<<< Previous track Next track >>>

 Practical Application Security

Host: Gunnar Peterson

Application security is emerging as a new hot topic to be integrated in the software development life cycle. Compare this to ten years ago: nobody thought that test-driven development would one day be cool. As new security threats evolve, so too must the software's security models. More than ever, with every application being web enabled, developers and architects must focus on building security into the system from the earliest stages of design. Security is a system property that needs to be addressed in all aspects of software development; all the way from architecture and design (how to build security in), collecting business requirements, the role of security in use-cases, model and application design (thinking like an attacker), continuous integration and testing (information assurance). In this track we will take a broad look into application security (also called software security) from the point of view of the software development professional. [architect, designer, developer, tester] There is a tremendous amount of innovation in the security and identity space, we will focus on pragmatic ways to build more secure code using these advances.
Schedule,
Wednesday
 Practical Application Security
08:00 - 09:00 Registration and Breakfast
09:00 - 10:00 Trends in Agile Development
Kent Beck
Location: Metropolitan Ballroom
Password protected Download slides
10:00 - 10:30 Break
10:30 - 10:45 Introduction: Practical Application Security
Gunnar Peterson, Managing Principal
Location: Stanford
10:45 - 11:00 Break
11:00 - 12:00 Secure Programming with Static Analysis
Brian Chess
Location: Stanford
Password protected Download slides
12:00 - 13:00 Lunch
13:00 - 14:00 Making Threat Modeling Useful to Software Development
John Steven
Location: Stanford
Password protected Download slides
14:00 - 14:30 Break
14:30 - 15:30 Establishing Your Organization's Enterprise Security API
Jeff Williams
Location: Stanford
Password protected Download slides
15:30 - 16:00 Break
16:00 - 17:00 Perfect Storm - Stopping New Attacks in a Web 2.0 World
Jeff Williams
Location: Stanford
Password protected Download slides
17:00 - 17:15 Break
17:15 - 18:15 SOA and Web Services Security
Gunnar Peterson, Managing Principal
Location: Stanford
Password protected Download slides
18:15 - 18:30 Break
18:30 - 19:30 50 in 50
Richard Gabriel, Distinguished Engineer
Location: Metropolitan Ballroom
20:00 - 23:00 Google Welcome Party
Speakers: TBA