filmov
tv
What is static code analysis (SCA)? Lars Andrén OWASP SCA Part 1
Показать описание
Source - unvalidated input
Path - tainted data on the move
Sink - tainted data processed
Did you say SQL injection?
Static Code Analysis - Tools aka Source Code Analysis - Tools
Static Code Analysis aka Source Code Analysis
Flow tracing & Pattern matching
Pattern matching - PMD
Pattern matching - sonarQube
Flow tracing
Coffe or tea? (and some Liam stats?)
Who is Lars Andrén?
I am a software engineer by education and work, currently working at security startup Keypasco in Gothenburg. Three intense years of my life was spent developing the SCA "CodeSecure" at the company Armorize in Taipei, Taiwan ROC. Most of my time was spent with the core analyzer, which doesn't make me a bonafide security expert, but does give me a unique insight in the workings of SCA tools. When I don't scan source code I paint Warhammer models that I less and less frequently have time to play with.
Path - tainted data on the move
Sink - tainted data processed
Did you say SQL injection?
Static Code Analysis - Tools aka Source Code Analysis - Tools
Static Code Analysis aka Source Code Analysis
Flow tracing & Pattern matching
Pattern matching - PMD
Pattern matching - sonarQube
Flow tracing
Coffe or tea? (and some Liam stats?)
Who is Lars Andrén?
I am a software engineer by education and work, currently working at security startup Keypasco in Gothenburg. Three intense years of my life was spent developing the SCA "CodeSecure" at the company Armorize in Taipei, Taiwan ROC. Most of my time was spent with the core analyzer, which doesn't make me a bonafide security expert, but does give me a unique insight in the workings of SCA tools. When I don't scan source code I paint Warhammer models that I less and less frequently have time to play with.
0:15:58
What is Static Code Analysis? || Various Examples
0:03:44
What is Static Code Analysis?
0:14:42
What is Static Code Analysis? | AppSec 101
0:01:13
What is static code analysis? in just 1 minute
0:11:08
Static Code Analysis - Best Practices
0:37:37
Static Code Analysis - A Behind-the-scenes Look • Arno Haase • GOTO 2022
0:09:50
How To Write Clean Code With The Help Of Static Code Analysis
0:19:05
Static Code Analysis: Scan All Your Code For Bugs | Synopsys
0:11:00
ISTQB CTAL-ATT Agile Technical Tester | Exam Practice Tests Sample | English
0:14:35
Static Analysis in C++
0:01:51
What Are Polyspace Static Code Analysis Products?
0:00:16
PC-lint Plus | Static Code Analysis for C and C++
0:08:22
SonarQube: How to run Static Code Scanning?
0:04:23
Static code analysis and why Klocwork is different
1:33:53
What is Static Code Analysis?
0:06:32
What Are Static Analysis Tools?
0:03:57
Where dynamic and static code analysis merge
0:36:00
Code analysis -Static and Dynamic
0:01:09
Embold Static Code Analysis
0:12:36
Unlocking The Secrets Of Static Code Analysis
0:34:45
Bug Hunting with Static Code Analysis - Nick Jones
0:02:17
Top 9 C++ Static Code Analysis Tools
0:06:20
Best Static Code Analysis Tools for Java Code Quality Assurance
0:32:06
Unite 2016 - Static Code Analysis: Preventing Bugs and Lag Before They Happen
Комментарии