BT

Presentation: Secure Programming with Static Analysis

by Niclas Nilsson on Aug 06, 2008 |

Creating secure code is a hard thing to do. The number of things to get right is almost endless and the price for not succeeding can be extremely high.

In this talk, Brian Chess explains how static source code analysis can help finding the kinds of errors that leads to vulnerabilities and exploits. Highlights from the talk include:

  • The most common security shortcuts and why they lead to security failures
  • Why programmers are in the best position to get security right
  • Where to look for security problems
  • How static analysis helps
  • The critical attributes and algorithms that make or break a static analysis tool
  • How static analysis works and how to integrate it into the software development processes and security code reviews.

Along the way, Brian shows examples taken from real-world security incidents, showing how coding errors are exploited, how they could have been prevented, and how static analysis can rapidly uncover similar errors.

To learn more, spend the next hour on Brian’s presentation: Secure Programming with Static Analysis

Hello stranger!

You need to Register an InfoQ account or or login to post comments. But there's so much more behind being registered.

Get the most out of the InfoQ experience.

Tell us what you think

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread

Video doesn't seem to work after approximately 30 mins by nik jan

Nice presentation but couldn't watch all.

Re: Video doesn't seem to work after approximately 30 mins by Guest

I was able to watch the full presentation without any problem. Try dragging the progress indicator over the 30 mins and see what happens.

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread

2 Discuss

Educational Content

General Feedback
Bugs
Advertising
Editorial
InfoQ.com and all content copyright © 2006-2014 C4Media Inc. InfoQ.com hosted at Contegix, the best ISP we've ever worked with.
Privacy policy
BT