Explore a conference talk from AppSecUSA 2014 that delves into dynamic source-sink analysis for Java applications. Learn about a project that originated from a challenge at AppSec EU in Hamburg, demonstrating log manipulation detection on the command line. Discover how this proof-of-concept evolved into a tool aimed at helping developers identify security vulnerabilities through live source-sink analysis. Understand the project's dependency on code coverage and its intended use in non-production environments. Gain insights from Steven van der Baan, a Principal Consultant at 7Safe, as he shares his expertise in security consulting, software architecture, and Java development.
Dynamic Source-Sink Analysis for Java Applications - From the Ground Up
Overview
Syllabus
From the Ground Up - OWASP AppSecUSA 2014
Taught by
OWASP Foundation
Related Courses
-
DevSecOps Fundamentals
-
Static Analysis for Dynamic Assessments - OWASP AppSecUSA 2014
-
11,000 Voices - Experts Shed Light on 4-Year Open Source and AppSec Survey
-
IEEE Computer Society's Center for Secure Design - Helping Design More Secure Software
-
QARK: Android App Exploit and Static Code Analysis Tool
-
Stop Chasing Vulnerabilities - Introducing Continuous Application Security
