ShiftLeft @ RSA
Hunt bugs, detect malware, and win some snacks!
Are you going to the RSA conference coming up on May 17th to 20th? If so, come join us in talks, workshops, and our developer challenge! Here’s what we are up to at RSA and RSA DevOpsConnect.
Bug Hunting Workshop
Look out for a hands-on lab with me and Suchakra, where we will discuss how code can be represented in a graph, which can then be queried interactively to find bugs. We will show you how to use the open-source tool Joern to hunt for vulnerabilities using interactive static analysis: https://www.rsaconference.com/Library/presentation/USA/2021/findings-stranger-things-in-code.
Time: 3:25 PM to 5:00 PM (EDT), May 20th, 2021.
Malware Detection Talk
Chetan Conikee, CTO at ShiftLeft, will be presenting on how to detect malware and insider attacks in your source code. Insider threats are one of today’s most challenging cybersecurity issues. They are also one of the most challenging attack models to deal with in practice and not well addressed by popular security solutions.
In this talk, Chetan will walk through a live forensic code auditing exercise of the Solorigate supply chain insider attack: SUNBURST, SUPERNOVA, and SUNSPOT. He will also discuss malware detection techniques in the early phases of SDLC Software Development Lifecycle.
Time: 6:30 PM to 7:00 PM (EDT), May 20th, 2021.
How to develop with both speed and security?
Finally, Kit Wetzler and Prabhu Subramanian will be presenting on how developing fast and developing securely doesn't have to contradict.
The demand for engineering security into applications and for automating vulnerability discovery increases with our fast-paced development environment today. The ability to statically identify vulnerabilities comprehensively, efficiently, and with few false positives is an important primitive to achieve. In this presentation, Kit and Prabhu will show you how this can be achieved.
Time: 2:45 PM to 3:00 PM (EDT), May 20th, 2021.
Challenge yourself, and win some prizes!
Finally, we will be hosting a booth at the conference (Booth link TBD) on May 19th, where we will be holding a developer security challenge. Stop by our booth to test your skills! Anyone who answers correctly will be entered into a raffle for three SnackMagic boxes!
See you there! Developer-first from the start, ShiftLeft is the code security platform developers love. Powered by our unique Code Property Graph (CPG) technology, the ShiftLeft CORE platform combines static analysis, secrets detection, intelligent SCA, and security education in one easy-to-use solution. Visit us here to find out more:
Thanks for reading! What is the most challenging part of developing secure software for you? I’d love to know. Feel free to connect on Twitter @vickieli7.
ShiftLeft @ RSA was originally published in ShiftLeft Blog on Medium, where people are continuing the conversation by highlighting and responding to this story.
*** This is a Security Bloggers Network syndicated blog from ShiftLeft Blog - Medium authored by Vickie Li. Read the original post at: https://blog.shiftleft.io/shiftleft-rsa-8961f8f85cd2?source=rss----86a4f941c7da---4
