Software is the front line of many cyberassaults. Modern tools and techniques can help assure users that deployed software cripples, not enables, cyberassaults. This presentation compares the strengths of static analysis with dynamic analysis.
This presentation also reports outcomes and conclusions of the Static Analysis Tool Exposition (SATE) 2009, which concluded in November 2009. Eight SATE participants ran tools on a test set of computer programs in C and Java. For instance, how do tools perform in detecting Common Weakness Enumeration (CWE) vulnerabilities? Plans for SATE 2010 will be announced.
|
