[Owasp-austin] Protecting Your Applications from Backdoors - 8/30 Austin OWASP Meeting (Please RSVP)

Josh Sokol josh.sokol at ni.com
Thu Aug 18 12:40:16 EDT 2011


Austin OWASPers,

I am please to announce our next OWASP meeting on August 30, 2011 from 
11:30 to 1:00 PM.  In order to prevent us from running out of food at this 
meeting as we did last time, I would like to request that everyone who 
plans on attending RSVP's via the link provided below.  Our new policy 
will be that up until 11:45, the only people who will be allowed to get 
food are the ones on the RSVP list.  I will do my best to order food for 
everyone, but after 11:45 it's fair game and if we run out, we run out. In 
other words, if you plan on coming you should RSVP if you want to ensure 
you get to eat.

RSVP Here -->  http://www.eventbrite.com/event/2064867073

When: August 30, 2011, 11:30am - 1:00pm 
Topic: Protecting Your Applications from Backdoors: How to Secure Your 
Business Critical Applications from Time Bombs, Backdoors & Data 
Exfiltration
With the increasing practice of outsourcing and using 3rd party libraries, 
it is nearly impossible for an enterprise to identify the pedigree and 
security of the software running its business critical applications. As a 
result backdoors and malicious code are increasingly becoming the 
prevalent attack vector used by hackers. Whether you manage internal 
development activities, work with third party developers or are developing 
a COTS application for enterprise, your mandate is clear- safeguard your 
code and make applications security a priority for internal and external 
development teams. 
In this session we will cover: 
Prevalence of backdoors and malicious code in third party attacks 
Definitions and classifications of backdoors and their impact on your 
applications 
Methods to identify, track and remediate these vulnerabilities 
Who: Joe Brady (Veracode) 
Joe Brady is a Senior Solutions Architect at Veracode with over 25 years 
of experience in software application development and security. His 
professional experience includes advising customers on data at rest 
encryption solutions at Credant Technology, IT risk and portfolio 
management at Prosight (now Oracle), and application software development 
as a consultant and software development manager for various companies. 
Joe began programming as a physics undergrad and developed early 
microprocessor based instrumentation at Cornell, where he received a 
Master of Science degree in Applied and Engineering Physics. He has had an 
interest in software security, and backdoors in particular, since reading 
“Reflections on Trusting Trust” by Ken Thompson where he describes 
planting what we now call a backdoor in the UNIX compiler.
Where: National Instruments, 11500 N Mopac, Building C which is the 
tallest building on campus (8 levels). There will be signs posted in the 
lobby to direct you where to go and the receptionists will be able to 
assist you as well. See directions to National Instruments. 
Cost: Always Free

RSVP Here -->  http://www.eventbrite.com/event/2064867073

Also, don't forget about tonight's Austin Security Professionals Happy 
Hour from 5-7 PM at Sherlocks.  See you there!

Sincerely,

Josh Sokol (CISSP, CCNA, GWAS)
Information Security Program Owner
National Instruments
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-austin/attachments/20110818/caaa34c1/attachment.html 


More information about the Owasp-austin mailing list