Week 2 - Dynamic and Static Analysis
As software progresses in security measures and capabilities, so do the threats and risks to said software being developed. Software vulnerabilities themselves are discovered by attackers who seek to find flaws in the code/development of the software. 2 of the common software vulnerability detection methods that are used are static and dynamic analysis.
Static analysis is a technique that is meant to help identify software defects or security violations that are being carried out by looking through the code without executing the program itself. Meaning, all of the raw development process that went into making the code is reviewed. The static analysis itself is done by using tools that help developers look into the code itself. Then there is code review, which is manual inspection of the code by humans. Static is an automated process, which means that security staff can quickly go through the source code to look for vulnerabilities
Dynamic Analysis is a method that requires a sandbox environment to execute malware. This sandbox environment creates what would be a real operating system to run the software and provides things like file access, network interface, memory, and various other components. Each request is carefully documented to establish a timeline of behavior that enables us to understand what it does. The appeal of dynamic analysis is that it is usually much faster and doesn't require as much expertise. It also helps in cases where code is much more complicated when its harder to interpret.
Comments
Post a Comment