I will be presenting to OWASP San Antonio about Static Analysis Thursday January 31st. If you are in town please drop by and check it out. Full details below or on the OWASP San Antonio page.
San Antonio OWASP Chapter: January 2008 Meeting
Topic: Static Analysis Techniques for Testing Application Security
Presenter: Dan Cornell
Date: January 31st, 11:30am – 1:00pm
San Antonio Technology Center (Web Room)
3463 Magic Drive
San Antonio, TX 78229
Static Analysis of software refers to examining source code and other software artifacts without executing them. This presentation looks at how these techniques can be used to identify security defects in applications. Approaches examined will range from simple keyword search methods used to identify calls to banned functions through more sophisticated data flow analysis used to identify more complicated issues such as injection flaws. In addition, a demonstration will be given of two freely-available static analysis tools: FindBugs for the Java platform and FXCop for the .NET platform. Finally, some approaches will be presented on how organizations can start using static analysis tools as part of their development and quality assurance processes.
Sodas and snacks will be provided. Feel free to bring a brown-bag lunch.
Please RSVP: E-mail owasprsvp _at_ denimgroup.com or call (210) 572-4400.