Find Insecure Code With CodeQL Before You Commit
You have a bunch of code to commit for your Docker image so that you can update your app that runs in Amazon EKS. STOP! First scan your source code with CodeQL before you commit and push!
Photo by Muhammad Zaqy Al Fattah on Unsplash
The Solution
In this tutorial, we’ll go over scanning C# source code for vulnerabilities in a development environment using the CodeQL CLI.
Remember, for any example solution from AWS with .NET, we focus on the code that exemplifies the problem we are trying to solve. We don’t include logging, input validation, exception handling, etc., and we embed the configuration data within classes instead of using environment variables, configuration files, key/value stores and the like. These items should not be skipped for proper solutions.