From the course: Static Application Security Testing
Unlock the full course today
Join today to access over 24,700 courses taught by industry experts.
Third-party agreements - SonarQube Tutorial
From the course: Static Application Security Testing
Third-party agreements
- [Instructor] Let's face it, cloud computing is the new normal. When companies can solve a business problem with a software-as-a-service solution for a fraction of what it would cost to develop that same application in-house, the less expensive option is going to win out more often than not. So, how does this impact our static application security testing activities? Well, you may have the authority to test the security of internal applications. It's unlikely that you'll be authorized to perform that same level of hands-on testing of third party applications. That means that you're going to extend more than just your technology beyond the traditional perimeter. You'll also extend your trust. But that doesn't mean that you have to trust third parties blindly. It's okay to trust but verify. Let me share a quick story from my own personal experience. I performed a penetration test for a very large organization,…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.