Cassio Goldschmidt - Symantec
Feb 04, 2009
Download: MP4 Video
Watch in your Browser
Watch on YouTube
"The dark side of software engineering and how to defend against it"
If you create an application that runs on one or more computers
connected to a network such as the internet, your code will be attacked.
Consequences of compromised systems often include loss of trust,
reputation and revenue. Software will always have defects and
vulnerabilities. Strikes against digital assets are unquestionably on
the rise. We can, however, make it substantially harder to find and
exploit vulnerabilities by identifying insecure coding practices and
developing secure alternatives.
During this practical session, we'll examine in detail the principles
behind some of the worst attack patterns seen today in the software
industry. Most importantly, we'll learn effective defense programming
techniques every developer must employ when building software.
About the Speaker
Cassio Goldschmidt is senior manager of the product security team under
the Office of the CTO at Symantec Corporation. In this role he leads
efforts across the company to ensure the secure development of software
products. His responsibilities include managing Symantec's internal
secure software development process, training, threat modeling and
penetration testing. Cassio's background includes over 12 years of
technical and managerial experience in the software industry. During
the six years he has been with Symantec, he has helped to architect,
design and develop several top selling product releases, conducted
numerous security classes, and coordinated various penetration tests.
Cassio represents Symantec on the SAFECode technical committee and
(ISC)2 in the development of the CSSLP certification. He holds a
bachelor degree in computer science from Pontificia Universidade
Catolica do Rio Grande Do Sul, a masters degree in software engineering
from Santa Clara University, and a masters of business administration
from the University of Southern California.
Unless otherwise noted, the security seminar is held on Wednesdays at 4:30P.M.
STEW G52 (Suite 050B), West Lafayette Campus. More information...