Developing a Proof-of-Concept Toolset for Software Vulnerability Analysis Using Hybrid Static and Dynamic Analysis
Deakin University and Monash University
An integrated web application vulnerability scanner to assess code during development as well as execution:
- Signature-driven analysis
- Improving identification of vulnerabilities through correlation of findings
- Identification of root causes for vulnerability resolution
The project will develop a security analysis toolset for software focusing on reducing both false positives and false negatives. The tool will enable IT professionals to conduct advanced security analysis of software on-premise or hosted in the Cloud that has been purchased, developed in-house or outsourced.