HomeЛюди и блогиRelated VideosMore From: Oracle Developers

Hybrid Analysis Mapping: Making Security and Java Developer Tools Play Nice Together

0 ratings | 152 views
Java developers want to write code, and security testers want to break it. The problem is that security testers need to know more about code to do better testing and developers need to be able to quickly address problems found by testers. This presentation looks at both groups and their toolsets and explores ways they can help each other out. Using open source examples built on OWASP ZAP, ThreadFix, and Eclipse, it walks through the process of seeding web application scans with knowledge gleaned from code analysis as well as the mapping of dynamic scan results to specific lines of code in Java developers’ IDEs. Author: Dan Cornell Dan Cornell has over fifteen years of experience architecting and developing web-based software systems. As CTO of Denim Group, he leads the organization’s technology team overseeing methodology development and project execution for Denim Group’s customers. He also heads the Denim Group security research team, investigating the application of secure coding and development techniques to the improvement of web-based software development methodologies. Dan Cornell has performed as the CTO of BrandDefense, as founder and Vice President of Engineering for Atension prior to its acquisition by Rare Medium, Inc. and as the Vice President, Global Competency Leader for Rare Medium’s Java and Unix Competency Center. Cornell has also developed simulation applications for the Air Force with Southwest Research Institute. In March 1999, Texas Monthly Magazine named Cornell and his partners, Sheridan Chambers and Tyson Weihs, to its list of 30 Multimedia Whizzes Under Thirty doing business in Texas. He has published papers on topics ranging from data security to high-end graphical simulations, as well as an IBM Redbook on building server-side Java applications for the Linux platform. He has also been published by the Association of Computing Machinery, and the Society of Computing Simulation International. Dan was the founding coordinator and chairman for the Java Users Group of San Antonio (JUGSA) and is currently the San Antonio Open Web Application Security Project (OWASP) chapter leader. Dan also serves on the advisory board of Trinity University’s Department of Computer Science. He is a recognized expert in the area of web application security for SearchSoftwareQuality.com and the original author of ThreadFix, Denim Group's open source application vulnerability management platform. Dan holds a Bachelor of Science degree with Honors in Computer Science and graduated Magna Cum Laude from Trinity University. View more trainings by Dan Cornell at https://www.parleys.com/author/dan-cornell Find more related tutorials at https://www.parleys.com/category/developer-training-tutorials
Html code for embedding videos on your blog
Text Comments (0)

Would you like to comment?

Join YouTube for a free account, or sign in if you are already a member.