• Like
  • Save

Graph Visualization - OWASP NYC Chapter

  • 210 views
Uploaded on

The presentation that was given by Maty Siman, Checkmarx's CTO during the OWASP NYC/NJ local chapter meeting held on the 11th of April 2013.

The presentation that was given by Maty Siman, Checkmarx's CTO during the OWASP NYC/NJ local chapter meeting held on the 11th of April 2013.

More in: Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
210
On Slideshare
0
From Embeds
0
Number of Embeds
2

Actions

Shares
Downloads
0
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide
  • That’s a data flow and how each step is reflected at the source code.
  • And then we might have dozens of paths. How can we gain some more information?
  • Let’s combine them together
  • So this place is probably better. More paths get fixed
  • If I fixed that point, what parts will be OK?
  • And what about this one in here?
  • So by fixing only three places in the code, we were able to fix…
  • So by fixing only three places in the code, we were able to fix…
  • So by fixing only three places in the code, we were able to fix…
  • So by fixing only three places in the code, we were able to fix…
  • So by fixing only three places in the code, we were able to fix…
  • … this.

Transcript

  • 1. OWASP NYC MatyTitle in white and bold Siman
  • 2. AboutMaty Siman, CISSPCTO, Founder – Checkmarx: Leading SAST (“Source Code Analysis”) Vendor Hundreds of customers WW Secures SalesForce AppExchange market Title in white and bold “Visionary” by Gartner
  • 3. Graph VisualizationTitle in white and bold
  • 4. Issues at hand – size, complexity, volume The biggest challenge of current source code analysis solutions is size- How to deliver: 1. Usable results 2. Automatically Title in white and bold 3. Out-of-the-box 4. Actionable for extra large code bases with thousands+ of results
  • 5. Issue• Findings thousands accurate results, does not make us happy …• Webgoat, for example, has hundreds of XSS• We’ll narrow this down to 10 fixing placesTitle in white and bold
  • 6. Current situation• Each result has a data flow, presented independently from other findings.Title in white and bold
  • 7. Single Data Flow Path - XSS Request.QueryString*“param1”+;String s = Request.QueryString*“param1”+; … s Response.Write(s); Response.Write(s); Title in white and bold
  • 8. Current situation• One is easy.• And 14?Title in white and bold
  • 9. Many Single-Path – XSS – a lot of workTitle in white and bold
  • 10. But …• What do they have in common?Title in white and bold
  • 11. Combined pathsTitle in white and bold
  • 12. Can we …• Point, click and check without even READING the source code?• “What if I fix here? Or here?”Title in white and bold
  • 13. Here it is more effectiveTitle in white and bold
  • 14. What-If I fix here?Title in white and bold
  • 15. And here?Title in white and bold
  • 16. Automatic “What-if” => Best Fix LocationMax-Flow-Min-Cut (http://en.wikipedia.org/wiki/Max-flow_min-cut_theorem_Title in white and bold
  • 17. Simplifying the graph – step 1 - groupingTitle in white and bold
  • 18. Simplifying the graph – step 2 –homeograph’ing (http://enc.tfode.com/Homeomorphism_(graph_theory))Title in white and bold
  • 19. Simplifying the graph - outputTitle in white and bold
  • 20. Simplifying the graph - outputTitle in white and bold
  • 21. Compare the three Title in white and boldSpace Invader
  • 22. Benefits• Gives you the correlation between findings of the same type (SQLi) and different types.• You are not dealing with individual findings – but with a complete system•Title inyour time bold Use white and better
  • 23. Thank youTitle in white and bold maty@checkmarx.com