He occasionally participates in CTF competitions, and was a member of BambooFox / TSJ CTF team, participating in DEFCON, HITCON and other international CTF competitions. He is currently working as a Product Developer in Synology's Security Incident Response Team.
In this talk, we will explore the core concepts and goals of Security Code Review and share how Synology systematically detects security issues. We will introduce the technical details of Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST), including text search, semantic search, code analysis tools and fuzz testing.
We hope that these examples will help the audience to have a more intuitive understanding of the testing techniques, and at the same time enhance the audience's knowledge of code security, so that they can utilize what they have learned to more effectively protect the security of their products and services.
CYBERSEC 2024 uses cookies to provide you with the best user experience possible. By continuing to use this site, you agree to the terms in our Privacy Policy 。