Security wins by starting out with Static Code Analysis for JavaScript projects
Writing quality code is something all of us developers strive for, but it's not an easy task. Secure coding conventions have long been an aspiring goal for many developers, as they scour the web for best practices, and guidelines from OWASP and other resources.
Some developers may have even tried using static code analysis to find security issues, like the use of linters (ESLint), only to find out that they are brittle and report on many false positives.
In this session, we want to show you a new kind of static code analysis for code security that helps you while you code. It's free, and you can get started right away with an IDE extension. It's called Snyk Code.
Snyk Code provides a static application security testing (SAST) solution that scans your proprietary source code. Snyk Code addresses the most prominent issues of traditional SAST solutions by being developer-friendly, fast, and accurate. By “developer-friendly”, we mean that Snyk Code fits directly into your favorite tools and processes. Using the Snyk Code IDE extension for Visual Studio Code or the plugin for IntelliJ, WebStorm or PyCharm, you can see potential security vulnerabilities in your code as you write it.