PHDays video




Static Code Analysis in the SSDL Context

Want to visit   +26

Author: Ivan Yolkin

The fast track talk will present successful cases of implementation of Static Analysis Security Tool for QIWI and the difficulties that developers have faced. Whether to use a duct tape or code refactoring? A customer and a developer: what to do when opinions differ? The speaker shares his experience and tells how many lines of code he had to read and write before running the scanner. He will also provide an overview of vulnerabilities that were discovered and missed.

  • Language
  • Russian

An application security expert at QIWI, a web and mobile technologies researcher, and a full-stack developer who prefers to keep the code pure, comprehensible, and secure.

Ivan Yolkin Ivan Yolkin

Back to the list