Loading…
Thank you for joining us at our 20th Anniversary Event! All sessions were recorded and will be posted in the coming weeks on the OWASP YouTube channel.

We have been working hard to secure the world through challenges and discovery. And now, it’s time to celebrate! Many of you have played a crucial role in the Foundation’s enduring history, and we encourage you to participate in the celebration coming this September! Our theme, Securing the Next 20 Years, is encouraging and exciting as we look ahead to the next 20 years!

Join us for FREE at this live 24-hour global event as we honor the past, celebrate the present, and embrace the future of OWASP and cybersecurity. Hear from world-renowned keynotes and special speakers, and network with your peers. It is FREE to attend, however, registration IS required, to gain access to the session links.

Back To Schedule
Friday, September 24 • 2:30pm - 3:00pm
Automated Finding Correlation where do SAST, DAST and IAST overlap

Log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Abstract:
Did you ever wonder what is the overlap between different scanning technologies? why should you use few different technologies, and is there a single technology to rule them all?
Well, we did wonder about this exact topic and decided to once and for all find an answer.
We knew that the information included in an IAST finding can be used to uniquely identify issues reported by DAST and SAST. We have built an automated correlation service that goes over vulnerabilities reported by the three technologies and automatically matches findings.
In this session, you will learn about our findings. Did we find a significant overlap? which issue types are more common to be detected by one technology over the other? and is there one technology to rule them all?
You will also learn about the value such correlation brings, whether you are a developer or security expert, and how using more technologies can actually reduce your work and shorten the time for remediation.

Speakers
avatar for Ran Klein

Ran Klein

Product Manager, HCL Technologies
Ran has started his professional journey in the IDF Unit 8200. Since then, he has had the opportunity to act as a developer, product manager, and entrepreneur in cyber and analytics domains. Today Ran is leading AppScan's IAST technology both as a stand-alone AST solution and as a... Read More →
avatar for Eitan Worcel

Eitan Worcel

Head of Product, AppScan, HCL
Eitan has nearly 15 years of experience in Application Security, both as a developer and as a product manager in HCL AppScan's product suite. He has worked with a wide range of customers, assisting them in their quests to build secure web applications. Eitan now leads HCL AppScan’s... Read More →


Friday September 24, 2021 2:30pm - 3:00pm EDT
On-Line