Threat Analysis & Modeling Tool - TAM 3.0
Play Architecture Behind CAT.NET
Description
Ben Livshits, from Microsoft Research, talks about the architecture behind
CAT.NET, which is a static analysis tool on Visual Studio that helps find vulnerabilities like SQL Injection, CSRF, XSS among others, within managed code.
Ben’s knowledge on static and dynamic dataflow analysis made him a key contributor on the creation of CAT.NET. He walks us through different examples of how the data analysis happens depending on complexity and explains how precision varies.
Learn more about
Microsoft Information Security Tools.
www.msinfosec.com
Download
Right click or Alt+Enter to download this episode
- High Quality WMV (124.5 MB)
- MP3 (8.1 MB)
- Low Quality MP4 (74.2 MB)
- Mid Quality WMV (143.8 MB)
- WMV (193.0 B)
More episodes in this series
SQL Detect
Related episodes
Anti-XSS 3.0 Released
Threat Modeling LOB Applications with TAM 3.0
SQL Detect
Threat Analysis & Modeling Tool - TAM 3.0
Technical Preview for CAT.NET 2.0
SDL-LOB Phase 3: Implementation
Security Design Reviews
Anti-XSS Library v3.1: Find, Fix, and Verify Errors
Using the Code Analysis Tool (CAT.NET 2.0) to Identify Security Vulnerabilities
Silverlight 2 Security
