Do You Speak My Language? Make Static Analysis Engines Understand Each Other
This presentation will introduce a novel but generic framework to exchange taint information between two or more static analysis systems and how that can be used to perform cross-language, cross-repo taint-flow analysis. It will showcase how this has been implemented inside Facebook and used at scale by Facebook’s security team to detect critical security vulnerabilities spanning multiple codebases. During the presentation, we will show examples of the actual vulnerabilities where the data flow crosses from one language to another....
By: Ibrahim Elsayed & Manuel Fahndrich
Full Abstract & Presentation Materials:
#do-you-speak-my-language-make-static-analysis-engines-understand-each-other-22797
1 week ago 00:02:56 1
1 week ago 00:03:48 75
1 week ago 00:02:19 1
2 weeks ago 00:04:07 3
2 weeks ago 00:25:49 1
2 weeks ago 01:04:01 1
2 weeks ago 00:03:23 3
2 weeks ago 00:04:34 1
2 weeks ago 00:06:38 1
2 weeks ago 02:02:00 2
2 weeks ago 00:03:59 1
3 weeks ago 00:01:05 1
3 weeks ago 00:36:24 1
3 weeks ago 00:02:47 4
3 weeks ago 00:03:09 5
3 weeks ago 00:02:46 20
3 weeks ago 00:06:36 1
3 weeks ago 00:04:49 1
4 weeks ago 02:19:02 10
4 weeks ago 00:03:26 2
![Benny Benassi presents The Biz - No Matter What You Do [Official Video]](https://sun9-4.userapi.com/c628729/u895675601/video/l_d3a6d848.jpg)
4 weeks ago 00:03:02 2
4 weeks ago 00:38:45 4
4 weeks ago 00:27:55 1
1 month ago 00:09:41 3
