Lai Jianxin is Xcalibyte’s Head of Research & Development for their static code analysis tool, Xcalscan. In this article, he talks about the key requirements for static application security testing.
Shift-left testing is done earlier in the SDLC in parallel to code development and makes the developer a responsible party for ensuring the code quality is high and defect-free. ‘Shift-right’, the traditional testing phase, does not go away as some bugs can only be found in runtime. They should both be used to complement each other.
The sudden public health incident of COVID-19 can be likened to the daily issues faced by businesses today. It is just like a software security incident caused by vulnerabilities and taken advantage of by computer viruses. What are the lessons that a CTO can learn from this?