Seminars & Colloquia
"Software Security: Building Security In "
Friday April 28, 2006 01:15 PM
Location: 313, MRC NCSU Centennial Campus
(Visitor parking instructions)
* Code review using static analysis tools
* Architectural risk analysis and threat modeling
* Penetration testing
* Security testing
* Abuse case development
* Security requirements
Like the yin and the yang, software security requires a careful balance---attack and defense, exploiting and designing, breaking and building---inextricably mixed in a coherent package. Through a unification of proactive design and careful exploit-driven testing built on a foundation of risk management, you can properly address software-induced security risk. The touchpoints can and should be taught in every software course (even those courses that are presumably not about security). Come find out what they should be teaching you, er I mean what you should be teaching them.
Dr. McGraw holds a dual PhD in Cognitive Science and Computer Science from Indiana University and a BA in Philosophy from UVa. He is a member of the IEEE Security and Privacy Task Force, and was recently elected to the IEEE Computer Society Board of Governors. He is the editor of Building Security In for IEEE Security & Privacy magazine, and is often quoted in the press.
Host: Laurie Williams, Computer Science, NCSU