Desenvolvimento seguro no desenvolvimento de software. Aplicar segurança também na infraestrutura como código e outros artefatos das tecnologias que usamos.
computer software that is performed without actually executing programs, in contrast with dynamic analysis, which is analysis performed on programs while they are executing Wikipedia
Insufficient identity, credential, access and key management 5. Account hijacking 6. Man in the middle (MITM) 7 Insecure interfaces and APIs 8. Weak control plane 9. Limited cloud usage visibility 10. Abuse and nefarious use of cloud services Cloud Security Top threats 30
that scans workloads and configurations in development and protect workloads and configurations at runtime CSPM DevSecOps CWPP 35 2020 Market Guide for CWPP, Apr. 2020, by Neil MacDonald and Tom Croll