Overview
Explore a new method for detecting potential vulnerabilities in aspect-oriented web applications through this 37-minute conference talk from AppSecUSA 2017. Delve into the challenges of securing web applications written in aspect-oriented languages like AspectJ, and learn how static tainting analysis can be applied to identify security flaws. Examine key concepts such as joint points, aspects, logging, point cuts, taint analysis, and sanitization. Gain insights from speaker Evan H. Dygert, a seasoned consultant with over 30 years of experience in software development and security. Understand why traditional vulnerability detection tools fall short for aspect-oriented programming and discover innovative approaches to enhance the security of these applications.
Syllabus
Introduction
Joint Points
Aspect
Logging
Point Cuts
Taint Analysis
Sanitization
Taught by
OWASP Foundation