CERIAS - Center for Education and Research in Information Assurance and Security

Skip Navigation
CERIAS Logo
Purdue University - Discovery Park
Center for Education and Research in Information Assurance and Security

Secure Code Development

Doug Smith - Northrop Grumman

Sep 06, 2017

Size: 153.9MB

Download: Video Icon MP4 Video  
Watch in your Browser   Watch on Youtube Watch on YouTube

Abstract

Current and recent events make it clear that cybersecurity requires defense in depth. Software development is both an early opportunity to begin the defense, and the source of many commonly exploited security vulnerabilities. Preventing coding errors and eliminating security flaws during development is an effective way to reduce security risks. This presentation promotes awareness among software practitioners of the how and why to do secure code development and software assurance, covering:
· Software Assurance Definitions
· Software Assurance Threat
· Software Assurance Guidance and Regulations
· Secure Coding Activities
· Classic Vulnerability Examples

About the Speaker

Doug Smith is a Technical Fellow and Manager of Engineering for Northrop Grumman Technology Services, providing engineering support to projects and leading the Systems and Modernization Services Division’s engineering staff development programs as well as Agile and DevOps engineering improvement initiatives. Previously, Doug served as a software engineer, systems engineering manager, and program manager. He has more than 25 years of experience in software development.

Doug received a Master of Science in Computer Science from the Naval Postgraduate School and was graduated Magna Cum Laude from Duke University with a Bachelor of Science in Computer Science. He is a veteran of the Marine Corps, a Lean Six Sigma Black Belt, co-author of the John Wiley book, "Practical Support for Lean Six Sigma Software Process Definition", and Subject Matter Expert for the IEEE Computer Society’s “Certified Software Development Associate” (CSDA) Learning System.

Unless otherwise noted, the security seminar is held on Wednesdays at 4:30P.M. STEW G52, West Lafayette Campus. More information...

Disclaimer

The views, opinions and assumptions expressed in these videos are those of the presenter and do not necessarily reflect the official policy or position of CERIAS or Purdue University. All content included in these videos, are the property of Purdue University, the presenter and/or the presenter’s organization, and protected by U.S. and international copyright laws. The collection, arrangement and assembly of all content in these videos and on the hosting website exclusive property of Purdue University. You may not copy, reproduce, distribute, publish, display, perform, modify, create derivative works, transmit, or in any other way exploit any part of copyrighted material without permission from CERIAS, Purdue University.