90DaysOfDevOps - Day 8 SAST/ Infrastructure
- Automation testing is a key.
- Most common tools are Sonarcloud and snyk.
- SAST tools identify vulnerabilities through finding bugs, enforcing code standards.
- Base on specific rules, patterns, flow of data.
- Getting started with Pulumi not so complicated.
- Pulumi AI is heplfull, but generates failing code.
- Writing IaaC in programming language is different as managing YAML files.
Source: 90DaysOfDevOps