This presentation describes the technologies behind advanced static and dynamic vulnerability analysis tools.
A novel approach to finding logical errors using a dynamic and static analysis tool recognizes the assumptions made during development and tries to find a code flow path that invalidates them.
Live demonstrations will show that these new approaches are no longer purely theoretical. In practice, even the best tools won’t make security problems go away. We conclude with a discussion of new ways to ensure that bugs get fixed before it’s too late.