Application Security Tutorial Reviews

Showing reviews of the top ranking products in Application Security, containing the term Tutorial
Micro Focus Fortify on Demand: Tutorial
reviewer1345719 says in a Micro Focus Fortify on Demand review
Project Analyst at a financial services firm with 1,001-5,000 employees

It natively supports only a few languages. They can include support for more native languages. The response time from the support team can also be improved. 

They can maybe include video tutorials explaining the remediation process. The remediation process is sometimes not that clear. It would be helpful to have videos. Sometimes, the solution that the tool gives in the GUI is not straightforward to understand for the developer. At present, for any such issues, you have to create a ticket for the support team and request help from the support team.

View full review »
Kiuwan: Tutorial
Felix Esteban says in a Kiuwan review
Head of Development and Consulting at Logalty

The initial setup was very straightforward. It's a cloud solution so after you sign the contract you have the solution. You just need to create the users, do the tutorials, it's simple. There's no deployment because it's a cloud service, you might just need to download a local analyzer.  We have an external consultant who performed the dynamic analysis of our code. 

View full review »
Sonatype Nexus Lifecycle: Tutorial
ConfigManag73548 says in a Sonatype Nexus Lifecycle review
Configuration Manager at a health, wellness and fitness company with 5,001-10,000 employees

They have recently released some online training documentation, because we had to a lot of our own learning. If they had a more comprehensive online tutorial base, both for admin and developers, that would help. It would be good if they actually ran through some scenarios, regarding what happens if I do pick up a vulnerability. How do I fork out into the various decisions? If the vulnerability is not of a severe nature, can I just go ahead with it until it becomes severe? This is important because, obviously, business demands certain deliverables to be ready at a certain time. So, some online tutorials around the administration, around developers, on how to use the tool effectively, would be a good idea.

Where we have extended is that we're using third-party Docker containers. So, we're not just using third-party libraries, but we also have third-party-type Docker containers, or containers from Docker Hub, for example. Somebody else has built the Docker image and we're using the Docker image. Scanning of security and vulnerabilities on that image, specifically, would be useful. It would be good, as we're building an image, or as we're running an image, if we could decompile that image and scan it, to look for any vulnerabilities or any areas where there's been a violation of licensing. For example, we could download a WebLogic container, which could be an infringement of licensing. It's things like that which our developers need to be mindful of. They could simply download any container from Docker Hub, without being aware of the licensing violations or the security vulnerabilities.

View full review »
Snyk: Tutorial
Cameron Gagnon says in a Snyk review
Security Software Engineer at a tech company with 10,001+ employees

Because Snyk has so many integrations and so many things it can do, it's hard to really understand all of them and to get that information to each team that needs it. Since I was the one who originally set up Snyk, I have been in charge of evangelizing all the features of it, but that's almost a full-time job, and that's not my entire job. I haven't been able to get all of that information out quite as well as it could be. If there were more self-service, perhaps tutorials or overviews for new teams or developers, so that they could click through and see things themselves, that would help.

There is so much in there already that it's easy to get a little bit lost, but thankfully they also have great documentation on pretty much all of the features and plugins, to understand them. So it can be up to the person, depending on how much of a self-starter they are, to see an integration and then go poke around and figure out how to get things working.

View full review »