Secure Development : 9 Skills that Developers must have

Session

Date: 

Wednesday, October 30, 2013 - 10:30am to 11:30am

Room: 

  • Forum 14

Whether you aim at defending against hackers, fraudsters or State-driven regulation, security and privacy vulnerabilities will appear at three major stages of your web application development project: 1) at design time 2) at implementation time 3) at deployment time. This session will focus on the implementation phase of web application projects and more specifically, on web developers and the skills that should be mastered to reduce the risk of adding new vulnerabilities in the applications they work for: Part 1: Methodology: from web attacks and code weaknesses to skills; Part 2: 9 developer skills for secure development. The talk will be technology-agnostic: the skills covered apply to any web development technology commonly used at the moment. Pre-requisites: some knowledge of major web application vulnerabilities (i. e. OWASP Top 10 or SANS/CWE Top 25)