Visible to the public How to find and fix software vulnerabilities with coverity static analysis

TitleHow to find and fix software vulnerabilities with coverity static analysis
Publication TypeConference Paper
Year of Publication2016
AuthorsBaloglu, B.
Conference Name2016 IEEE Cybersecurity Development (SecDev)
Keywordscomposability, computer security, Conferences, Cross Site Scripting, Human Behavior, IEEE 802.11 Standard, pubcrawl, Real-time Systems, Resiliency, Software, Virtual machining
AbstractSummary form only given, as follows. The complete presentation was not made available for publication as part of the conference proceedings. This hands-on workshop will combine minimal instruction with strong hands-on emphasis on practical lab exercises for attendees to practice the topics covered - the expected duration will be 90 minutes. The hands-on labs will give attendees the opportunity to run real-time Coverity analysis on a number of given codebases, to find vulnerabilities in both (a) and (b) categories (buffer overruns, cross-site scripting XSS, SQL Injections etc. with actionable advice on approaches and options to eliminate them The workshop attendees will be given access to their own dedicated virtual machines in our cloud-based lab platform. The VMs will be pre-configured with all the necessary software and sample codebases. Participant should bring their laptops with Wi-Fi network card, and a contemporary browser, such as Chrome, IE, FF, Safari or similar with HTML5 support, which they should run to validate compliance with our pre-check test. At the session start, attendees will be provided with access codes to remotely connect to their virtual lab machines using the Wi-Fi connectivity provided by the IEEE Sec Dev 2016 Conference.
Citation Keybaloglu_how_2016