As organizations outsource development to less trustworthy providers malware becomes as much a problem as introduction of honest vulnerability by one's own development shop. Assessment practices currently look for vulnerability within source code and running systems, however these are but a few of the windows of opportunity for malware introduction.
This presentation demonstrates an approach for augmenting an existing security practice with the capability to detect potentially malicious code through secure code review. First, we show how to break malicious intent--often quite subtle--into concrete patterns we can reliably detect. The framework then demonstrates how to build suspicion around reliance of particular patterns' use in concert which, increasingly, imply malicious intent. These techniques will be explained through a demonstration in a real world application.
RSVP using this link: http://maliciouscode-chicagosecuritymeetup.eventbrite.com/