Expert: Speakers at Security Conference 2015 | Price: Free | Language: English |

Software security best practices - a video collection

Live presentations from the event Security Conference 2015 in Stockholm. A conference full of technical sessions about security for developers, brought to you by Øredev and TrueSec

Session 1 - Security in Your Code Defines the Future

Speaker: Marcus Murray

Internationally recognized security expert, Marcus Murray, will share his insights in the world of cyber security as today's Keynote.

In this baffling keynote you will not only see a shocking live demo that shows how a vulnerability in your application can compromise an entire IT-environment, but you will also learn about some of the latest and greatest security breaches, trends and how the landscape of cyber threats is changing in a way that concerns developers more than ever before!

Vulnerabilities in code is one of the key reasons why organizations get hacked today. Your ability to write secure code will define the future!

Session 2 - Security in web apps

Speakers: Fabio Viggiani

Did you know that cybercriminals out there can compromise your web applications and servers with nothing more than a web browser and a few publically available tools? 

In this demo-oriented web hacking and secure development session, Fabio Viggiani, leading web-application and pen test expert, will show you how hackers exploit vulnerabilities in web apps today, the possible consequences of a breach, and he will point you towards the right solutions and the proper mindset to prevent cyber attacks.

Session 3 - Secure coding patterns

Speaker: Andreas Hallberg

You’ll learn how to make the concept of “trust” a first class citizen in your code, and know what to look for when reviewing code for security vulnerabilities. 

Secure coding patterns will make your code cleaner, more robust and less likely to cause your application’s user table to be uploaded to Flashback.

Session 4 - Full disclosure – rootpipe in OS X

Speaker: Emil Kvarnhammar

In this session Emil will disclose all details of the rootpipe vulnerability, and explain why it’s different from many other privilege escalation bugs. You’ll see how attackers find vulnerabilities in your code, even if they only have access to binaries. This is a security issue that took more than six months for Apple to patch!.

Session 5 - Where and how do we build our app

Speakers: Emil Kvarnhammar

Many modern application developers make use of third party dependencies and build servers during development before finally signing their applications to be published. How do you know that the third party code is secure and that you are in fact running the code you actually intended to?

Session 6 - Protecting your app data from attackers

Speaker: Sebastian Olsson

Is your app dealing with sensitive or even confidential data?

Your secure app needs to handle many possible attack vectors like network eavesdropping/MiTM, data extraction from backups, storage access through trojans, heap dumps, unauthorised access to server data etc.

This session presents secure practices in app development.

Session 7 - File upload – Inviting the Vampires

Speaker: Stefan Ivarsson

There’s something rotten in the state of file upload. We routinely find vulnerabilities in third-party components and customers’ file upload code. 

In this session we show you the common mistakes, how hackers can bypass seemingly rock-hard file-upload defenses, and how to properly secure your snazzy file upload component.

Have you watched all videos? Develop you skills further on

Some people have to practice new knowledge hands-on, to learn for real. Check out the practical IT security trainings that the speakers offers at LabCenter.

Tags: Development | Öredev | Security | Fabio Viggiani | Stefan Ivarsson | Andreas Hallberg | Web | Apps | Philip Åkesson | Sebastian Olsson | Rootpipe | Protect | Coding | Hacking | Marcus Murray | TrueSec | Software

Qzwds7escchaz6krwsja secconf2015

Speakers at Security Conference 2015

All programs