Explore an in-depth security audit of the Zephyr codebase using advanced static analysis techniques. Learn about the integration of CodeChecker static analysis support in Zephyr 3.5.0, which incorporates 10 different linters and static analyzers. Discover how deeper static analysis methods are employed to uncover more complex bugs that traditional tools might miss. Gain insights into the Alpha Omega project's efforts to scan, triage, and report bugs in top open-source projects. Compare the thoroughness of this audit to a root canal procedure, emphasizing its comprehensive nature in identifying and addressing potential security vulnerabilities in Zephyr's code.
Overview
Syllabus
A Root Canal Static Analysis Based Audit of Zephyr - Munawar Hafiz, OpenRefactory
Taught by
Linux Foundation
Tags
Related Courses
-
Static & Dynamic Analysis for Technical Testing
-
Application Analysis with SonarQube
-
How to Serve Open Source Maintainers Without Annoying Them
-
Proactively Auditing Open Source Dependencies for Security - Here Is a Clean Section of the Beach
-
Insights from Zephyr Security Audit and Vulnerability Experiences
-
Choosing the Right Static Code Analyzers Based on Hard Data
