JAX | 11. - 15. Mai 2020 Mainz

Code Analysis Reinvented: boosting Software Security and Privacy

Dieser Talk stammt aus dem Archiv. zum AKTUELLEN Programm
Bis 19. Dezember: ✓ Gratis Agile Day ✓ Raspberry Pi oder C64 Mini for Free ✓ Bis zu 784 € sparen Jetzt anmelden
Dienstag, 7. November 2017
15:00 - 16:00

Static program analysis is the analysis of software at compile time without executing it. Static analyzers allow various actors of the Software Development Lifecycle to proactively detect software issues such as security vulnerabilities (e.g., SQL injections), and leaks of private information. However, in the Java world most of the commercial tools perform syntactic analyses providing superficial feedback and their use is often seen as “too much pain, too little gain“.

In this talk, we will discuss and demo various syntactic and semantic static analyses presenting different applications of these tools. We will explore the possibilities new techniques offer from the point of view of efficiency and precision, in particular when it comes to security vulnerability and data leakage detection. Finally, we will look into how these tools can be used to support IT teams’ efforts in complying with the new European GDPR regulation, effective in May 2018.

Alle News der Java-Welt:
Alle News der Java-Welt:

Behind the Tracks

Agile & Culture
Teamwork & Methoden

Data Access & Machine Learning
Speicherung, Processing & mehr

Clouds, Kubernets & Serverless
Alles rund um Cloud

Core Java & JVM Languages
Ausblicke & Best Practices

DevOps & Continuous Delivery
Deployment, Docker & mehr

Strukturen & Frameworks

Web Development & JavaScript
JS & Webtechnologien

Performance & Security
Sichere Webanwendungen

Serverside Java
Spring, JDK & mehr

Digital Transformation & Innovation
Technologien & Vorgehensweisen

Best Practices