Best of Both Worlds: Correlating Static and Dynamic Analysis Results

Jeremiah Grossman
Founder & CEO at Undisclosed
Mar. 11, 2010
Best of Both Worlds: Correlating Static and Dynamic Analysis Results
Best of Both Worlds: Correlating Static and Dynamic Analysis Results
Best of Both Worlds: Correlating Static and Dynamic Analysis Results
Best of Both Worlds: Correlating Static and Dynamic Analysis Results
Best of Both Worlds: Correlating Static and Dynamic Analysis Results
Best of Both Worlds: Correlating Static and Dynamic Analysis Results
Best of Both Worlds: Correlating Static and Dynamic Analysis Results
Best of Both Worlds: Correlating Static and Dynamic Analysis Results
Best of Both Worlds: Correlating Static and Dynamic Analysis Results
Best of Both Worlds: Correlating Static and Dynamic Analysis Results
Best of Both Worlds: Correlating Static and Dynamic Analysis Results
Best of Both Worlds: Correlating Static and Dynamic Analysis Results
Best of Both Worlds: Correlating Static and Dynamic Analysis Results
Best of Both Worlds: Correlating Static and Dynamic Analysis Results
Best of Both Worlds: Correlating Static and Dynamic Analysis Results
Best of Both Worlds: Correlating Static and Dynamic Analysis Results
Best of Both Worlds: Correlating Static and Dynamic Analysis Results
Best of Both Worlds: Correlating Static and Dynamic Analysis Results
Best of Both Worlds: Correlating Static and Dynamic Analysis Results
Best of Both Worlds: Correlating Static and Dynamic Analysis Results
Best of Both Worlds: Correlating Static and Dynamic Analysis Results
Best of Both Worlds: Correlating Static and Dynamic Analysis Results
Best of Both Worlds: Correlating Static and Dynamic Analysis Results
Best of Both Worlds: Correlating Static and Dynamic Analysis Results
Best of Both Worlds: Correlating Static and Dynamic Analysis Results
Best of Both Worlds: Correlating Static and Dynamic Analysis Results
Best of Both Worlds: Correlating Static and Dynamic Analysis Results
Best of Both Worlds: Correlating Static and Dynamic Analysis Results
Best of Both Worlds: Correlating Static and Dynamic Analysis Results
Best of Both Worlds: Correlating Static and Dynamic Analysis Results
Best of Both Worlds: Correlating Static and Dynamic Analysis Results
Best of Both Worlds: Correlating Static and Dynamic Analysis Results
Best of Both Worlds: Correlating Static and Dynamic Analysis Results
Best of Both Worlds: Correlating Static and Dynamic Analysis Results
Best of Both Worlds: Correlating Static and Dynamic Analysis Results
Best of Both Worlds: Correlating Static and Dynamic Analysis Results
Best of Both Worlds: Correlating Static and Dynamic Analysis Results
Best of Both Worlds: Correlating Static and Dynamic Analysis Results
Best of Both Worlds: Correlating Static and Dynamic Analysis Results
Best of Both Worlds: Correlating Static and Dynamic Analysis Results
Best of Both Worlds: Correlating Static and Dynamic Analysis Results
Best of Both Worlds: Correlating Static and Dynamic Analysis Results
Best of Both Worlds: Correlating Static and Dynamic Analysis Results
1 of 43

Best of Both Worlds: Correlating Static and Dynamic Analysis Results

Mar. 11, 2010
Download to read offline
Technology

One of the only guarantees in life is that the first time you analyze a piece of software for security vulnerabilities, you're going to find them. Whether you’re using static or dynamic analysis, prioritizing defects for remediation can strain any organization. This session will demonstrate methods for integrating analysis techniques and show how a combined approach gives better results.

Jeremiah Grossman
Founder & CEO at Undisclosed

Recommended

Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)
Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)Jeremiah Grossman2.1K views34 slides
15 Years of Web Security: The Rebellious Teenage Years15 Years of Web Security: The Rebellious Teenage Years
15 Years of Web Security: The Rebellious Teenage YearsJeremiah Grossman2.6K views29 slides
No More Snake Oil: Why InfoSec Needs Security GuaranteesNo More Snake Oil: Why InfoSec Needs Security Guarantees
No More Snake Oil: Why InfoSec Needs Security GuaranteesJeremiah Grossman4.6K views39 slides
WhiteHat Security 8th Website Security Statistics ReportWhiteHat Security 8th Website Security Statistics Report
WhiteHat Security 8th Website Security Statistics ReportJeremiah Grossman1.5K views14 slides
2014-15 Cybersecurity Venture Funding and M&A2014-15 Cybersecurity Venture Funding and M&A
2014-15 Cybersecurity Venture Funding and M&ANick Normile1K views14 slides
Insuring your future: Cybersecurity and the insurance industryInsuring your future: Cybersecurity and the insurance industry
Insuring your future: Cybersecurity and the insurance industryAccenture Insurance494 views12 slides

More Related Content

What's hot

SVB Cybersecurity Impact on Innovation Report - OverviewSVB Cybersecurity Impact on Innovation Report - Overview
SVB Cybersecurity Impact on Innovation Report - OverviewSilicon Valley Bank4.9K views4 slides
Improve your security, minister tells major firmsImprove your security, minister tells major firms
Improve your security, minister tells major firmsJohn Davis144 views6 slides
FRISS_Insurance fraud report 2020 FRISS_Insurance fraud report 2020
FRISS_Insurance fraud report 2020 FinTech Belgium215 views15 slides
Cyber_security_survey201415_2Cyber_security_survey201415_2
Cyber_security_survey201415_2Stephanie Crates338 views12 slides
The cyber-chasm: How the disconnect between the C-suite and security endanger...The cyber-chasm: How the disconnect between the C-suite and security endanger...
The cyber-chasm: How the disconnect between the C-suite and security endanger...The Economist Media Businesses391 views25 slides
Protecting the brand—cyber-attacks and the reputation of the enterprise Protecting the brand—cyber-attacks and the reputation of the enterprise
Protecting the brand—cyber-attacks and the reputation of the enterprise The Economist Media Businesses307 views5 slides

What's hot(16)

SVB Cybersecurity Impact on Innovation Report - OverviewSVB Cybersecurity Impact on Innovation Report - Overview
SVB Cybersecurity Impact on Innovation Report - Overview
Silicon Valley Bank4.9K views
Improve your security, minister tells major firmsImprove your security, minister tells major firms
Improve your security, minister tells major firms
John Davis144 views
FRISS_Insurance fraud report 2020 FRISS_Insurance fraud report 2020
FRISS_Insurance fraud report 2020
FinTech Belgium215 views
Cyber_security_survey201415_2Cyber_security_survey201415_2
Cyber_security_survey201415_2
Stephanie Crates338 views
The cyber-chasm: How the disconnect between the C-suite and security endanger...The cyber-chasm: How the disconnect between the C-suite and security endanger...
The cyber-chasm: How the disconnect between the C-suite and security endanger...
The Economist Media Businesses391 views
Protecting the brand—cyber-attacks and the reputation of the enterprise Protecting the brand—cyber-attacks and the reputation of the enterprise
Protecting the brand—cyber-attacks and the reputation of the enterprise
The Economist Media Businesses307 views
Ghostery Enterprise - Best Practices White PaperGhostery Enterprise - Best Practices White Paper
Ghostery Enterprise - Best Practices White Paper
Ghostery, Inc.932 views
Ghostery Enterprise Security StudyGhostery Enterprise Security Study
Ghostery Enterprise Security Study
Ghostery, Inc.2.2K views
Reasons to be secureReasons to be secure
Reasons to be secure
Meg Weber394 views
Cost of Cybercrime Study in Financial Services: 2019 ReportCost of Cybercrime Study in Financial Services: 2019 Report
Cost of Cybercrime Study in Financial Services: 2019 Report
accenture21.4K views
Deloitte stay ahed of the gameDeloitte stay ahed of the game
Deloitte stay ahed of the game
Franco Ferrario1.7K views
5 things digital media companies need to do now5 things digital media companies need to do now
5 things digital media companies need to do now
Grant Thornton LLP3.7K views
Under cyber attack: EY's Global information security survey 2013Under cyber attack: EY's Global information security survey 2013
Under cyber attack: EY's Global information security survey 2013
EY3K views
2016 Global data valuation survey2016 Global data valuation survey
2016 Global data valuation survey
Brunswick Group3.6K views
How boards can lead the cyber-resilient organisation How boards can lead the cyber-resilient organisation
How boards can lead the cyber-resilient organisation
The Economist Media Businesses379 views
Digital Resilience flipbookDigital Resilience flipbook
Digital Resilience flipbook
James Fintain Lawler149 views

Similar to Best of Both Worlds: Correlating Static and Dynamic Analysis Results

Penetration testing dont just leave it to chancePenetration testing dont just leave it to chance
Penetration testing dont just leave it to chanceDr. Anish Cheriyan (PhD)1.7K views45 slides
OWASP: Building Secure Web AppsOWASP: Building Secure Web Apps
OWASP: Building Secure Web Appsmlogvinov222 views25 slides
Core.co.enterprise.deck.06.16.10Core.co.enterprise.deck.06.16.10
Core.co.enterprise.deck.06.16.10Core Security Technologies279 views19 slides
Security assessment with a hint of CISSP PrepSecurity assessment with a hint of CISSP Prep
Security assessment with a hint of CISSP PrepEnterpriseGRC Solutions, Inc.1.7K views37 slides
How PCI And PA DSS will change enterprise applicationsHow PCI And PA DSS will change enterprise applications
How PCI And PA DSS will change enterprise applicationsBen Rothke683 views24 slides
Application Portfolio Risk Ranking: Banishing FUD With Structure and NumbersApplication Portfolio Risk Ranking: Banishing FUD With Structure and Numbers
Application Portfolio Risk Ranking: Banishing FUD With Structure and NumbersDenim Group659 views28 slides

Similar to Best of Both Worlds: Correlating Static and Dynamic Analysis Results(20)

Penetration testing dont just leave it to chancePenetration testing dont just leave it to chance
Penetration testing dont just leave it to chance
Dr. Anish Cheriyan (PhD)1.7K views
OWASP: Building Secure Web AppsOWASP: Building Secure Web Apps
OWASP: Building Secure Web Apps
mlogvinov222 views
Core.co.enterprise.deck.06.16.10Core.co.enterprise.deck.06.16.10
Core.co.enterprise.deck.06.16.10
Core Security Technologies279 views
Security assessment with a hint of CISSP PrepSecurity assessment with a hint of CISSP Prep
Security assessment with a hint of CISSP Prep
EnterpriseGRC Solutions, Inc.1.7K views
How PCI And PA DSS will change enterprise applicationsHow PCI And PA DSS will change enterprise applications
How PCI And PA DSS will change enterprise applications
Ben Rothke683 views
Application Portfolio Risk Ranking: Banishing FUD With Structure and NumbersApplication Portfolio Risk Ranking: Banishing FUD With Structure and Numbers
Application Portfolio Risk Ranking: Banishing FUD With Structure and Numbers
Denim Group659 views
Software Security InitiativesSoftware Security Initiatives
Software Security Initiatives
Marco Morana4.5K views
Continuous Application Security at Scale with IAST and RASP -- Transforming D...Continuous Application Security at Scale with IAST and RASP -- Transforming D...
Continuous Application Security at Scale with IAST and RASP -- Transforming D...
Jeff Williams2.4K views
Web Application Security Vulnerability Management FrameworkWeb Application Security Vulnerability Management Framework
Web Application Security Vulnerability Management Framework
jpubal3.5K views
Get Ready for Web Application Security TestingGet Ready for Web Application Security Testing
Get Ready for Web Application Security Testing
Alan Kan3K views
Veracode Corporate Overview - PrintVeracode Corporate Overview - Print
Veracode Corporate Overview - Print
Andrew Kanikuru144 views
Tech Throwdown: Secure Containerization vs WhitelistingTech Throwdown: Secure Containerization vs Whitelisting
Tech Throwdown: Secure Containerization vs Whitelisting
Invincea, Inc.1.6K views
六合彩香港-六合彩六合彩香港-六合彩
六合彩香港-六合彩
baoyin667 views
Discovering the Value of Verifying Web Application Security Using IBM Rationa...Discovering the Value of Verifying Web Application Security Using IBM Rationa...
Discovering the Value of Verifying Web Application Security Using IBM Rationa...
Alan Kan4K views
IBM Rational AppScan Product OverviewIBM Rational AppScan Product Overview
IBM Rational AppScan Product Overview
Ashish Patel1.2K views
8 Patterns For Continuous Code Security by Veracode CTO Chris Wysopal8 Patterns For Continuous Code Security by Veracode CTO Chris Wysopal
8 Patterns For Continuous Code Security by Veracode CTO Chris Wysopal
Threat Stack3.3K views
Security-testing presentationSecurity-testing presentation
Security-testing presentation
Ezhilan Elangovan (Eril)399 views
Software Security EngineeringSoftware Security Engineering
Software Security Engineering
Marco Morana3.4K views
Giving your AppSec program the edge - using OpenSAMM for benchmarking and sof...Giving your AppSec program the edge - using OpenSAMM for benchmarking and sof...
Giving your AppSec program the edge - using OpenSAMM for benchmarking and sof...
Denim Group834 views
Solnet dev secops meetupSolnet dev secops meetup
Solnet dev secops meetup
pbink82 views

More from Jeremiah Grossman

All these vulnerabilities, rarely matterAll these vulnerabilities, rarely matter
All these vulnerabilities, rarely matterJeremiah Grossman305 views30 slides
How to Determine Your Attack Surface in the Healthcare SectorHow to Determine Your Attack Surface in the Healthcare Sector
How to Determine Your Attack Surface in the Healthcare SectorJeremiah Grossman275 views25 slides
The Attack Surface of the Healthcare IndustryThe Attack Surface of the Healthcare Industry
The Attack Surface of the Healthcare IndustryJeremiah Grossman560 views28 slides
Exploring the Psychological Mechanisms used in Ransomware Splash ScreensExploring the Psychological Mechanisms used in Ransomware Splash Screens
Exploring the Psychological Mechanisms used in Ransomware Splash ScreensJeremiah Grossman661 views20 slides
What the Kidnapping & Ransom Economy Teaches Us About RansomwareWhat the Kidnapping & Ransom Economy Teaches Us About Ransomware
What the Kidnapping & Ransom Economy Teaches Us About RansomwareJeremiah Grossman2.5K views52 slides
What the Kidnapping & Ransom Economy Teaches Us About RansomwareWhat the Kidnapping & Ransom Economy Teaches Us About Ransomware
What the Kidnapping & Ransom Economy Teaches Us About RansomwareJeremiah Grossman3.8K views49 slides

More from Jeremiah Grossman(20)

All these vulnerabilities, rarely matterAll these vulnerabilities, rarely matter
All these vulnerabilities, rarely matter
Jeremiah Grossman305 views
How to Determine Your Attack Surface in the Healthcare SectorHow to Determine Your Attack Surface in the Healthcare Sector
How to Determine Your Attack Surface in the Healthcare Sector
Jeremiah Grossman275 views
The Attack Surface of the Healthcare IndustryThe Attack Surface of the Healthcare Industry
The Attack Surface of the Healthcare Industry
Jeremiah Grossman560 views
Exploring the Psychological Mechanisms used in Ransomware Splash ScreensExploring the Psychological Mechanisms used in Ransomware Splash Screens
Exploring the Psychological Mechanisms used in Ransomware Splash Screens
Jeremiah Grossman661 views
What the Kidnapping & Ransom Economy Teaches Us About RansomwareWhat the Kidnapping & Ransom Economy Teaches Us About Ransomware
What the Kidnapping & Ransom Economy Teaches Us About Ransomware
Jeremiah Grossman2.5K views
What the Kidnapping & Ransom Economy Teaches Us About RansomwareWhat the Kidnapping & Ransom Economy Teaches Us About Ransomware
What the Kidnapping & Ransom Economy Teaches Us About Ransomware
Jeremiah Grossman3.8K views
Next Generation Endpoint Prtection Buyers GuideNext Generation Endpoint Prtection Buyers Guide
Next Generation Endpoint Prtection Buyers Guide
Jeremiah Grossman815 views
Can Ransomware Ever Be Defeated?Can Ransomware Ever Be Defeated?
Can Ransomware Ever Be Defeated?
Jeremiah Grossman749 views
Ransomware is Here: Fundamentals Everyone Needs to KnowRansomware is Here: Fundamentals Everyone Needs to Know
Ransomware is Here: Fundamentals Everyone Needs to Know
Jeremiah Grossman4K views
Web Application Security Statistics Report 2016Web Application Security Statistics Report 2016
Web Application Security Statistics Report 2016
Jeremiah Grossman1.5K views
15 Years of Web Security: The Rebellious Teenage Years15 Years of Web Security: The Rebellious Teenage Years
15 Years of Web Security: The Rebellious Teenage Years
Jeremiah Grossman6.2K views
WhiteHat’s Website Security Statistics Report 2015WhiteHat’s Website Security Statistics Report 2015
WhiteHat’s Website Security Statistics Report 2015
Jeremiah Grossman5.1K views
WhiteHat Security 2014 Statistics Report ExplainedWhiteHat Security 2014 Statistics Report Explained
WhiteHat Security 2014 Statistics Report Explained
Jeremiah Grossman1.4K views
WhiteHat 2014 Website Security Statistics ReportWhiteHat 2014 Website Security Statistics Report
WhiteHat 2014 Website Security Statistics Report
Jeremiah Grossman3.1K views
Million Browser BotnetMillion Browser Botnet
Million Browser Botnet
Jeremiah Grossman6.9K views
WhiteHat Security Website Statistics [Full Report] (2013)WhiteHat Security Website Statistics [Full Report] (2013)
WhiteHat Security Website Statistics [Full Report] (2013)
Jeremiah Grossman3K views
Top Ten Web Hacking Techniques of 2012Top Ten Web Hacking Techniques of 2012
Top Ten Web Hacking Techniques of 2012
Jeremiah Grossman3.9K views
WhiteHat’s 12th Website Security Statistics [Full Report]WhiteHat’s 12th Website Security Statistics [Full Report]
WhiteHat’s 12th Website Security Statistics [Full Report]
Jeremiah Grossman3.1K views
Web Breaches in 2011-“This is Becoming Hourly News and Totally Ridiculous"Web Breaches in 2011-“This is Becoming Hourly News and Totally Ridiculous"
Web Breaches in 2011-“This is Becoming Hourly News and Totally Ridiculous"
Jeremiah Grossman936 views
Top Ten Web Hacking Techniques (2010)Top Ten Web Hacking Techniques (2010)
Top Ten Web Hacking Techniques (2010)
Jeremiah Grossman5.7K views

Recently uploaded

Machine learning with quantum computersMachine learning with quantum computers
Machine learning with quantum computersSpeck&Tech83 views20 slides
info_session_gdsc_tmsl .pptxinfo_session_gdsc_tmsl .pptx
info_session_gdsc_tmsl .pptxNikitaSingh74151830 views22 slides
Take Control of Podcasting thanks to Open Source and Podcasting 2.0Take Control of Podcasting thanks to Open Source and Podcasting 2.0
Take Control of Podcasting thanks to Open Source and Podcasting 2.0🎙 Benjamin Bellamy64 views59 slides
Easy Salesforce CI/CD with Open Source Only - Dreamforce 23Easy Salesforce CI/CD with Open Source Only - Dreamforce 23
Easy Salesforce CI/CD with Open Source Only - Dreamforce 23NicolasVuillamy1343 views39 slides
Cloud Composer workshop at Airflow Summit 2023.pdfCloud Composer workshop at Airflow Summit 2023.pdf
Cloud Composer workshop at Airflow Summit 2023.pdfLeah Cole89 views80 slides
LLaMA 2.pptxLLaMA 2.pptx
LLaMA 2.pptxRkRahul1636 views19 slides

Recently uploaded(20)

Machine learning with quantum computersMachine learning with quantum computers
Machine learning with quantum computers
Speck&Tech83 views
info_session_gdsc_tmsl .pptxinfo_session_gdsc_tmsl .pptx
info_session_gdsc_tmsl .pptx
NikitaSingh74151830 views
Take Control of Podcasting thanks to Open Source and Podcasting 2.0Take Control of Podcasting thanks to Open Source and Podcasting 2.0
Take Control of Podcasting thanks to Open Source and Podcasting 2.0
🎙 Benjamin Bellamy64 views
Easy Salesforce CI/CD with Open Source Only - Dreamforce 23Easy Salesforce CI/CD with Open Source Only - Dreamforce 23
Easy Salesforce CI/CD with Open Source Only - Dreamforce 23
NicolasVuillamy1343 views
Cloud Composer workshop at Airflow Summit 2023.pdfCloud Composer workshop at Airflow Summit 2023.pdf
Cloud Composer workshop at Airflow Summit 2023.pdf
Leah Cole89 views
LLaMA 2.pptxLLaMA 2.pptx
LLaMA 2.pptx
RkRahul1636 views
Orchestration, Automation and Virtualisation Maturity ModelOrchestration, Automation and Virtualisation Maturity Model
Orchestration, Automation and Virtualisation Maturity Model
CSUC - Consorci de Serveis Universitaris de Catalunya69 views
Announcing InfluxDB ClusteredAnnouncing InfluxDB Clustered
Announcing InfluxDB Clustered
InfluxData64 views
Nymity Framework: Privacy & Data Protection Update in 7 StatesNymity Framework: Privacy & Data Protection Update in 7 States
Nymity Framework: Privacy & Data Protection Update in 7 States
TrustArc153 views
sap.pptxsap.pptx
sap.pptx
SAP26 views
Getting your enterprise ready for Microsoft 365 CopilotGetting your enterprise ready for Microsoft 365 Copilot
Getting your enterprise ready for Microsoft 365 Copilot
Vignesh Ganesan I Microsoft MVP146 views
Google Cloud Study Jams Info SessionGoogle Cloud Study Jams Info Session
Google Cloud Study Jams Info Session
GDSCPCCE62 views
web test repair.pptxweb test repair.pptx
web test repair.pptx
YuanzhangLin40 views
Common WordPress APIs - Options APICommon WordPress APIs - Options API
Common WordPress APIs - Options API
Jonathan Bossenger28 views
ISO Survey 2022: ISO 27001 certificates (ISMS)ISO Survey 2022: ISO 27001 certificates (ISMS)
ISO Survey 2022: ISO 27001 certificates (ISMS)
Andrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001108 views
Experts Live Europe 2023 - Ensure your compliance in Microsoft Teams with Mic...Experts Live Europe 2023 - Ensure your compliance in Microsoft Teams with Mic...
Experts Live Europe 2023 - Ensure your compliance in Microsoft Teams with Mic...
Jasper Oosterveld77 views
Future of SkillsFuture of Skills
Future of Skills
Alison B. Lowndes64 views
Google cloud Study Jam 2023.pptxGoogle cloud Study Jam 2023.pptx
Google cloud Study Jam 2023.pptx
GDSCNiT311 views
How is AI changing journalism? Strategic considerations for publishers and ne...How is AI changing journalism? Strategic considerations for publishers and ne...
How is AI changing journalism? Strategic considerations for publishers and ne...
Damian Radcliffe86 views
Accelerating Data Science through Feature Platform, Transformers, and GenAIAccelerating Data Science through Feature Platform, Transformers, and GenAI
Accelerating Data Science through Feature Platform, Transformers, and GenAI
FeatureByte165 views

Best of Both Worlds: Correlating Static and Dynamic Analysis Results