issues. Perfect for developers, security engineers, and DevSecOps professionals looking to implement automated security testing in their development processes.
