Loading…
This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
View analytic
Thursday, November 21 • 11:00am - 11:50am
Verify your software for security bugs

Sign up or log in to save this to your schedule and see who's attending!

Video of session:
https://www.youtube.com/watch?v=i8nbESwT2DQ&list=PLpr-xdpM8wG8ODR2zWs06JkMmlRiLyBXU&index=19

Verification is an important phase of developing secure software that is not always addressed in depth that includes dynamic analysis and fuzzing testing. This step allows checking that security has been built in the implementation phase: secure coding and using compilers mitigations correctly.
This presentation will cover the current state of verification technologies that developers can use to check the lack of security mitigations (ASLR, DEP, SafeSEH, Stack Guard, PIE, etc.) and vulnerabilities (Missing Code Signing, Insecure API, DLL planting, poor coding, etc.) and how to implement a battery of tests in their organization to verify their products are safe before releasing as required by an Application Assurance process.
A new tool will be presented, BinSecSweeper, that performs security binary analysis, is open source and cross platform (Windows and Linux) and can scan PE & ELF file formats for x86-64 that can be used by developers to check their software includes security mitigations and is compliance with Application Assurance best practices or by IT pros to identify insecure applications in their networks. This technology was sponsored by DARPA Cyber Fast Track (CFT).
If you develop software or work in AppSec this is your talk!

Speakers
avatar for Simon Roses Femerling

Simon Roses Femerling

Simon Roses holds a B.S. from Suffolk University (Boston), Postgraduate in E-Commerce from Harvard University (Boston) and Executive MBA from IE Business School (IE, Madrid). Frequent speaker at security industry events including BLACK HAT, RSA, OWASP, SOURCE. DeepSec and Microsoft Security Technets.


Thursday November 21, 2013 11:00am - 11:50am
Salon 1 (5th Floor Ballroom) NY Marriott Marquis