Static Code Analysis - A Behind-the-scenes Look • Arno Haase • GOTO 2022 скачать в хорошем качестве
Static Code Analysis - A Behind-the-scenes Look • Arno Haase • GOTO 2022
2 years ago
GOTO
GOTOcon
GOTO Conference
GOTO (Software Conference)
Videos for Developers
Computer Science
Programming
Software Engineering
GOTOpia
Tech
Software Development
Tech Channel
GOTOams
GOTO Amsterdam
Arno Haase
Contrast Security
Serverless
Security
Static Code Analysis
Code Analysis
Byte Code
Identifier
Command-line
Command-line Tools
Скачать видео с ютуб по ссылке или смотреть без блокировок на сайте: Static Code Analysis - A Behind-the-scenes Look • Arno Haase • GOTO 2022 в качестве 4k
У нас вы можете посмотреть бесплатно Static Code Analysis - A Behind-the-scenes Look • Arno Haase • GOTO 2022 или скачать в максимальном доступном качестве, видео которое было загружено на ютуб. Для загрузки выберите вариант из формы ниже:
-
Информация по загрузке:
Скачать mp3 с ютуба отдельным файлом. Бесплатный рингтон Static Code Analysis - A Behind-the-scenes Look • Arno Haase • GOTO 2022 в формате MP3:
Если кнопки скачивания не
загрузились
НАЖМИТЕ ЗДЕСЬ или обновите страницу
Если возникают проблемы со скачиванием видео, пожалуйста напишите в поддержку по адресу внизу
страницы.
Спасибо за использование сервиса ClipSaver.ru
Static Code Analysis - A Behind-the-scenes Look • Arno Haase • GOTO 2022
This presentation was recorded at GOTO Amsterdam 2022. #GOTOcon #GOTOams http://gotoams.nl Arno Haase - Principal Engineer at Contrast Security ABSTRACT There is a wide range of tools to analyze program code and provide feedback on it - linters, IDE inspections, scanners to find bugs, check coding style or find vulnerabilities. This session takes a technical look behind the scenes, exploring how these tools work and what challenges they face. Besides being fun to dive into, this may even help understanding the strengths and limitations of specific tools [...] TIMECODES 00:00 Intro 01:03 File & text utilities 01:48 Challenge: Cross referencing 02:33 Abstract syntax tree 03:47 Which identifier refers to what? 05:33 Explicit support for all language features 06:26 Byte code 07:15 Which is the better choice? 08:35 Tracking flows 10:15 Assignment 11:00 Propagators 12:18 Conditional flows 14:24 Combinatorial explosion 16:08 Merging 16:53 Combinatorial explosion - Revisited 17:34 Merging - Limitations 18:37 Loops 20:15 Impossible to be precise 20:44 Function calls 21:40 Recursion 22:26 Virtual method calls 24:05 Call graph 26:33 Flow sensitivity 27:48 Aliasing 29:57 Framework / Library knowledge 31:58 Identifying unique findings 33:38 Quality of results 34:49 Levels of sophistication 35:58 Summary 37:10 Outro Download slides and read the full abstract here: https://gotoams.nl/2022/sessions/2016 RECOMMENDED BOOKS Gerardus Blokdyk • Static Code Analysis Strategy A Complete Guide • https://amzn.to/3pyZZFl Eric Miller • Static Code Analysis for Security • https://amzn.to/3dNBj9G William Shotts • The Linux Command Line • https://amzn.to/3kpLbrl Blum & Bresnahan • Linux Command Line and Shell Scripting Bible • https://amzn.to/3kn4j9s / gotocon / goto- / gotoconferences #Serverless #Security #StaticCodeAnalysis #CodeAnalysis #Programming #Commandline #CommandlineTools #Identifier #ByteCode #FlowSensitivity Looking for a unique learning experience? Attend the next GOTO conference near you! Get your ticket at https://gotopia.tech Sign up for updates and specials at https://gotopia.tech/newsletter SUBSCRIBE TO OUR CHANNEL - new videos posted almost daily. https://www.youtube.com/user/GotoConf...
Comments
