GrammaTech VP Dr. Paul Anderson to Present at embedded world 2021 DIGITAL | #conferences2021 | #cybersecurity | #conference


BETHESDA, Md.–(BUSINESS WIRE)–GrammaTech, a leading provider of application security testing products and software research services, today announced that its VP of Engineering Dr. Paul Anderson will present two sessions at embedded world 2021 DIGITAL, the world’s largest conference on embedded technologies and trends.

WHO:

Dr. Paul Anderson, VP of Engineering at GrammaTech, leads product engineering, and is responsible for the company’s full product portfolio. He is an expert in regulatory requirements and best practices for assuring software security and safety. He has served as Principal Investigator for SBIR Phase I and Phase II government research contracts for static analysis of machine code, program understanding and code rewriting. Dr. Anderson is a senior member of the Association for Computing Machinery (ACM).

 

 

WHAT:

 

“Finding the Serious Bugs that Matter with Advanced Static Analysis”

Wed, March 3, 2021 @ 4:15 PM

 

 

 

Embedded software that guides vehicle intelligence systems, ADAS, space exploration and guided missiles must be free from safety defects and security vulnerabilities. In this session, Dr. Anderson will explain why conventional static analysis tools being used to ensure compliance with coding standards such as MISRA, OWASP and CERT are unable to detect serious defects. He will discuss the need for a binary analysis that can extract deep, semantic meaning for finding hidden defects and vulnerabilities, and present real-world examples of bugs this approach can detect in production code that has passed style checking, manual review, and testing.

 

 

 

“Finding N-day Security Vulnerabilities in Third-party Software”

Fri., March 5, 2021 @ 2:30 PM

 

 

Developers are increasingly turning to commercial off-the-shelf (COTS) components to reduce cost and time to market for new applications and services. This third party code can introduce n-day vulnerabilities (for which a fix is available but hasn’t been applied) into applications, as happened with the Apache Struts vulnerability and the Equifax breach. It is difficult to detect since source code is often unavailable for testing. In this session, Dr. Anderson will explain how new Software Composition Analysis tools can identify n-days in binary components. He’ll take it under the hood to discuss how SCA uses sets of identification algorithms and machine learning to produce a software bill of materials (SBOM) and cross-check components against vulnerability databases to assess risk.

 

 

WHEN:

Wed, March 3, 2021 @ 4:15 PM – “Finding the Serious Bugs that Matter with Advanced Static Analysis”

 

 

 

Fri., March 5, 2021 @ 2:30 PM – “Finding N-day Security Vulnerabilities in Third-party Software”

 

 

WHERE:

embedded world 2021 DIGITAL. The embedded world conference is the world’s largest gathering of embedded experts who discuss key trends, new developments and solutions. Due to Covid-19, this year’s event will be entirely digital and will run from March 1-5, 2021.

 

 

HOW:

To register, visit https://www.embedded-world.de/en. To schedule a conversation with Dr. Anderson, contact Marc Gendron at marc@mgpr.net or +1 781.237.0341.

About embedded world 2021 DIGITAL

By experts for experts: The embedded world 2021 DIGITAL is where specialists gather to share knowledge. International exhibitors from around the world will present their products, new developments and solutions on the Internet-of-Things, hardware, software and systems engineering, safety and security, system-on-chip design, embedded vision, human-machine interaction, wired and wireless data transfer and autonomous systems. For more information, visit the conference website at https://www.embedded-world.de/en, and follow on Twitter, LinkedIn, and Facebook. Use hashtags #ew21 and #ew21DIGITAL.

About GrammaTech

GrammaTech is a leading global provider of application testing (AST) solutions used by the world’s most security conscious organizations to detect, measure, analyze and resolve vulnerabilities for software they develop or use. The company is also a trusted cybersecurity and artificial intelligence research partner for the nation’s civil, defense, and intelligence agencies. GrammaTech has corporate headquarters in Bethesda MD with a Research and Development Center in Ithaca NY. Visit us at https://www.grammatech.com/, and follow us on LinkedIn and Twitter.

CodeSonar® is a registered trademark of GrammaTech, Inc.





Original Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

34 + = 42