This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
View analytic
Thursday, October 25 • 3:00pm - 3:45pm
I>S+D! - Interactive Application Security Testing (IAST), Beyond SAST/DAST

Sign up or log in to save this to your schedule and see who's attending!

Until recently, SAST/DAST dominated the application security testing market, each with its own pros and cons. We present IAST, a completely new approach - analyzing code execution, memory and data in runtime, allowing for accurate inspection of the application. We will discuss IAST technology (introduced into the 2011 Hype Cycle) compared with DAST/SAST, and the benefits it provides.

The goal of the talk is to examine and discuss technological concepts rather than specific products or solutions, and includes a technical drill-down into the technology specifics. The talk will begin by presenting the standard IAST building blocks and their benefits, and continue by showing advanced IAST data analysis capabilities, which allow for a deeper analysis of the application and its business logic. The presentation will include practical samples (including code!) of how IAST can be used to accurately detect both simple and complicated vulnerabilities, including SQL Injection, Parameter Tampering, Persistent XSS, CSRF, and more…


Ofer Maor

CTO, Quotium
Ofer Maor has over sixteen years of experience in information security, and is a pioneer in the application security field. He has been involved in leading research initiatives, has published numerous papers, appears regularly at leading conferences and is considered a leading authority by his peers. He also currently serves as the Chairman of OWASP Israel and a member of the OWASP Global Membership Committee. In his current role as Founder... Read More →

Thursday October 25, 2012 3:00pm - 3:45pm
Gemalto Room - Hill Country C Hyatt Regency Austin, 208 Barton Springs Road, Austin, TX, 78704

Attendees (24)