Episode 90: Code Review and Static/Dynamic Testing

Certified: The CISSP Audio Course
22/06/2025 10 min Episodio 90
Episode 90: Code Review and Static/Dynamic Testing

Listen "Episode 90: Code Review and Static/Dynamic Testing"

Descargar episodio Ver en sitio original

Episode Synopsis


Code is a frequent source of vulnerabilities, and reviewing it is essential for secure software development. In this episode, we discuss secure code review techniques—both manual and tool-assisted. We explain how static application security testing (SAST) scans source code before runtime, while dynamic application security testing (DAST) analyzes behavior during execution. You’ll also learn about interactive testing, false positives, secure development lifecycles, and DevSecOps integration. CISSPs don’t have to write code, but they do need to understand how to validate its security and guide development practices.

More episodes of the podcast Certified: The CISSP Audio Course

Episode 1: What Is the CISSP and Why It Matters 22/06/2025
Episode 2: CISSP vs. Other Certifications: Which One’s Right for You? 22/06/2025
Episode 3: Career Impact of the CISSP: Roles, Salaries, Growth 22/06/2025
Episode 4: How to Study and Pass the CISSP Exam: Resources and Mindset 22/06/2025
Episode 5: The CIA Triad: Confidentiality, Integrity, Availability 22/06/2025
Episode 6: Security Governance Principles: Frameworks and Strategy 22/06/2025
Episode 7: Compliance Requirements: Legal, Regulatory, Contractual 22/06/2025
Episode 8: Organizational Roles and Responsibilities 22/06/2025
Episode 9: Professional Ethics and (ISC)² Code of Ethics 22/06/2025
Episode 10: Risk Management Concepts: Threats, Vulnerabilities, Risk 22/06/2025
© 2003-2026 ZARZA | AHEAD OF OUR TIME
privacy policy
In God we trust In God we trust
PreSales Questions? Click Here
or call our toll-free line at +1-888-5002068 Miami, Florida, USA