This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

OWASP Israel 2008 Conference Maty Siman

Jump to: navigation, search

Application Security - The code analysis way

From a security perspective, the source code plays a major role -most security vulnerabilities can be tracked back to their source code origin, and be fixed there.

Still, in the real world, frequently vulnerabilities in the code remain uncovered as it is difficult to manually perform a full and accurate code analysis - it requires hard to find resources and expertise. In this technical presentation we will go through unique source code examples that contain security flaws, and analyze together the vulnerabilities, what techniques can be used to find them and what are the best ways to fix.


Mr. Siman is a technology expert. He has been active in the IT industry for the past 12 years and has experience in software development, IT security and source-code analysis. Prior to founding Checkmarx, Mr. Siman worked for two years at the Israeli Prime Minister’s Office as a senior IT security expert and project manager. Prior to that he spent six years with the Israel Defense Forces (IDF), where he was elected for the STAR excellence program and taught several consecutive sessions of their prestigious application development course (Mamram). He established and led a development team in the Information Security Center (InfoSec) and completed military academy as an IT Security R & D Officer. He regularly speaks at IT security conferences and holds the highly regarded CISSP certification since 2003.