About

This video is still being processed. Please check back later and refresh the page.

Uh oh! Something went wrong, please try again.

SAST

Write and commit trusted code in your native environment with a seamless developer-focused experience.

Cancel Apply

rate limit

Code not recognized.

About this course

Course Level: Intermediate
Requirements: A foundational understanding of software development practices and basic familiarity with CI/CD pipelines.
Prerequisites: None. Experience with static analysis or application security tools is helpful but not required.
Course Description: Most vulnerabilities don't enter your codebase through sophisticated attacks — they're written in by developers who had no way of knowing. This course covers how JFrog SAST detects security weaknesses at the point of code creation, before they can travel downstream into shared repositories, builds, or production.
Topics Covered:
  • Developer-Centric Security: Why shifting security to the commit stage reduces remediation cost and eliminates the gap between writing code and securing it.
  • SAST Integration in the IDE: Configuring JFrog SAST to surface findings directly in your local development environment without disrupting your workflow.
  • CI/CD Pipeline Integration: Embedding automated source code scanning into your DevOps pipeline so every commit is checked before it progresses.
  • Zero-Day Vulnerability Detection: How JFrog SAST identifies hard-to-find vulnerabilities — including logic flaws and injection risks — that traditional scanners miss.
  • Triage and Remediation: Understanding scan results, prioritising findings by severity, and committing trusted, clean code with confidence.

Curriculum0 hr 17 min

  • Contextual Analysis
  • Introduction to SAST 0 hr 2 min
  • Developing with JFrog SAST 0 hr 15 min
  • Share Your Feedback
  • Installation & Configuration
  • Installing JFrog Advanced Security on a self-hosted environment
  • Configuring your repositories for advanced scanning
  • Installing the JFrog IDE plugin
  • Installing Frogbot

About this course

Course Level: Intermediate
Requirements: A foundational understanding of software development practices and basic familiarity with CI/CD pipelines.
Prerequisites: None. Experience with static analysis or application security tools is helpful but not required.
Course Description: Most vulnerabilities don't enter your codebase through sophisticated attacks — they're written in by developers who had no way of knowing. This course covers how JFrog SAST detects security weaknesses at the point of code creation, before they can travel downstream into shared repositories, builds, or production.
Topics Covered:
  • Developer-Centric Security: Why shifting security to the commit stage reduces remediation cost and eliminates the gap between writing code and securing it.
  • SAST Integration in the IDE: Configuring JFrog SAST to surface findings directly in your local development environment without disrupting your workflow.
  • CI/CD Pipeline Integration: Embedding automated source code scanning into your DevOps pipeline so every commit is checked before it progresses.
  • Zero-Day Vulnerability Detection: How JFrog SAST identifies hard-to-find vulnerabilities — including logic flaws and injection risks — that traditional scanners miss.
  • Triage and Remediation: Understanding scan results, prioritising findings by severity, and committing trusted, clean code with confidence.

Curriculum0 hr 17 min

  • Contextual Analysis
  • Introduction to SAST 0 hr 2 min
  • Developing with JFrog SAST 0 hr 15 min
  • Share Your Feedback
  • Installation & Configuration
  • Installing JFrog Advanced Security on a self-hosted environment
  • Configuring your repositories for advanced scanning
  • Installing the JFrog IDE plugin
  • Installing Frogbot
Click here to read the terms of service | Featured | JFrog.com | Cookies Settings