Security
3 guides covering security tools
-
Static Analysis Beyond Linting: CodeQL, Semgrep, SonarQube, and Snyk Code
A practical guide to static analysis tools that find security vulnerabilities, logic bugs, and code quality issues that linters miss -- with setup, custom rules, and CI integration.
-
Container Security Scanning: Trivy, Grype, Snyk, and Docker Scout
A practical comparison of container vulnerability scanners covering Trivy, Grype, Snyk Container, and Docker Scout -- with CLI examples, CI integration, and honest trade-offs on speed, coverage, and false positives.
-
Developer Security Essentials: From OWASP to Supply Chain Safety
A hands-on guide to application security for developers -- OWASP Top 10, dependency scanning, secrets management, SAST/DAST tools, and building security into your development workflow.