The session will revolve around SAST(static appsec testing). Starting with what SAST is why is it needed. Comparison between SAST and DAST. Then talking about some open-source and enterprise level tools. The speaker will then cover some of the secure coding practices like input validation, output encoding, authentication and password management, access control, memory management. After discussing these, the speaker will share some vulnerable code snippets for the audience which he collected from Twitter and LinkedIn.
Starts at Saturday April 22 2023, 10:30 AM. The sessions runs for about 1 hour.