We can't find the internet
Attempting to reconnect
Something went wrong!
Hang in there while we get back on track
Application Security: Inside Out • Simon Corlett • GOTO 2023
Explore the power of Interactive Application Security Testing (IAST) to improve vulnerability detection, accuracy, and workflow, with benefits including reduced false positives, enhanced security, and improved productivity for developers.
- Legacy security tools create pain points, such as slow scans and broken feedback loops.
- Interactive Application Security Testing (IAST) approaches the problem from a different perspective by injecting agents inside the app.
- IAST can detect vulnerabilities in real-time and provide accurate findings, unlike DAST tools which often create false positives.
- IAST tools can be used to monitor applications from the inside out, providing a more accurate and comprehensive view of vulnerabilities.
- Using IAST can help shift security left, ensuring that developers can focus on creating high-quality, secure code without compromising their pace.
- IAST tools can also be used to detect and block attacks in production, reducing the risk of vulnerabilities being exploited.
- The accuracy of IAST tools is improved by using sensors inside the app to monitor traffic and flow of data.
- IAST tools can be tailored to specific languages and frameworks, such as Java, .NET, Node, Ruby, Python, Go, PHP, and Kotlin.
- IAST tools can be used to reduce the number of false positives and provide a clearer view of vulnerabilities, allowing developers to focus on fixing real issues.
- Using IAST tools can help improve the flow of work for developers, reducing the time spent on security testing and improving overall productivity.
- IAST tools can be used to monitor and track vulnerabilities in real-time, providing a more accurate view of security issues.
- IAST tools can help improve the accuracy of security tooling, reducing the number of false positives and providing a clearer view of vulnerabilities.
- Using IAST tools can help improve the feedback of security testing, providing developers with a more accurate view of vulnerabilities and allowing them to focus on fixing real issues.
- IAST tools can be used to monitor and track vulnerabilities in real-time, providing a more accurate view of security issues.