3022: Static and dynamic security testing: exploring better together

Document created by tinacostilla on Sep 14, 2012Last modified by tinacostilla on Jul 8, 2014
Version 2Show Document
  • View in full screen mode

3022

Static and dynamic security testing: exploring better together

Speakers: Brian Miller, HP and Jeremy Brooks, HP

In the realm of automated application security testing there are two techniques that dominate: static code analysis and dynamic analysis. Most security organizations gravitate toward one type of technology or the other, but is this ideal? This presentation and accompanying research is focused on answering the following questions: is there value in using both technologies?  When is it appropriate to use one technology or the other?  How do these technologies apply to the various security stakeholders?

 

 

Attachments

Outcomes