Overview
Explore how Indeed combined static source analysis and dynamic scanning to create a more robust vulnerability detection solution in this 37-minute LASCON conference talk. Learn about the limitations of traditional methods for finding potential vulnerabilities in source code, including excessive false positives and missed endpoints. Discover WES, a tool developed by Indeed that analyzes source code to extract endpoints, eliminating the need for crawlers and improving the effectiveness of dynamic vulnerability scanners. Gain insights into how this innovative approach can enhance your application security pipeline and benefit from Indeed's work in combining static code analysis with dynamic scanning techniques.
Syllabus
2017 - Improving dynamic vulnerability scanners with static code analysis - Caleb Coffie
Taught by
LASCON