Think like a Hacker: How to Get ahead of Zero Days.

Presented by

Josh Thorngren, VP Marketing, ForAllSecure, Inc.

About this talk

As engineering teams move faster and faster, we’ve seen application security “shift left” - with testing done earlier and earlier in the development lifecycle. But the way teams test hasn’t changed - we’re still in a land of false positives, vetting applications against known vulnerabilities, and bracing ourselves for emergency patching when the next zero day hits. By thinking like a hacker when testing applications - you can automatically find exploitable vulnerabilities and fix them while your code is still in development -- giving you stronger security while also increasing velocity In this talk, we’ll discuss: The benefits (and limitations) of current approaches to application security Balancing security and development velocity - how to build win/win scenarios Setting realistic targets for application security programs based on known risks Adopting a hacking mindset to help developers increase velocity and security both Using techniques like fuzzing and symbolic execution to ‘hack’ your applications in your own development pipeline
Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (10)
Subscribers (1493)
ForAllSecure introduces Mayhem, an advanced fuzz testing solution, that continuously uncovers defects at unprecedented speed, scale, and accuracy.