Application Security Part 1: Stop the Bleeding
This session is geared for those who are ready to take the first steps towards securing their applications with minimal cost and effort. Most development teams know that they have not given security the attention it deserves, but also don't know where to begin. Should you run a scanning tool, go to security training, or just bury your head in the sand and pretend everything is OK?
A few simple activities are introduced that will pay big dividends for the security of your applications. One size does NOT fit all, and this session will enable you to spend your time and money where it will make the most difference. Peripheral issues are also addressed, such as obtaining management support and working with your IT security department.
About Dean H. Saxe
Dean H. Saxe is a Managing Consultant at Foundstone, A Division of McAfee, where he is responsible for conducting web application penetration testing, threat modeling, code reviews, secure software development lifecycle (S-SDLC) design and implementation, and project management. Prior to joining Foundstone, Dean spent more than 8 years developing web application in Java and ColdFusion in a variety of industries. While working in the banking sector, Dean's interest in application security was sparked and has grown steadily over the past five years. Dean also provides client education services as a lead instructor of these Foundstone courses: Building Secure Software, Writing Secure Code: Java/J2EE, and Writing Secure Code: ColdFusion. Dean holds the CISSP and Certified Ethical Hacker designations.
When not working, Dean enjoying hiking, cooking, homebrewing and traveling the world.
More About Dean H. »