J.D. Meier's Blog

Software Engineering, Project Management, and Effectiveness

Security WebCast - Using Security Code Reviews to Quickly and Effectively Improve the Security of Your Applications

Security WebCast - Using Security Code Reviews to Quickly and Effectively Improve the Security of Your Applications

  • Comments 2

Rudolph Araujo (or Rudy as we call him), from Foundstone, is doing a Web Cast on performing Security Code Reviews, Using Security Code Reviews to Quickly and Effectively Improve the Security of Your Applications .

In his Web Cast, Rudy will accomplish the following:

  • Show you key effective strategies for security code reviews
  • Briefly discuss threat modeling and its benefits
  • Discuss how security code review and threat modeling are critical yet just part of an overall software security engineering process

One of the most important things Rudy will show you is how to use control flow analysis and data flow analysis to analyze application security.  Rudy will also show you how to chunk up your security analysis using security categories such as authentication, authorization, input/data validation ... etc., to perform incremental and iterative analysis.

Rudy has worked closely with our patterns & practices security team over the years so he's intimately familiar with our approaches around security code review approach and Security Engineering (short-cut: http://msdn.com/SecurityEngineering).  In fact, Rudy played a key role during the development of our How To: Perform a Security Code Review for Managed Code (Baseline Activity), where you can see Rudy listed as a contributing author.

Event Information

  • Title: Using Security Code Reviews to Quickly and Effectively Improve the Security of Your Applications 
  • When: May 24th 
  • Time: 11:00 AM - 12:00 PM (Pacific)
  • Event Registration page 
Page 1 of 1 (2 items)