Explore a conference talk from AppSecUSA 2014 that delves into dynamic source-sink analysis for Java applications. Learn about a project that originated from a challenge at AppSec EU in Hamburg, demonstrating log manipulation detection on the command line. Discover how this proof-of-concept evolved into a tool aimed at helping developers identify security vulnerabilities through live source-sink analysis. Understand the project's dependency on code coverage and its intended use in non-production environments. Gain insights from Steven van der Baan, a Principal Consultant at 7Safe, as he shares his expertise in security consulting, software architecture, and Java development.
Dynamic Source-Sink Analysis for Java Applications - From the Ground Up