Loading…
The Open Web Application Security Project (OWASP) Los Angeles Chapter has teamed up with the Orange County, Inland Empire, San Diego, and San Francisco Bay Area chapters to bring you another great AppSec California. Join us and your peers for amazing talks and networking on January 22-25, 2019!
Thursday, January 24 • 1:15pm - 1:50pm
ShiftLeft Ocular: The Google Maps for Auditing Your Code

Sign up or log in to save this to your schedule and see who's attending!

Feedback form is now closed.
Ocular is a code exploration product with powerful code querying capabilities for Java, C#, and C/C++. Similar to the way Google Maps provides an overview of the geography and routes to nearby destinations, Ocular helps navigate your code, understand how data flows from component to component, and ultimately, uncover flaws and security vulnerabilities.

In this webinar, we give an introduction to Ocular's capabilities, showing how it can be used to understand the structure of your code, the way it interfaces with other components, and finally, scan for application-specific vulnerability patterns. These patterns can take into account the context the application runs in, the business logic, and the pitfalls of custom libraries and frameworks. This provides code auditors & reviewers with the ability to tune powerful static analysis primitives to the needs of their code bases, which stands in stark contrast to the ineffective one-size-fits-all offerings that classic static analyzers provide. We will introduce you to the concept of query-based code analysis, show you how to download and install the Ocular trial version, demo its main capabilities, and finally show you how we uncovered previously unknown vulnerabilities in open source components with Ocular.


Speakers
avatar for Dr. Fabian Yamaguchi

Dr. Fabian Yamaguchi

Chief Scientist, ShiftLeft Inc.



Thursday January 24, 2019 1:15pm - 1:50pm
Garden Terrace Room