Josh Grossman -- Building a High-Value AppSec Scanning Program
The Application Security Podcast
00:00
Getting a Kick Out of a Stuck With Tools?
i wouldn't buy an s c a tool to day that didn't have reach ability analysis. Because, you know, if i'm not vulnerable, why would i want to extend my resources and have people wasting development cycles trying to fix something? I don't need to fix the problems that i don't have. Ye, noi i've definitely seen that sort of thing as wat. The sort of ananisis is being done, can suddenly become very resones inten and very memory intent. Ako wouldst injest the whole container, will scan it. But once you start injesting a few containers into this tool, e herethe the tool gets quite unhappy quite fast
Transcript
Play full episode
