Presented at
AppSec USA 2016,
Oct. 14, 2016, 9:30 a.m.
(60 minutes).
Everybody knows that manual code review can be a tedious and lengthy effort, with complexity growing exponentially with the size of the code. However, understanding code flow and focusing on relevant parts can become much easier when employing interactive debugging techniques. This allows combining the best of penetration testing and code review benefits to achieve maximum results in the most efficient manner. In this talk we will explain and demonstrate this eye-opening technique for effectively performing a manual code review on a live system using a debugger and provide a quick starter kit for implementing this technique.
Presenters:
-
Ofer Maor
- Director of Security Strategy - Synopsys
Ofer Maor is a security expert and entrepreneur with over 20 years of experience in information and application security. Ofer has been involved in application security from its early days, through research, penetration testing, consulting, and product development
As the founder and CTO of Seeker, Ofer pioneered IAST, the next generation of application security testing technology, currently used by some of the largest organizations in the world to continuously improve their software security. Ofer joined Synopsys when it acquired Seeker in July 2015.
Prior to Seeker, Ofer was the Founder and CTO of Hacktics. He led Imperva's Application Defense Center research group and has also served as the Chairman of OWASP Israel and in the OWASP Global Membership Committee.
Links:
Similar Presentations: