Cassio Goldschmidt, The Dark Side of Software Engineering and How to Defend Against It
If you create an application that runs on one or more computersconnected to a network such as the internet, your code will be attacked.Consequences of compromised systems often include loss of trust,reputation and revenue. Software will always have defects andvulnerabilities. Strikes against digital assets are unquestionably onthe rise. We can, however, make it substantially harder to find andexploit vulnerabilities by identifying insecure coding practices and developing secure alternatives.During this practical session, we'll examine in detail the principlesbehind some of the worst attack patterns seen today in the softwareindustry. Most importantly, we'll learn effective defense programmingtechniques every developer must employ when building software. About the speaker: Cassio Goldschmidt is senior manager of the product security team underthe Office of the CTO at Symantec Corporation. In this role he leadsefforts across the company to ensure the secure development of softwareproducts. His responsibilities include managing Symantec's internalsecure software development process, training, threat modeling andpenetration testing. Cassio's background includes over 12 years oftechnical and managerial experience in the software industry. Duringthe six years he has been with Symantec, he has helped to architect,design and develop several top selling product releases, conductednumerous security classes, and coordinated various penetration tests.Cassio represents Symantec on the SAFECode technical committee and(ISC)2 in the development of the CSSLP certification. He holds abachelor degree in computer science from Pontificia UniversidadeCatolica do Rio Grande Do Sul, a masters degree in software engineeringfrom Santa Clara University, and a masters of business administrationfrom the University of Southern California.
Create your
podcast in
minutes
It is Free