Aikido
Start for Free
No CC required
Hub
/
Chapter 2

Chapter 2: DevSecOps Tools Categories

There are a LOT of software security tools out there. And they all claim to secure your code, your app, your cloud, or your runtime—sometimes all at once. 

This chapter breaks down the most important DevSecOps tools one by one: what they are, what they protect you from, where they fit in the pipeline, and how to choose the right one. 

Think of this as your dev-friendly cheat sheet to the entire security toolbox.

Let’s dive in.

Table of contents:
Malware Detection
Container Security
Dependency Scanners
Open Source License Scanners
Cloud Security
Web Application Firewalls (WAF)
Infrastructure as Code (IaC) Scanners
CI/CD Security
API Security
Software Bill of Materials (SBOM)
Secrets Detection
Dynamic Application Security Testing (DAST)
Software Composition Analysis (SCA)
Static Application Security Testing (SAST) - Static Code Analysis
Share:

Related links

Chapter 1: Starting with Software Security Tools

Software Security (DevSecOps) for Beginners
Application Security (ASPM)
Cloud Security Posture Management (CSPM)
Other Definitions and Categories
How all Security Tools Fit in the SDLC and DevSecOps Pipelines

Chapter 2: DevSecOps Tools Categories

Static Application Security Testing (SAST) - Static Code Analysis
Software Composition Analysis (SCA)
Dynamic Application Security Testing (DAST)
Secrets Detection
Software Bill of Materials (SBOM)
API Security
CI/CD Security
Infrastructure as Code (IaC) Scanners
Web Application Firewalls (WAF)
Cloud Security
Open Source License Scanners
Dependency Scanners
Container Security
Malware Detection

Chapter 3: Implementing software security tools the right way

How to choose the right tool for your organization
How to Introduce Security Tools Without Slowing Down Development
How to Implement Security Tools the Right Way
The End