IMDEA Software

Iniciativa IMDEA

Inicio > Eventos > Charlas Invitadas > 2019 > Automated Security Code Analysis Made Easy
Esta página aún no ha sido traducida. A continuación se muestra la página en inglés.

Julian Thomé

viernes 11 de enero de 2019

10:45am Meeting room 302 (Mountain View), level 3

Julian Thomé, Junior researcher, places.SL

Automated Security Code Analysis Made Easy

Abstract:

Security auditing, i.e., the examination of the source code for the purpose of detecting vulnerabilities, helps to detect vulnerabilities during the early phases of software development. When performed manually, this task can be laborious, error-prone and does not scale to large software systems. Over the course of the last years, a lot of research has been done with regard to approaches in the areas of Static Analysis, Symbolic Execution and Constraint Solving which aim to make security auditing more effective and cost-efficient. In this presentation, we will see how we at ShiftLeft automate security auditing by using a pragmatic approach, i.e., the combination of techniques proposed by the research community and security expert knowledge, which allows us to support different languages/frameworks and scale to large software systems. We will also see some examples with a live demonstration of our security auditing tool Ocular.