Explore how Indeed combined static source analysis and dynamic scanning to create a more robust vulnerability detection solution in this 37-minute LASCON conference talk. Learn about the limitations of traditional methods for finding potential vulnerabilities in source code, including excessive false positives and missed endpoints. Discover WES, a tool developed by Indeed that analyzes source code to extract endpoints, eliminating the need for crawlers and improving the effectiveness of dynamic vulnerability scanners. Gain insights into how this innovative approach can enhance your application security pipeline and benefit from Indeed's work in combining static code analysis with dynamic scanning techniques.
Improving Dynamic Vulnerability Scanners with Static Code Analysis
Overview
Syllabus
2017 - Improving dynamic vulnerability scanners with static code analysis - Caleb Coffie
Taught by
LASCON
Related Courses
-
Using Security Analysis Tools to Protect ASP.NET and ASP.NET Core Applications
-
Developer Security Champion: Vulnerability Testing
-
Application Security for Developers
-
Application Analysis with SonarQube
-
Static Analysis for Dynamic Assessments - OWASP AppSecUSA 2014
-
Application Security for Developers and DevOps Professionals
