I’m doing a Halloween themed Parasoft webinar this Friday on Stopping Software Security Slashers with Static Analysis. As always it’s a free webinar and you can register here.
We like to have fun at these holiday webinars, so we’ll investigate how some security issues are similar to the famous horror movie villains you know and love, like Jason, Freddy, Leatherface, Michael and Norman. I hope to see you there.
Overview
Stagefright, Heartbleed, and other grisly-sounding software defects are scary for good reason: they make applications vulnerable to menacing cyberattackers—no hockey mask or knife-fingered glove required. In the absence of an adequate defect prevention strategy, your application is likely to stumble as malicious (and even not so malicious) hackers bear down on vulnerabilities, potentially crashing the software or exposing sensitive data. If your software is deployed to a medical device, automotive system, or any other safety-critical application, this is only the beginning of the nightmare.
But your application deployment doesn’t have to end in gruesome horror. By implementing quality practices, such as a static analysis, throughout the SDLC, you reduce the potential attack surface cyberattackers can exploit. Moreover, by automating the continuous application of defect prevention technologies, you eliminate the possibility of defects recurring like a chainsaw-wielding maniac that won’t stay down.
In this webinar, we’ll look at why recently publicized defects are so scary and discuss how to take a proactive approach to ensuring the safety, security, and reliability of your applications. We’ll focus on how to leverage standards, such as OWASP, PCI DSS, and CWE, to evolve development policies from static analysis findings so that your application isn’t the next victim.
Resources