OWASP Toronto - February 2017 Chapter Event

Please join us at our next OWASP Toronto chapter event, where our guest speaker, Paul Kitor from HP Enterprise, will be sharing his thoughts on Secure Programming with Static Analysis.

Speaker: Paul Kitor

Paul Kitor, CISSP is a Senior Solution Architect focused on Fortify technologies within the Enterprise Security Products business unit at HP. In this role, Mr. Kitor acts as the primary technical advisor to develop and position a broad range of Application Security solutions with customers. In his responsibilities, Paul provides technical leadership and technical depth concerning HP Fortify solutions. He works closely with customers and partners in assisting them meet their strategic Application Security initiatives and also provides thought leadership and insight regarding the ever changing global threat landscape. He possesses 20+ years of Information Security experience in the areas of Application Architecture, Java/C/C++ Development, Agile SDLC, and Application Security. Prior to joining HP Canada, Paul worked as a Solution Architect at Oracle, BEA Systems, and Borland Software he also lead Java development teams at Airmiles.ca and Points.com.

Secure Programming with Static Analysis

Developing software securely is a very challenging task. Using a combination of theory, practice and technology gives you the best chance of success. This talk will introduce (for those practitioners among us – review) the theory, practices and technologies that comprise Static Analysis.

• The Software Security Problem

• Static Analysis

• Introduction

• As Part of the Code Review Process

• Internals

• Pervasive Problems

• Handling Input

• Buffer Overflow

• Bride of Buffer Overflow

• Errors and Exceptions