A Static Tainting Analysis Method for Aspect-Oriented Programs
Evan H. Dygert at AppSec USA 2017
Many web applications contain security vulnerabilities that enable attackers to access sensitive data or gain control of client computers or the servers on which those applications are running. These vulnerabilities are caused by web applications failing to correctly sanitize input data and to safely format output data. Many tools and techniques have been created to detect and correct these problems in web applications written using widely-used programming languages such as PHP and Java but little has been done to address vulnerabilities in web applications written using aspect-oriented languages such as AspectJ. This presentation will introduce a new method of detecting potential vulnerabilities in aspect-oriented web applications.
Speakers
Evan H. Dygert
President, Dygert Consulting, Inc.
Evan Dygert is a consultant (Dygert Consulting, Inc.) with over 30 years of experience in software development in areas including compilers, databases, finance, insurance, computer networking and security, and software security.
Speakers
Evan H. Dygert
President, Dygert Consulting, Inc.
Evan Dygert is a consultant (Dygert Consulting, Inc.) with over 30 years of experience in software development in areas including compilers, databases, finance, insurance, computer networking and security, and software security.