A Graph-Based Approach to Hunting Zero Day Vulnerabilities in DevOps Pipelines

Traditionally, zero-day vulnerabilities are discovered using patterns in code analysis during development or by conducting penetration testing in runtime environments. However, both approaches require heavy manual efforts and are far too slow to be a part of DevOps pipelines. Traditional code analysis methods are inaccurate, and pentesting is constrained by time and testers’ varying skill levels. Hence, most (if not all) releases are pushed to production without comprehensive security checks.

A graph-based approach can help deliver the holy grail of modern AppSec: Accurate and comprehensive security testing that is automated in the DevOps pipeline.

Join ShiftLeft CTO, Chetan Conikee, to learn how to accurately and comprehensively find vulnerabilities at the speed of DevOps.

This webinar will cover:

  • Extracting an application’s Security DNA with The Code Property Graph
  • Querying the Code Property Graph to identify attack surface of application
  • How to hunt zero-day vulnerabilities
  • Automating your policy checks

Presenter of the Webinar

Chetan Conikee