Static program analysis for software security

The goal of security testing is to discover vulnerabilities in software, as well as estimate risks and offer remediation. Security experts strive to “shift left” - set up security testing as early in the development cycle as possible. Find a critical vulnerability in the application during the build stage and stop it from being released? Great! Find a vulnerability introduced by a pull request and stop it from being merged in the first place? Even better! Static program analysis techniques offer fast and precise solutions for security testing. They are unburdened by heavy runtimes and finicky environment setups, enabling shifting left. Static Application Security Testing (SAST) involves scanning the source code of the application in search of vulnerabilities such as SQL injections, Cross-Site Scripting, and others. Software Composition Analysis (SCA) involves scanning the build setup of the application in search of known vulnerable third-party dependencies. These and other types of security testing are provided by platforms like Snyk (https://snyk.io). In this talk we look at how Snyk implements them using static program analysis.

Guest lecture at Utrecht University for a class of computer science students. Slides: https://docs.google.com/presentation/d/1OCiVSozma5U3OVtbqN20oXvYhf94uRFrZHy2E6QpLI4/edit?usp=sharing