C++ Static Analysis with Abbas Sabra
Podcast: Play in new window | Download
Subscribe: RSS
Static analysis is the examination of code without executing the program. It’s used to identify potential errors, code quality issues, security vulnerabilities, and adherence to coding best practices.
Abbas Sabra is a Principal Engineer at Sonar, which creates tools to help developers produce clean code. Abbas specializes in C++ static analysis, and began his career in the financial industry, where he identified inefficiencies within the C++ tooling ecosystem. He joins the show to talk about static analysis and static analysis tool development.
Sean’s been an academic, startup founder, and Googler. He has published works covering a wide range of topics from information visualization to quantum computing. Currently, Sean is Head of Marketing and Developer Relations at Skyflow and host of the podcast Partially Redacted, a podcast about privacy and security engineering. You can connect with Sean on Twitter @seanfalconer.
Sponsorship inquiries: sponsor@softwareengineeringdaily.com
Sponsors
If you lead a development team you know that dev environments often break, causing lost productivity and delaying time-to-market.
OS differences make reproducing software issues tough, even with Docker.
Meanwhile, devices with sensitive source code and permissive network access present huge security challenges, especially in banking, telecommunications, and healthcare.
Because of these issues, organizations often resort to non-developer-friendly solutions like homegrown VMs or VDIs, compromising developer experience for security.
Imagine starting your development environment with one command, knowing it meets all security and compliance needs.
Gitpod makes this a reality.
With Gitpod’s cloud development environments, developers get pre-configured tools, libraries, and access instantly, with zero download time.
Gitpod environments are ephemeral, meaning they are short-lived.
Developers get a new environment if theirs breaks, and security teams rest easy knowing vulnerabilities are contained and destroyed with the click of a button.
Gitpod can be self-hosted and is trusted by over 1 million developers.
Visit www.gitpod.io/sed to get started with 50 hours free per month.
This episode of Software Engineering Daily is brought to you by Retool.
Is your engineering team bogged down with requests for internal tools? Building and maintaining the tools your employees need can be a drain on resources, taking time away from critical business priorities and your roadmap. But your business needs those internal tools—so what if there was a way to build them faster?
Meet Retool, the application development platform designed to supercharge your internal tool building. With Retool, developers can combine the power of traditional software development with an intuitive drag-and-drop UI editor and AI, enabling you to create high quality internal tools in a fraction of the time.
Deploy anywhere, connect to any internal service, and bring in your favorite libraries and toolchains. Retool ensures that every app built is secure, reliable, and easy to share with your team.
Get started today with a free trial at retool.com/sedaily.
WorkOS is a modern identity platform built for B2B SaaS, providing a quicker path to land enterprise deals.
It provides flexible APIs for authentication, user identity, and complex features like SSO and SCIM provisioning.
It’s a drop-in replacement for Auth0 (auth-zero) and supports up to 1 million monthly active users for free. Today, hundreds of high-growth scale-ups are already powered by WorkOS, including ones you probably know, like Vercel, Webflow, Perplexity, and Drata.
Recently, WorkOS announced the acquisition of Warrant, the Fine Grained Authorization service. Warrant’s product is based on a groundbreaking authorization system called Zanzibar, which was originally designed by Google to power Google Docs and YouTube. This enables fast authorization checks at enormous scale while maintaining a flexible model that can be adapted to even the most complex use cases.
If you are currently looking to build Role-Based Access Control or other enterprise features like SAML , SCIM, or user management, check out workos.com/SED to get started for free.