The Art of Defensive Programming
With every commit, the threat landscape increases. One single vulnerability is all a hacker needs. Vulnerabilities have multiple sources, and you must have a plan for securing each potential risk vector and identify vulnerabilities early. In this session, we will describe defensive coding techniques you can use as a daily practice and how you can build a security champion program. We will practically cover ways of identifying security vulnerabilities in your IDE using CodeQL as a Static Code Analysis tool. This is an important step in the pre-commit stage to identify security vulnerabilities as early as possible before they get to production.