The Power of Static Analysis: Strengthening Application Security from Code Scrutiny, Josh Goldberg - ASW #233

Application Security Weekly (Audio)

English - March 21, 2023 17:30 - 1 hour - 177 MB - ★★★★★ - 11 ratings
Technology News Tech News devops sdlc applicationsecurityweekly appsec decryption devsecops Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed

Previous Episode: ASW #232 - Josh Grossman

Next Episode: AI in Production: Unveiling Use Cases, Security Risks, and Real-Life Experiences, Frank Catucci - ASW #234

Static analysis is the art of scrutinizing your code without building or running it. Common static analysis tools are formatters (which change whitespace and other trivia), linters (which detect likely best practice and style issues), and type checkers (which detect likely bugs). Each of these can aid in improving application security by detecting real issues at development-time.

Segment Resources:

https://typescript-eslint.io https://eslint.org https://blog.joshuakgoldberg.com

Outlook can leak NTLM hashes, potential RCE in a chipset for Wi-Fi calling in phones (and autos!?), the design of OpenSSH's sandboxes, more on the direction of OWASP, celebrating 25 years of Curl.

Visit https://www.securityweekly.com/asw for all the latest episodes!

Like us on Facebook: https://www.facebook.com/secweekly

Show Notes: https://securityweekly.com/asw233

Twitter Mentions

@secweekly