While everyone seeks to be on the cutting edge of hacks and bugs, the number of rather basic issues in software security are still usually unresolved. The SBA Security Meetup on January 17, 2019 strives to explain why basic software security measures have the potential to solve a good number of existing threats, why many of them are still not done, and why many of them are a question of the software development process instead of just pure coding. “Software security is about integrating security practices into the way you build software, not integrating security features into your code”, says Gary McGraw, an expert for software security an author of many books and articles in this field. We’ll explore this in this meetup.
18:10 to 18:50: Talk: We Need To Secure The Way We Build Software. In this talk, Thomas will explore what a secure software development lifecycle can look like. What needs to be done in the requirements phase? Why are the design phase and technology decisions so important for security? What is a threat model and when and how should it be done? How can we categorize security bugs, and what can we do about them? How about testing and automation? What are non-tech aspects of a secure development lifecycle?
18:50 to 19:00: Talk Q&A
19:00 to 20:00: Socialize, talk, discuss!
Leute, die in der Softwareentwicklung involviert sind (Entwickler, Tester, DevOps, Teamleads)