OWASP Pittsburgh Chapter Q1 2016 MeetUp
Details
Topic: Secure Code? What are your libraries hiding, and how do you know?
Abstract: Libraries and Frameworks greatly assist developers to bolster functionality and meet deadlines. However, are these components introducing risk and vulnerabilities? Also, how does an overtasked and deadline driven developer stay up-to-date on the state of these dependencies? Attendees will discover the alarming statistics that security professionals identified regarding the sheer percentages of vulnerable libraries and frameworks. Additionally, participants will acquire information on some great manual scripts and open-source utilities to help automate this process. Since writing all components from scratch is too cumbersome and inefficient, attend this session to acquire the means to ensure the best risk adverse and well maintained libraries are utilized.
Speaker: Kevin Cody
Bio: Kevin Cody is an Application Security Engineer with experience working at several Fortune 500 enterprises. Although his particular expertise is geared toward hacking Web and Mobile applications, he is also very interested in the entire gamut from mainframes to embedded systems. He currently is on the leadership team of OWASP Pittsburgh, and actively encourages engagement of any and all developers that enjoy learning about security.
