I've been meaning to write about this, but I've been a little busy of late.
On day 4 of the PDC (this Friday) we're holding a Security Symposium.
The morning is 100% focused on the Security Development Lifecycle (SDL), including threat modeling (I'll be presenting this material), risk assessement, fuzz testing and much MUCH more. Following the SDL material is a panel discussion MC'd by yours truly (!) the panel will include:
- Steve Lipner, Director Security Eng Strategy, Microsoft
- David Litchfield, Managing Director and Founder, Next Generation Security Software Ltd (NGSSoftware)
- David Palmer, Head of Information Security Risk Management, WestPac
- Greg Elkins, Consulting Systems Engineer, LexisNexis
Oh, we're giving away copies of "19 Deadly Sins of Software Security" to all symposium attendees.
So see you there - please stop by and say 'hi!' and learn a thing or three about improving your software development processes to accomodate better security.
And if you really want, I'll sign your book (it adds $0.34 to the book value, but hey! 😉