International PHP Conference
The Conference for PHP and Web Development

Automated Detection of Complex Vulnerabilities with Static Code Analysis

Until Conference starts:
✓ 2 in 1 conference package
✓ Group Discount
Register now
Bis Konferenzbeginn:
✓ 2-in-1-Konferenzpaket
✓ Kollegenrabatt
Jetzt anmelden
Thank you for attending
✓ See you in 2023
Danke für Ihre Teilnahme
✓ Wir sehen uns in 2023
Tuesday, October 25 2022
11:45 - 12:45

With the ever-growing threat of data and compliance breaches, the security of web applications and APIs is business critical. The Sonar ecosystem enables developers to Clean Code by automatically detecting code quality and security issues during development. Security issues are typically very complex and detecting them is technically significantly more challenging than the detection of everyday code quality issues. In this talk, we talk about the techniques used behind the scenes to automatically detect such vulnerabilities. In particular, we will present a technology known as symbolic analysis, a sophisticated type of taint analysis that can detect vulnerabilities even in complex and large applications, yet remains reasonably efficient. We will focus on vulnerabilities often found in PHP applications and talk about how to solve some of the challenges encountered in this context.

Take me to the full program of Zum vollständigen Programm von Munich München .

This Session belongs to the Diese Session gehört zum Programm vom MunichMünchen program. Take me to the program of . Hier geht es zum Programm von Berlin Berlin .

This Session Diese Session belongs to the gehört zum Programm von MunichMünchen program. Take me to the current program of . Hier geht es zum aktuellen Programm von Munich München or oder Berlin Berlin .

Stay tuned!

Register for our newsletter

Behind the Tracks of IPC

PHP Core
Best practices & applications

Web Development
Broader web development topics

Quality & Security
More about software quality &

Agile & People
Getting agile right is so important

Software Architecture
All about PHP frameworks, concepts &

DevOps & Deployment
Learn about DevOps and transform your development pipeline

Content Management Systems
Sessions on content management systems

#slideless (pure coding)
See how technology really works

Web Security
All about
web security