Please use this identifier to cite or link to this item:
http://hdl.handle.net/10609/147272
| Title: | Integration of automated code analysis tools |
| Author: | Morga Marchal, Víctor |
| Tutor: | Caparrós, Joan  |
| Others: | Isern-Deya, Andreu Pere |
| Abstract: | This paper aims to research and explain how to improve the security of software products with the use of automated code analysis tools and their integration in the software development lifecycle in an efficient way. The automated code analysis tools are categorized in four groups: SAST, DAST, IAST and SCA. This paper explains each of these groups, give examples of current products and show in which deployment tiers are integrated. Once the technology is explained, a real software development environment is set up, consisting of a source code repository, a continuous integration / continuous delivery server and the automated code analysis tools. Finally, we integrate all the components to show how can any company or developer take advantage of these tools, making their final product more secure. |
| Keywords: | automated code analysis |
| Document type: | info:eu-repo/semantics/masterThesis |
| Issue Date: | Jan-2023 |
| Publication license: | http://creativecommons.org/licenses/by-sa/3.0/es/  |
| Appears in Collections: | Treballs finals de carrera, treballs de recerca, etc. |
Files in This Item:
| File | Description | Size | Format | |
|---|---|---|---|---|
| vimorgaFMDP0123report.pdf | Report of TFM | 2,77 MB | Adobe PDF |  View/Open |
Share:
Google Scholar
Microsoft Academic
This item is licensed under aCreative Commons License
