Thursday, July 13, 2006

BlackHat 2006 Presentation Outline

This is the consolidated outline of my BH presentation: Building Security In the Software Development Life Cycle:

· Introductions
· How we define risk
· What is at risk, how we approach it and how we address it
· What are the costs of application security and software security?
· Data from a case study: build the business case with ROSI
· Secure Software Development Life Cycle: How do we get there?
· Secure Software Development Life Cycle: Is People, Process, Technology
· Security-Enhanced Lifecycle Process Models Compared: CLASP, MS SDL, McGraw TP, SEI TSPSM
· Security Frameworks: Mapping Activities and Software Security Best Practices
· Business Risks and Technical Risks: Review the business case and commit to it
· Summary: Take away lessons
· Resources: Foundstone Links
· Questions?

Hope to see you at my presentation, August 3rd 4.45 PM !

No comments: