Vickie Li is the resident developer evangelist at ShiftLeft. She is an experienced web developer with an avid interest in security research. She can be found on https://vickieli.dev, where she blogs about security news, techniques, and her latest bug bounty findings. She also hosts “Security Simplified”, a developer education series focusing on web security: https://www.youtube.com/c/vickielidev.
Developer EvangelistWhat is your company/affiliation(s)? –
ShiftLeftWebsite (full URL) – Twitter account (full URL) – LinkedIn profile (full URL) –
Bug hunting needs to scale in speed and accuracy as agile software development methods take over the world. While existing tools for static analysis code scanning are effective, the ability to customize security scanning to the context of applications is becoming increasingly important given the vast quantity and diversity in modern code. In this lab, we will demonstrate how we can use the open-source framework Joern (https://joern.io) to create a custom static code analyzer.