Seminar - Security Experts Brian Chess and Gunnar Peterson talk about the Evolution of Application Security
Seminar - Security Experts Brian Chess and Gunnar Peterson talk about the Evolution of Application Security
Fortify Software and Arctec Group Invite you to a unique breakfast seminar in which security experts Brian Chess and Gunnar Peterson talk about the fast-paced evolution of application security - new challenges, technologies and strategies. It's not your mother's application security strategy.
Friday, November 2 8:30am - 10:30am
DoubleTree Hotel 1500 Park Place Blvd
St. Louis Park, MN
TOPIC #1
SECURITY: ARCHITECTURE & GOVERNANCE - Gunnar Peterson
As the enterprise is increasingly decentralized, with distributed data, outsourcing, and partner/channel integration - how does Information Security play a meaningful role? The technical platforms reflect this reality, with everyone from open source to Microsoft and IBM embracing SOA, web services, and other distributed architectures. Clearly, the centralized security models of yesteryear do not apply in today's distributed world.
Join them for this talk to explore:
How to govern through policy and runtime enforcement of those policies in today's hyperconnected enterprise.
A pragmatic approach towards information security playing a prescriptive role in design time and deployment policies, and ensuring that these are adhered to at runtime
TOPIC #2
APPLICATION SECURITY USING STATIC ANALYSIS - Brian Chess
Creating secure code requires more than just good intentions. Programmers need to know how to make their code safe in an almost infinite number of scenarios and configurations. Static source code analysis gives users the ability to review their work with a fine tooth comb and uncover the kinds of errors that lead directly to vulnerabilities. This talk frames the software security problem and shows how static analysis is part of the solution.
Highlights include:
The most common security short-cuts and why they lead to security failures
- Why programmers are in the best position to get security right
- Where to look for security problems
- How static analysis helps
- The critical attributes and algorithms that make or break a static analysis tool.
About the Speakers:
Gunnar Peterson is a Managing Principal at Minneapolis based Arctec Group. He is focused on distributed systems security for mission-critical financial, healthcare, manufacturing, and insurance systems, as well as emerging start ups. Mr. Peterson is an internationally recognized software security expert, frequently published, an Associate Editor for IEEE Security & Privacy Journal on Building Security In, an Associate Editor for Information Security Bulletin, a contributor to the SEI and DHS Build Security In portal on software security, and an in-demand speaker at security conferences.
Visit the blog. http://1raindrop.typepad.com/
Brian Chess, Ph.D. is Chief Scientist at Fortify Software He is a founder of Fortify Software, where his work focuses on practical methods for creating secure systems. His book, Secure Programming with Static Analysis, shows how static source code analysis is an indispensable tool for getting security right.Brian holds a Ph.D. in computer engineering from the University of California at Santa Cruz, where he studied the application of static analysis to the problem of finding security relevant defects in source code. Before settling on security, Brian spent a decade in Silicon Valley working
at large companies and small startups. He has done research on a broad set of topics, ranging from integrated circuit design all the way to delivering software as a service.
Visit the blog. http://extra.fortifysoftware.com/blog/
______________________________________________________________________________________________
______________________________________________________________________________________________
Back to Main Page
Gary E. Smith
SOA Security Architect - Securing SOA in a Connected World
Comments