Explore a new method for detecting potential vulnerabilities in aspect-oriented web applications through this 37-minute conference talk from AppSecUSA 2017. Delve into the challenges of securing web applications written in aspect-oriented languages like AspectJ, and learn how static tainting analysis can be applied to identify security flaws. Examine key concepts such as joint points, aspects, logging, point cuts, taint analysis, and sanitization. Gain insights from speaker Evan H. Dygert, a seasoned consultant with over 30 years of experience in software development and security. Understand why traditional vulnerability detection tools fall short for aspect-oriented programming and discover innovative approaches to enhance the security of these applications.
A Static Tainting Analysis Method for Aspect-Oriented Programs
Overview
Syllabus
Introduction
Joint Points
Aspect
Logging
Point Cuts
Taint Analysis
Sanitization
Taught by
OWASP Foundation
Related Courses
-
Application Security for Developers
-
Application Analysis with SonarQube
-
Application Security for Developers and DevOps Professionals
-
OWASP Top 10 - A09:2021 - Security Logging and Monitoring Failures
-
ConDySTA - Context-Aware Dynamic Supplement to Static Taint Analysis
-
Application Security and Monitoring
