DEV Community

mortylen
mortylen

Posted on

Ask: Static Code Analysis Tools.

Hello, developers.
How do you verify the security of your source codes? Do your customers require you to check the code? I don't have much experience with code checking, I found tools like Snyk, Varcode, OpenText Fortify...

What security tools do you use for code analysis for web application development in Visual Studio, especially for ASP.NET Core Web App? Which ones have you tried, which ones are you most comfortable with?

I would be grateful for your comments.

Top comments (2)

Collapse
 
flxg profile image
Felix Garriau

Hi Mortylen! I'd recommend anyone to have a look at James Berthoty's listings for the best tools: list.latio.tech/#best-SAST-tools He's a security expert and knows all the cool tools - my source of reference for great analysis.
SAST is just one of the things typically required to secure your code.
SAST, DAST, SCA are like the typical starters & the security industry is moving towards single platforms that encompass everything.
We've built aikido.dev ourselves to bring all types of scanners together.

Collapse
 
mortylen profile image
mortylen

Thank you for the reply and for great tips.
I am looking for all information that will help me to improve the quality and security of our software development.