Practical Application Security
Host: Gunnar Peterson
Application security is emerging as a new hot topic to be integrated in the software development life cycle. Compare this to ten years ago: nobody thought that test-driven development would one day be cool. As new security threats evolve, so too must the software's security models. More than ever, with every application being web enabled, developers and architects must focus on building security into the system from the earliest stages of design. Security is a system property that needs to be addressed in all aspects of software development; all the way from architecture and design (how to build security in), collecting business requirements, the role of security in use-cases, model and application design (thinking like an attacker), continuous integration and testing (information assurance). In this track we will take a broad look into application security (also called software security) from the point of view of the software development professional. [architect, designer, developer, tester] There is a tremendous amount of innovation in the security and identity space, we will focus on pragmatic ways to build more secure code using these advances.