SAST for a Secure Future -- Today

If you wonder why so many companies maintain a static analysis team and quibble over vulnerabilities in application source code, this is the discussion for you.

We'll cover topics like:

• Why SAST?
• Is SAST the panacea some would lead us to believe?
• If the automated tools are so good, why do we need an AppSec team?
• How can SAST be incorporated into the build process?

We'll begin with experiences in running a SAST program, which will lead to a lively group discussion.