Skip to main content
Wednesday, June 5, 2013 - 3:45pm - 5:00pm

Hybrid Security Analysis: Bridging the Gap between Inside-Out and Outside-In

With the rising adoption of the cloud and the mobile revolution, software security is more important and complex than ever. The efforts of developers and testers are frequently disconnected, wasting time and reducing effectiveness. Arthur Hicken describes how hybrid security analysis bridges the gap between static analysis and penetration testing by detecting security vulnerabilities with unprecedented accuracy—and few false positives. Testers receive an instant assessment of where security attacks actually penetrated the application. Unlike traditional penetration testing, this pinpoints where attacks really succeeded—not just areas that may be vulnerable to attack. Hybrid analysis involves running penetration attack scenarios against existing functional test scenarios, monitoring the back-end to determine whether security is actually compromised, and correlating source code with the failed tests so you can trace each error to a particular requirement. Learn the drawbacks of static analysis and penetration testing—and how to turn these drawbacks into strengths.

Arthur Hicken, Parasoft

Arthur Hicken has been involved in automating various practices at Parasoft for more than twenty years. He has worked on projects including database development, the software development lifecycle, web publishing and monitoring, and integration with legacy systems. Arthur has worked with IT departments in companies including Cisco, Vanguard, and Motorola to help improve their software development practices. He has developed and conducted numerous technical training courses at Parasoft.

read more