YoVDO

Automated Finding Correlation: SAST, DAST, and IAST Overlap in Application Security

Offered By: OWASP Foundation via YouTube

Tags

Software Security Courses SAST Courses DAST Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore the overlap between different scanning technologies in this insightful conference talk. Delve into the automated correlation of findings from Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Interactive Application Security Testing (IAST). Discover the unique advantages of each technology and learn whether a single solution can address all security needs. Gain valuable insights into the commonalities and differences in vulnerability detection across these tools, and understand how leveraging multiple technologies can streamline the remediation process. Examine real-world results from the OWASP Benchmark project, providing context for the effectiveness of each approach. Uncover the benefits of automated correlation for both developers and security experts, and explore how this knowledge can reduce workload and accelerate vulnerability resolution.

Syllabus

Intro
Why adding IAST?
Auto Correlations - Goal
OWASP Benchmark - Context
OWASP Benchmark - Process
OWASP Benchmark - Results
Pulling the Curtain
OWASP Benchmark - The Report


Taught by

OWASP Foundation

Related Courses

Pattern-Oriented Software Architectures: Programming Mobile Services for Android Handheld Systems
Vanderbilt University via Coursera
Engineering Maintainable Android Apps
Vanderbilt University via Coursera
Software Design as an Element of the Software Development Lifecycle
University of Colorado System via Coursera
Secure Software Development
Pluralsight
Secure Software Concepts for CSSLPĀ®
Pluralsight