Loading…
This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
View analytic
Thursday, October 13 • 11:00am - 11:10am
Lightning Talk - LANGSEC 101: Taking the Theory Mainstream

Sign up or log in to save this to your schedule and see who's attending!

LANGSEC has been a promising yet heady topic on the fringes of AppSec for several years, and its ready for a mainstream debut. Heard about LANGSEC but don't know what it is or whether you should use it? Programming languages are getting more powerful and capable, burdening developers and security professionals alike. LANGSEC attempts to solve vulnerability classes that arise from user input unintentionally changing the expected behavior of an application. 

This session provides an easy-to follow introduction to the LANGSEC philosophy, and is geared towards those with no prior experience building parsers or understanding of formal language theory. Attacks that can be addressed with the effective implementation of LANGSEC include:

- Cross-site scripting (XSS) 
- SQL Injection 
- Command Injection 
- Format String 
- Stack Overflow 
- Heap Overflow
- File Inclusion 

Nobody wants these vulnerabilities in their code. This session will begin by pointing out the flaws and limitations of any application security model that is dependent on traditional techniques that rely on signatures, definitions, pattern-matching, regular expressions or taint analysis. Once solely the obscure domain of compiler geeks, Language Security, a.k.a. LANGSEC, is a completely different approach and has gained increasing momentum as a much more thorough, robust way to implement application security.

Speakers
avatar for Kunal Anand

Kunal Anand

Co-founder and CTO, Prevoty
Kunal Anand is the co-founder and CTO of Prevoty, a runtime application security platform. Prior to that, he was the Director of Technology at the BBC Worldwide, overseeing engineering and operations across the company’s global Digital Entertainment and Gaming initiatives. Kunal also has several years of experience leading security, data and engineering at Gravity, MySpace and NASA’s Jet Propulsion Laboratory. His work has been... Read More →


Thursday October 13, 2016 11:00am - 11:10am
Room C

Attendees (36)