Ilya Vasilenko
Go back


Static, Dynamic, Software Composition, and Secret Scanning in GitHub

Static Application Security Testing (SAST)

SAST tools analyze source code to detect security vulnerabilities. They are typically used early in the development process.

Dynamic Application Security Testing (DAST)

DAST tools analyze applications in their running state to find vulnerabilities that might be exploited.

Software Composition Analysis (SCA)

SCA tools help in identifying open-source components in your software and any associated vulnerabilities.

Secret Scanning

Secret scanning tools detect secrets like passwords, tokens, and keys inadvertently committed to the codebase.

Integration with GitHub

If you're using GitHub, you might want to consider GitHub Advanced Security, which offers several of these features, including secret scanning and code scanning (which covers aspects of SAST). This can be a more integrated and streamlined approach, especially if your workflow is heavily centered around GitHub.

Additional Considerations

When choosing tools for static, dynamic, software composition, and secret scanning, consider the following factors:

Ilya Vasilenko