Scan source code for vulnerabilities using SAST (Static Application Security Testing) and SonarQube

About this webcast

Live on Wednesday October 14th, 2020 at 9:00 AM – 10:00 AM PST

Get a free IBM Cloud account to get started on your projects.

SonarQube is a leading automatic code review tool to detect bugs, vulnerabilities and code smells in your code. Using Static Application Security Testing (SAST) you can do an analysis of vulnerabilities in your code, also known as white-box testing to find about 50% of likely issues. In this webcast, you will use SonarQube on Docker to run an SAST scan against the NodeGoat app’s source code looking for application source code vulnerabilities.

Speakers Bio

Remko is a Cloud Native Developer Advocate and Software Engineer with a focus is on Cloud Native, Containers, Kubernetes, Security and DevOps. He is a Dutch NYer, dad, humanist, musician, literatus, runner – serpent in the shepherds mouth with an empathy for paradox.

About this series

Visit the IBM Developer Webcast Wednesdays show page for more tech talks and sign up for the Developer Webcast newsletter to get notifications for upcoming tech talks.