From next week on the Belgian Developer audience team in partnership with MSDN Academic Alliance organizes 7 MSDN Security Evenings. These localized sessions (in Ducth & French) on security will be delivered by two of our Begian Community members Bart De Smet and Grégory Renard.
During these security evenings software developers and software architects will learn how to build safe applications. Typically developers don't want to spend an inordinate amount of time learning about securing their applications. They would rather write the code and the algorithms that solve the problem and ship the product, without having to worry about security. Currently, however, we can't build fire and forget applications. We need to understand the security implications of the decisions we make. With that in mind, the tools we use to build and ship applications can make it much easier to ship secure applications.
Besides covering some of the features of Visual Studio 2005 which can help you build secure and robust applications, the session will also cover some of the most common security problems and challenges software devs and architects face. Most of the tools and enhancements in Visual Studio 2005 require very little extra work and can have a tremendous impact on the overall security of your applications. Security problems like Cross-site scripting (XSS), one-click attacks, SQL Injection and canonicalization issues will be shown. We will also shed a light on the Microsoft security development lifecycle.
Security Development Lifecycle = Process + Education + Accountability
The SDL is a process by which Microsoft develops software, that defines security requirements and milestones. This is a mandatory process for products that are exposed to meaningful security risks. It has shown itself to be highly effective at reducing vulnerabilities in commercial software. The SDL puts Microsoft on path toward more secure software.
More in-depth info on the SDL can be found in the coming Security Development Lifecycle book by Michael Howard and Steve Lipner.
Below is the MSDN Secuirty Evenings calendar:
Faculté Polytechnique de Mons
April 19, 2006
Katholieke Hogeschool Brugge-Oostende
April 26, 2006
Haute Ecole Rennequin Sualem
April 27, 2006
Erasmus Hogeschool Brussel
April 28, 2006
Karel de Grote-Hogeschool Antwerpen
May 2, 2006
Hogeschool West-Vlaanderen - Departement PIH
May 10, 2006
Katholieke Hogeschool Leuven - Rega
May 11, 2006
More info on these MSDN Secuirty Evenings can be found here.