Secucheck: Building a Configurable Taint Analysis
SecuCheck is a taint analysis built on top of the Soot framework. The tool is designed to assist software developers in detecting security vulnerabilities during development time within the IDE. To enable configurability, the tool provides an internal Java domain-specific language (DSL), called fluentTQL. In this talk, I will share insights from our experience in creating a MagpieBrigde instance for SecuCheck. In particular, I will focus on the integration of fluentTQL and the configurability of the analysis through the creation of HTTP pages supported by MagpieBridge.
Tue 7 JunDisplayed time zone: Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna change
11:00 - 12:30
|Secucheck: Building a Configurable Taint Analysis|
Goran Piskachev Fraunhofer IEMFile Attached
|Experience From Integrating Secucheck-Kotlin Into IDE|
Ranjith Krishnamurthy Fraunhofer IEMFile Attached