This presentation was recorded at YOW! 2018. #GOTOcon #YOW
yowcon.com
Gary McGraw - Vice President at Security Technology Synopsys ‪@garymcgraw9181‬
RESOURCES
www.garymcgraw.com
ABSTRACT
Software security defects come in two categories: bugs in the implementation and flaws in the design. In the commercial marketplace, much more attention has been paid to finding and fixing bugs than has been paid to finding and fixing flaws.
That is because automatically identifying bugs is a much easier problem than identifying design flaws. The IEEE Center for Secure Design was founded to address this issue head on.
My presentation will cover the IEEE CSD’s first deliverable by introducing and discussing how to avoid the top ten software security flaws. The content was developed in concert with Twitter, Google, Cigital, HP, Sadosky Foundation of Argentina, George Washington University, Intel/McAfee, RSA, University of Washington, EMC, Harvard University, and Athens University of Economics and Business.
During the talk, I will introduce and discuss how to avoid the top ten software security design flaws. It’s important, of course, to know that these flaws account for half of the defects commonly encountered in software security. But more important still is learning how to avoid these problems when designing a new system or revisiting an existing system.
RECOMMENDED BOOKS
John Viega & Gary McGraw • Building Secure Software • amzn.to/3VueY38
Gary McGraw • Software Security • amzn.to/3VQF6qp
Greg Hoglund & Gary McGraw • Exploiting Software • amzn.to/4bikdZK
/ gotocon
/ goto-
/ gotoconferences
#Security #OWASP #CyberSecurity #SecuirtyFlaws #SoftwareSecurity #ExploitingSoftware #Programming #SoftwareEngineering #GaryMcGraw #YOWcon
Looking for a unique learning experience?
Attend the next GOTO conference near you! Get your ticket at gotopia.tech
Sign up for updates and specials at gotopia.tech/newsletter
SUBSCRIBE TO OUR CHANNEL - new videos posted almost daily.
kzread.info...