HOPE 2020 (2020): "Weaknesses in Security Testing" (Download)

Name: HOPE 2020 (2020): 'Weaknesses in Security Testing' (Download)
Price: 0.99 USD
Availability: InStock

$0.99

{{option.name}}: {{selected_options[option.position]}}

2600 Magazine

View Store

Monday, July 27, 2020: 2000. Automation in security testing is critical to secure the rapidly growing amount of software being developed. As much as you might be led to believe that security tools have this covered, there are clearly areas that current solutions have challenges with. SAST, DAST, IAST, RASP, etc. tools all have their place, but we consistently see systems that use all of these and still have exploitable vulnerabilities. In fact, there is evidence to show that more than half of all software vulnerability types cannot be discovered using security tooling alone. As software development techniques evolve, security tools often have trouble keeping up. This talk will include a number of specific vulnerability types that security tools often struggle to find, and how you can exploit these gaps. For example, tools are notorious for missing Insecure Direct Object Reference (IDOR) weaknesses. The information presented is a result of commercial product penetration test engagements

Show More Show Less

HOPE 2020 (2020): "Weaknesses in Security Testing" (Download)

2600 Magazine

HOPE 2020 (2020): "In the Beginning" (Download)

HOPE 2020 (2020): "Keynote: Yeshimabeit Milner" (Download)

HOPE 2020 (2020): "Keynote: Idalin Bobé" (Download)

HOPE 2020 (2020): "Keynote: Libby Liu" (Download)