CISSP - Software Testing and Code Review Explained
Watch on YouTube CISSP Domain 6 software testing: SAST static analysis, DAST dynamic testing, IAST interactive testing, fuzz testing, interface testing (API, UI, physical), and code review quality gates. Covers when to use each tool and what each one finds that the others miss. Part of the complete CISSP study playlist - watch the next video for the Domain 6 review.
▶ Watch next: CISSP - Domain 6 Security Assessment Review [6.7] https://www.youtube.com/watch?v=icMGg2dsWU4
Chapters
- 0:00 Software Testing -- Finding Vulnerabilities Before Attackers Do
- 2:42 SAST -- Static Analysis Without Running the Code
- 4:58 DAST -- Dynamic Analysis Against Running Applications
- 7:28 IAST -- The Inside View During Runtime
- 9:57 Fuzz Testing -- Random Inputs That Find Real Bugs
- 12:08 Interface Testing -- APIs, UI, and Physical Interfaces
- 14:23 Code Review and Quality Gates
- 16:59 Quiz Time
CISSP Domain 6 software testing: SAST static analysis, DAST dynamic testing, IAST interactive testing, fuzz testing, interface testing (API, UI, physical), and code review quality gates. Covers when to use each tool and what each one...
Key Topics
- Software Testing -- Finding Vulnerabilities Before Attackers Do
- SAST -- Static Analysis Without Running the Code
- DAST -- Dynamic Analysis Against Running Applications
- IAST -- The Inside View During Runtime
- Fuzz Testing -- Random Inputs That Find Real Bugs
- Interface Testing -- APIs, UI, and Physical Interfaces
- Code Review and Quality Gates