From the course: Static Application Security Testing
Join today to access over 24,400 courses taught by industry experts.
Demo: SonarQube - SonarQube Tutorial
From the course: Static Application Security Testing
Demo: SonarQube
- [Instructor] SonarQube is another code quality tool that includes security testing and analysis. It supports over 30 different programming languages as well as multiple build systems and continuous integration systems. You can learn more about SonarQube at sonarqube.com. SonarQube takes a governance based approach to managing your application security portfolio with a focus that goes above and beyond traditional security. SonarQube also scores applications on things like releasability, reliability, and maintainability. SonarQube maintains four distinct additions of their solution. The Community Edition is free. While the commercial editions Developer, Enterprise and Data Center are all scoped and priced based on your language support and high availability requirements. The Community Edition price tag of free is a lot more palatable than the hefty price tag tied to the Data Center edition. So I recommend you start with…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
Challenges of assessing source code6m 2s
-
(Locked)
OWASP Code Review Guide6m 40s
-
(Locked)
Static code analysis4m 39s
-
(Locked)
Code review models6m 40s
-
(Locked)
Application threat modeling: STRIDE8m 29s
-
(Locked)
Application threat modeling: DREAD5m 12s
-
(Locked)
Code review metrics5m 59s
-
(Locked)
Demo: Codacy7m 53s
-
(Locked)
Demo: SonarQube7m 10s
-
-
-