Secure Code Reviews Magic or Art? A Simplified Approach to Secure Code Reviews – Sherif Koussa
Text to Speech Voices
Title: Secure Code Review: Magic or Art? A Simplified Approach to Secure Code Reviews
Abstract
Secure code review is one of the best ways to uncover vulnerabilities and reduce risk of online web applications being breached. However, secure code review has always been challenged as being skill and tools intensive. But what if this could be simplified so developers on your team could perform it? What if this could be achieved with minimal impact on deadlines? This presentation will delve into the science and process behind secure code review and will continue to discuss a simplified approach to secure code review: a simplified process to follow, free tools to use and some of the pitfalls to avoid.
*****
Speaker
Sherif Koussa, Principal Application Security Consultant, Software Secured
Sherif comes from a software development background where he designed, implemented and led software teams for 9 years. | His journey with application security started back in 2006 where he kicked off the OWASP Chapter in Ottawa, followed by leading a major release for WebGoat v5.0 by adding over 12 new lessons. | In addition, Sherif helped SANSGIAC kick off the GSSP-NET and GSSP-JAVA exams. He is also leading the Static Code Analysis Evaluation Criteria (SATEC) project by WASC. | Sherif…
*****
Date: Thursday October 25, 2012 11:00am - 11:45am
Location: AppSecUSA, Austin, TX. Hyatt Regency Hotel. Adobe Room
Likes: 0
Viewed:
source
Gloss