Loading…
LASCON X has ended
Thursday, October 24 • 11:00am - 12:00pm
Choosing the Right Static Code Analyzers Based on Hard Data

Sign up or log in to save this to your schedule and see who's attending!

Published research shows that static code analysis cost-effectively catches security weaknesses before they become exploitable vulnerabilities. But finding the right code analyzers can be challenging.
This talk will discuss research funded by the U.S. Department of Homeland Security to deliver unbiased methods and information to assess and compare the performance of static analyzer products.
In this talk we introduce a new, freely-available website that presents the results of our research. We will discuss plans to track the types of weaknesses that analyzers can detect to help people quickly find the right analyzer and how to achieve good detection coverage of multiple weaknesses.
We’ll discuss the properties of analyzers important to consider when bringing one (or a few!) into your development pipeline. We’ll also cover plans to benchmark results quality using real code, not artificial data sets. Finally, we’re looking forward to audience feedback on what information or capabilities are important.

Speakers
avatar for Chris Horn

Chris Horn

Senior Researcher, Secure Decisions
Chris Horn is a Senior Researcher at Secure Decisions, an R&D division of Applied Visions, Inc. He has 18 years of experience in research, software systems, and new product development. Currently, he leads cybersecurity research & development projects and focuses on developing technology... Read More →


Thursday October 24, 2019 11:00am - 12:00pm
Contrast Security Room 2525 W Anderson Ln #365, Austin, TX 78757, USA