Compuware and Microsoft present: Find Security Vulnerabilities in Your Applications Before Hackers Do - J.net - Site Home

How does a buffer overrun work? What can I do to protect myself from SQL Injection? How do hackers exploit vulnerabilities? Please join Microsoft and Compuware for a comprehensive look at the answers to these questions.

We will provide guidance on how to identify common secure coding issues, and show you how to mitigate the risk from these issues to ensure that your application's security begins in development, and that you're delivering the most secure application possible to your organization and customers.

This is going to be an awesome event ... not only will we show how applications get hacked, but Brian Cooper will demonstrate Compuware's excellent tool for identifying potential vulnerabilities in applications before they go out the door to be attacked by the bad guys!

Seminar Agenda
November 8 and November 17, 2005

1:00 p.m. - 1:30 p.m. Registration

1:30 p.m. - 1:45 p.m. Introductions and Overview

1:45 p.m. - 3:00 p.m. "Common Application Security Vulnerabilities"
J Sawyer
Microsoft Developer Evangelist

3:15 p.m. - 4:00 p.m. "Finding and Fixing Security Problems through Automation"
Brian Cooper
Compuware Subject Matter Expert

4:00 p.m. Refreshments, appetizers and PRIZE drawing for a Dell Jukebox

A recent study notes that 75 percent of all web attacks happen at the application layer. This number is alarming, seeing as though most security solutions are focused on checking and controlling security issues after applications are in production. Little is done to build security into applications from the start, which will reduce cost and improve code quality.
Topics will include overall best practices for writing secure code, identifying and ranking threats to your application and including security into the software development lifecycle. While vulnerabilities we will discuss are not platform-specific, the mitigation techniques discussed and demonstrated will be specific to the .NET Framework and Visual Studio 2005 tools.
In this seminar we will provide guidance on how to identify common secure coding issues, show you how to mitigate the risk from these issues to ensure that your application's security begins in development and that you're delivering the most secure application possible to your organization and customers. You will also learn about common security vulnerabilities within applications and the development techniques to correct them.
Session Topics
Common Application Security Vulnerabilities

Cross-site scripting
SQL Injection
Session hijacking
Parameter tampering

Finding and fixing security issues through automation

Scan code to identify common security mistakes
Simulate attacks on an application to uncover security holes
Analyze run-time data during application execution

Every attendee will receive the book Writing Secure Code by Michael Howard and David C. LeBlanc and will also be entered to win a Dell Jukebox! Register today!

Dates and Locations

Tuesday, November 8
Microsoft Technology Center
9606 N Mopac
Suite 200
Austin, Texas 78759

Thursday, November 17
Microsoft Office
2000 W. Sam Houston Pkwy S.
Suite 350
Houston, Texas 77042