Modern Software Security Development Lifecycle28.06.2017 14:15 - 15:15 Uhr Track: ALM
Modern software development requires design and build of more secure software by addressing security compliance requirements while decreasing development cost. Reducing the opportunities for attackers to exploit a potential weak spot or vulnerability requires analysing the overall attack surface, and includes restricting access to system services. Applying a structured approach to threat scenarios during design helps a team identify security vulnerabilities, determine risks from those threats, and establish appropriate mitigations. This session illustrates the core concepts of the Microsoft Security Development Lifecycle (SDL) and the security activities to perform to claim compliance with the SDL process. Practical applications of tools for understanding your attack surface (Attack Surface Analyzer), finding and addressing system security issues (Threat Modeling Tool), and a simple fuzzer designed to test for potential denial of service vulnerabilities (MiniFuzz).
- Florian Bender
- Tel.: +49 (89) 74117-206
- Fax: +49 (89) 74117-448
- E-Mail: email@example.com