Dynamic Source-Sink Analysis for Java Applications - From the Ground Up
Offered By: OWASP Foundation via YouTube
Course Description
Overview
Explore a conference talk from AppSecUSA 2014 that delves into dynamic source-sink analysis for Java applications. Learn about a project that originated from a challenge at AppSec EU in Hamburg, demonstrating log manipulation detection on the command line. Discover how this proof-of-concept evolved into a tool aimed at helping developers identify security vulnerabilities through live source-sink analysis. Understand the project's dependency on code coverage and its intended use in non-production environments. Gain insights from Steven van der Baan, a Principal Consultant at 7Safe, as he shares his expertise in security consulting, software architecture, and Java development.
Syllabus
From the Ground Up - OWASP AppSecUSA 2014
Taught by
OWASP Foundation
Related Courses
Hardening Java's Access Control by Abolishing Implicit Privilege ElevationIEEE via YouTube BaRMIe - Poking Java’s Back Door
44CON Information Security Conference via YouTube Penetration Testing Considered Harmful
44CON Information Security Conference via YouTube New Exploit Technique in Java Deserialization Attack
Black Hat via YouTube An In-Depth Study of More Than Ten Years of Java Exploitation
Association for Computing Machinery (ACM) via YouTube