Application Security Flashcards
Static code analyzers
is a tool that analyzes source code without running it to identify issues with coding practices, security, performance, and more
Code signing
a security measure used to verify the authenticity and integrity of software code. It involves digitally signing executable files and scripts to confirm that the code has not been altered or corrupted since it was signed and that it comes from a legitimate source
Sandboxing
a security mechanism used to isolate and execute applications in a controlled environment, known as a “sandbox.” This approach helps mitigate risks
Application Security Monitoring (ASM)
is a proactive approach to identifying, assessing, and managing security vulnerabilities within applications throughout their lifecycle. It involves the continuous observation and analysis of applications to detect suspicious activities, vulnerabilities, and compliance issues