Article Per Year (5 Year)
p-Index From 2020 - 2025
0.23
P-Index
This Author published in this journals
All Journal Proceeding Applied Business and Engineering Conference
Muhammad Zhafran Rayhan
Unknown Affiliation
Religion Humanities Automotive Engineering Civil Engineering, Building, Construction & Architecture Computer Science & IT Control & Systems Engineering Decision Sciences, Operations Research & Management Economics, Econometrics & Finance Education Electrical & Electronics Engineering Energy Engineering Environmental Science Industrial & Manufacturing Engineering Languange, Linguistic, Communication & Media Law, Crime, Criminology & Criminal Justice Library & Information Science Materials Science & Nanotechnology Mathematics Mechanical Engineering Physics Social Sciences Transportation Other

Published : 1 Documents Claim Missing Document
Claim Missing Document
Check
Articles

Found 1 Documents
Search

 1 
IMPLEMENTASI DEVSECOPS DENGAN METODE STATIC APPLICATION SECURITY TESTING (SAST) MENGGUNAKAN SNYK PADA APLIKASI BERBASIS CONTAINER Muhammad Zhafran Rayhan; Muhammad Arif Fadhly Ridha
ABEC Indonesia Vol. 11 (2023): 11th Applied Business and Engineering Conference
Publisher : Politeknik Negeri Bengkalis

Show Abstract | Download Original | Original Source | Check in Google Scholar

Abstract

This research proposes the use of DevSecOps with the Static Application Security Testing (SAST) approach using the Snyk platform to enhance efficiency and security in the software development process. The SAST methodology enables testing of potential cybersecurity exploits during the system's building and maintenance phases. By employing Snyk, a security scanning platform that can integrate with Integrated Development Environments (IDEs) and support container or cloud-based applications, developers can automatically and comprehensively scan their code, Quantitative testing was conducted by scanning 10 websites of Politeknik Caltex Riau, revealing a total of 1089 vulnerabilities, with the majority falling into the "Low" category. These findings indicate that low-level vulnerabilities dominate the tested systems. Meanwhile, qualitative testing was performed through interviews with programmers as the respondents. During the interviews, programmers stated that the use of Snyk SAST in the development process allowed them to detect security gaps before releasing to the public. They also found Snyk's recommendations and suggestions valuable for making improvements. Keywords: DevSecOps, Static Application Security Testing (SAST), Snyk, IDE, security vulnerabilities, software development.
Co-Authors Muhammad Arif Fadhly Ridha