Adding SAST to CI/CD, Without Losing Any Friends

This learning lab will discuss multiple options for adding static application security testing (SAST) to a CI/CD, in ways that won’t compromise speed or results, such as learning which results can be safely ignored, writing rules, company-specific checks, scanning PRs instead of commits, and splitting blocking scans versus deep audit scans. The lab will also cover ways to continuously find vulnerabilities.