I've been meaning to write about this, but I've been a little busy of late.

On day 4 of the PDC (this Friday) we're holding a Security Symposium.

The morning is 100% focused on the Security Development Lifecycle (SDL), including threat modeling (I'll be presenting this material), risk assessement, fuzz testing and much MUCH more. Following the SDL material is a panel discussion MC'd by yours truly (!) the panel will include:

  • Steve Lipner, Director Security Eng Strategy, Microsoft
  • David Litchfield, Managing Director and Founder, Next Generation Security Software Ltd (NGSSoftware)
  • David Palmer, Head of Information Security Risk Management, WestPac
  • Greg Elkins, Consulting Systems Engineer, LexisNexis

Oh, we're giving away copies of "19 Deadly Sins of Software Security" to all symposium attendees.

So see you there - please stop by and say 'hi!' and learn a thing or three about improving your software development processes to accomodate better security.

And if you really want, I'll sign your book (it adds $0.34 to the book value, but hey! ;)