Learning Static Code Analysis
55mBeginner2023-12-05
Authors

Kalyna Reda
Course details
If you’re just getting started in your career or are interested in landing a new role in DevSecOps, you may want to consider boosting your skills in static code analysis. In this course, explore the tangible benefits of DevSecOps, particularly static code analysis, along with some of the common tools and techniques used frequently in Azure to perform it. Instructor Kalyna Reda provides hands-on, interactive demonstrations that show you how to scan open-source code, set up and scan a YAML pipeline, publish the results of a scan, and improve your code based on a scan’s findings. By the end of this course, you’ll be prepared to take your new skills to the next level with additional deployments and other cutting-edge DevSecOps tools.
Skills covered
Software Development SecurityDevOps FoundationsAmazon Web Services (AWS)AmazonDevOpsProjectCybersecurity
Concepts
0. Introduction
- 01 - Static code analysis overview
- 02 - What you should know
1. DevSecOps
- 03 - DevSecOps overview
- 04 - Benefits of DevSecOps
- 05 - Defining static code analysis
- 06 - How static code analysis differs from other scanning methods
2. Static Code Analysis
- 07 - Static code analysis on Azure DevOps
- 08 - Decisions to consider when choosing between tools
3. Demo - Scan Your Code
- 09 - Open-source code
- 10 - Introduction to YAML
- 11 - Set up your YAML pipeline
- 12 - Add scanning ability
- 13 - Publish the results
4. Demo - Improve Your Code Based on the Findings
- 14 - Review the results
- 15 - Take action to improve the environment
- 16 - Rerun and verify
Conclusion
- 17 - Next steps
Related courses
- Developing Secure Software (2015)
- Developing Secure Software
- Power BI Data Methods (2019)
- Building Data Apps with R and Shiny: Essential Training
- Automated Software Refactoring with OpenRewrite and Generative AI
- Building Serverless Apps on AWS
- Learning Responsive Web Design in the Browser
- Learning ASP.NET Core MVC