Supporting Programme 2018
Juliasoft - Hunting Software Security Vulnerabilities and Privacy Leaks with Semantic Static Analysis
Preventing software security vulnerabilities (like SQL injections and XSSs) and leaks of sensitive data is definitely one of the main concerns of IT companies. For instance, data breaches (often caused by security flaws in the software) are nowadays one of the most impacting incidents that can heavily affect the reputation and business of these companies. A common way to discover and fix these vulnerabilities is through different types of (e.g., penetration) testing. However, such approach can discover only a portion of the existing vulnerabilities, since it cannot exhaustively execute the software. Semantic static analysis indeed can achieve a quite higher coverage since it does not need to build up test cases to execute the software.
In this talk, we will
* introduce what is static analysis and its different types (semantic, syntactic),
* show how it can be applied to discover security vulnerabilities and privacy leaks, and
* discuss what feedback advanced static analysis can provide to developers, project managers, and CISOs.
--- Date: 09.10.2018 Time: 11:00 AM - 11:20 AM Location: Forum I10 - International