Application Security

Question 1

Static code analyzers

Answer 1

is a tool that analyzes source code without running it to identify issues with coding practices, security, performance, and more

Question 2

Code signing

Answer 2

a security measure used to verify the authenticity and integrity of software code. It involves digitally signing executable files and scripts to confirm that the code has not been altered or corrupted since it was signed and that it comes from a legitimate source

Question 3

Sandboxing

Answer 3

a security mechanism used to isolate and execute applications in a controlled environment, known as a “sandbox.” This approach helps mitigate risks

Question 4

Application Security Monitoring (ASM)

Answer 4

is a proactive approach to identifying, assessing, and managing security vulnerabilities within applications throughout their lifecycle. It involves the continuous observation and analysis of applications to detect suspicious activities, vulnerabilities, and compliance issues