DevOps Intelligence Monthly #1

In this issue:

• Everything you need to know about Application Security Testing.
• It's our Open Source month! Learning resources and webinars.
• Keep scrolling to see shared tips from our developer Community and more interesting reads of the month.

?? Developer Feed

What is SAST - Static Application Security Testing?

Security threats and data breaches have become more common and may have huge financial and business implications for your organization. As such, you must be able to detect vulnerabilities in your applications fast. In this article, we focus on?Static Application Security Testing (SAST). Keep reading to know what SAST is, why it is important, and its pros and cons.

What is DAST - Dynamic Application Security Testing?

On the other hand, DAST is incredibly useful since it can detect security vulnerabilities?that SAST cannot. DAST (Dynamic Application Security Testing): learn about what is it, why it is important, and its pros and cons.

How to implement Static Application Security Testing (SAST)?

Here are 6 steps to successfully implement SAST in your organization. They’ll help you optimize effectiveness and maximize SAST benefits.

SAST and DAST: what's the difference?

SAST and DAST: they are both application security testing methods, but what’s the difference and which one should you use? Learn more!

?? Join us Live

[Live Talk] Maintaining Code Quality in Open Source

Join Codacy CEO Jaime Jorge and engineering leader Niels Lohmann, founder of “JSON for modern C++”, in an open conversation about managing an Open Source project while keeping code quality a priority. Especially when this project grows to be the 15th most popular C++ open source project on GitHub! Save your (free) spot for August 17th.

[Webinar Replay] This is how we accelerate with Quality Engineering

Watch a real-world example of how La Redoute changed its software pipeline through Quality Engineering and Accelerate metrics. Short on time? Read the highlights in this blog.

?? Kicking off Open Source Month

During the month of August, leading up to our open source live talk, we will be focusing on sharing valuable open source tips on our blog. Follow us and stay tuned for the next blogs.

Best practices to manage an open source project

Learn how you can better manage your open source project and make sure developers have a great experience when contributing to it

?? What's on our reading list?

[Ebook] ?? Code reviews: the essential guide

This ebook explains what code reviews are and how to optimize them. We even give you checklists to help you become the best code reviewer you can be!

[Watch] How to Misuse DORA DevOps Metrics with Bryan Finster

Have you been using DORA metrics but feel that your development is not going as fast as expected? Learn that these metrics are part of a more complex process, and although they are extremely important, they are only the tip of the iceberg.

10x developers really exist

"Since the original 1968 article?"Exploratory experimental studies comparing online and offline programming performance",?there has been a lot of debate around the figure of the 10x developer. We're talking about engineers who are an order of magnitude better than their peers by whatever measure. These engineers exist, but not in the way most people describe them."

Three Tips for Managing Technical Debt: While Maintaining Developer Velocity (and Sanity) | by Adi Belan

Technical debt happens because developers favor a “quick and dirty” over a more polished and clean solution to reduce the overall implementation time. But there are ways to manage tech debt, and Adi Belan from AppsFlyer shared three tips on how to do it.

?? Best tips from the Codacy Community

Do you know some of the laws of programming?

Nice npm packages for web devs

?? Your Codacy experience

Improving Coverage, Pylint update, Generate Checkstyle config files & more.

Are you using Codacy? ?? Here’s your product update for July 2022.