Presentation: Secure Programming with Static Analysis
- Share
-
- |
Read later
My Reading List
Creating secure code is a hard thing to do. The number of things to get right is almost endless and the price for not succeeding can be extremely high.
In this talk, Brian Chess explains how static source code analysis can help finding the kinds of errors that leads to vulnerabilities and exploits. Highlights from the talk include:
- The most common security shortcuts and why they lead to security failures
- Why programmers are in the best position to get security right
- Where to look for security problems
- How static analysis helps
- The critical attributes and algorithms that make or break a static analysis tool
- How static analysis works and how to integrate it into the software development processes and security code reviews.
Along the way, Brian shows examples taken from real-world security incidents, showing how coding errors are exploited, how they could have been prevented, and how static analysis can rapidly uncover similar errors.
To learn more, spend the next hour on Brian’s presentation: Secure Programming with Static Analysis
Video doesn't seem to work after approximately 30 mins
by
nik jan
Educational Content
Building Hypermedia APIs with HTML
Jon Moore Jun 19, 2013
Deleting Code at Nokia
Tom Coupland Jun 19, 2013
Intro to CLP with core.logic
Ryan Senior Jun 18, 2013
Spock: A Highly Logical Way To Test
Howard Lewis Ship Jun 18, 2013
Java Garbage Collection Distilled
Martin Thompson Jun 17, 2013
Hello stranger!
You need to Register an InfoQ account or Login to post comments. But there's so much more behind being registered.Get the most out of the InfoQ experience.
Tell us what you think