Unlocking Open Source Security: Efficient Vulnerability Detection with CodeQL
2024-09-28 , Murray-Fitzroy

Unlock your capabilities in open source security research by leveraging CodeQL for vulnerability discovery. This 1-day training session will explore CodeQL as a powerful Static Application Security Tool (SAST), guiding you through the development of custom queries to identify known vulnerable code patterns in software.

Learn to maximize your security research efficiency with Variant Analysis Campaigns on GitHub, enabling you to scan multiple code repositories simultaneously with your custom rulesets, all for free on open-source software. Gain insights on refining your queries and conducting differential analysis to uncover previously undetected vulnerabilities.

Attendees will leave this session equipped with practical skills to enhance their security research using CodeQL, transforming how they detect and address vulnerabilities in open-source software.

Josh Brown is a Senior Security Engineer at Microsoft with a robust background in Application Security, Penetration Testing, and Static Analysis. Whilst wielding the OSCP and OSWE certifications, Josh has fortified the security of major organizations working under ANZ, Australia Post, EY, and Microsoft.