David Lindsay leads Coverity's Security efforts as a Senior Product Manager. In this role, David focuses on understanding the security industry market, researching industry trends, and helping to improve Coverity's static analysis capabilities. David is also a co-author of the book Web Application Obfuscation and is a frequent speaker at security conferences including Blackhat, Bluehat, and OWASP AppSec Research. David graduated from the University of Utah with a Masters degree in Mathematics. After this, he spent many years as an application security engineer and consultant specializing in threat modeling, penetration testing, architecture analysis, cryptography, and web application vulnerabilities.
Static analysis is often treated like an ancient form of alchemy when it comes to modern development practices. In reality though, static analysis can be a powerful tool when it is understood and wielded properly. This presentation will demystify the inner workings of a modern static analysis engine, show you the ugly defects you can slay with static analysis, and set you on the path to effectively level up your coding skills.