Dates
Conferences
Tags
Sort by:
Most recent
Conference: Global AppSec Dublin 2023
Authors: Dr. Luca Compagna
2023-02-16
tldr - powered by Generative AI
The presentation discusses the challenges of using commercial and open source tools for static analysis of code vulnerabilities and proposes a framework for improving the effectiveness of such tools.
- Commercial and open source tools for static analysis of code vulnerabilities have limitations in detecting all vulnerabilities
- The presented framework involves using patterns and discovery rules to improve the effectiveness of static analysis tools
- Transformation experiments were conducted to improve the testability of patterns
- The framework can be improved by adding custom rules and integrating other open source tools
- The community is invited to contribute to the project and help improve the framework
Conference: OWASP 20th Anniversary Event
Authors: Ran Klein, Eitan Worcel
2021-09-24
tldr - powered by Generative AI
The presentation discusses the benefits of using correlation in cybersecurity and DevOps to reduce the amount of work needed to resolve issues and prioritize them.
- Using correlation can reduce the amount of work needed to resolve issues and prioritize them
- Correlation can consolidate multiple issues into a single one
- Data-driven prioritization and remediation can be achieved through correlation
- Actual numbers show a significant reduction in the amount of issues after consolidation
- The industry now focuses on fixing issues rather than just detecting them