YoVDO

Improving Dynamic Vulnerability Scanners with Static Code Analysis

Offered By: LASCON via YouTube

Tags

Web Application Security Courses Static Code Analysis Courses Source Code Analysis Courses

Course Description

Overview

Explore how Indeed combined static source analysis and dynamic scanning to create a more robust vulnerability detection solution in this 37-minute LASCON conference talk. Learn about the limitations of traditional methods for finding potential vulnerabilities in source code, including excessive false positives and missed endpoints. Discover WES, a tool developed by Indeed that analyzes source code to extract endpoints, eliminating the need for crawlers and improving the effectiveness of dynamic vulnerability scanners. Gain insights into how this innovative approach can enhance your application security pipeline and benefit from Indeed's work in combining static code analysis with dynamic scanning techniques.

Syllabus

2017 - Improving dynamic vulnerability scanners with static code analysis - Caleb Coffie


Taught by

LASCON

Related Courses

Secure Android App Development
University of Southampton via FutureLearn DevSecOps: Building a Secure Continuous Delivery Pipeline
LinkedIn Learning Microsoft DevOps Solutions: Developing Security and Compliance
Pluralsight Using Security Analysis Tools to Protect ASP.NET and ASP.NET Core Applications
Pluralsight DevOps with GitHub and Azure: Implementing Software Supply Chain Security with GitHub
Pluralsight