August 2021 Virtual AppSec Meetup

Name: August 2021 Virtual AppSec Meetup
Start: 2021-08-26T18:00:00-07:00
End: 2021-08-26T19:30:00-07:00

Hosted by Christophe D. and Roberto S.

Meet the group

OWASP Victoria Chapter

No reviews yet

Details

The OWASP Victoria chapter is pleased to present our August 2021 event where Sherif Kousa will be delivering a talk on Bringing Order to Static Analysis Security Testing.

The event will be held online on August 26th from 6:00 pm – 7:30 pm.

It will feature Sherif’s talk followed by a Q&A and a draw for a prize (must be registered member and reside in Canada). Join us for a fun evening of Security Testing and discussions.

Visit our OWASP Chapter to learn more about us at https://owasp.org/www-chapter-victoria/

Speaker: Sherif Kousa
Presentation: Bringing Order to Static Analysis Security Testing (1.5 hr)

Event Details:

Software developers were always left with two hard choices, either use security tools that are not built for them, or use free/open-source tools that generate too many false positives and have poor coverage. One of the prime reasons for this dilemma is that traditionally the security workload was managed by application security teams who would find vulnerabilities and filter through false positives. Now with agile development and DevOps workflows, now there is no option for developers to opt out of secure development.

New technology called DataLog solves that problem in a fundamentally different way, giving developers new hope. During this presentation we will go over:

• How static code analysis has changed over the years
• How DataLog technology solves some of the inherent problems of static code analysis such as speed, accuracy and coverage
• How concepts like treating code as data, and partial evaluations are changing the game completely

We will also introduce a new static code analysis tool called Reshift which is built on top of open source tools and leverages DataLog technology. Reshift is changing the bad reputation that static code analysis amassed over the years and now developers can finally have it all - accuracy, speed and coverage.

Speaker Bio :

Sherif Koussa is OWASP Ottawa Chapter Co-Leader, Software Developer, Hacker, and founder and CEO of Software Secured (https://www.softwaresecured.com) and Reshift (https://www.reshiftsecurity.com). In addition to contributing to OWASP Ottawa for over 14 years, Sherif contributed to WebGoat, and OWASP Cheat Sheets. Sherif also helped the SANS and GIAC organizations launch their GSSP-Java and GSSP-NET exams and contributed a few of their courses. After switching from the software development field to the security field, Sherif took on the mission of supporting developers shifting security left, and ship more secure code organically. Whether through training, penetration testing as a service or coaching development teams through shifting security, Sherif believes that any AppSec without the developer wouldn’t yield the best results. Sherif’s current venture, Reshift Security, is a static code analysis tool that is built for developers from the IDE, over to the code review and CI phases.

Software Secured
https://www.softwaresecured.com/

Special thanks to ENKON Information Systems for sponsoring this event. To learn more about them, please visit https://www.enkon.com/

August 2021 Virtual AppSec Meetup

OWASP Victoria Chapter

Details

Members are also interested in