Loading…
This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
View analytic
Saturday, February 7 • 09:50 - 10:30
Security Development Lifecycle in Open Source

Sign up or log in to save this to your schedule and see who's attending!

Original Security Development Lifecycle (SDL) has been developed in closed-source environment for software companies. Open Source development challenges many assumptions of SDL which is, as such, unsuitable in many usecases.

This presentation will talk about security in Open Source development throughout whole lifecycle, focusing on:
* security training materials and their availability to Open Source developers
* specifics of auditing and effectiveness of various forms and approaches (formal audit, hackathons, fuzzing, security testing)
* vulnerability research and development of mitigations and countermeasures

http://docs.fedoraproject.org/en-US/Fedora_Security_Team/1/html/Defensive_Coding/index.html
http://docs.fedoraproject.org/en-US/Fedora_Security_Team/1/html/Secure_Ruby_Development_Guide/index.html
https://securityblog.redhat.com/tag/cwe/

Speakers
avatar for Ján Rusnačko

Ján Rusnačko

Software Engineer, Red Hat
Jan works in Product Security team at Red Hat focusing on proactive security.


Saturday February 7, 2015 09:50 - 10:30
D105

Attendees (27)