Secure Software Development - Conference on Secure Software Development
Venue: Exhibition Center "InfoSpace", 1st Zachatievsky Lane, Building 4
Date: March 5, 2013
Registration: http://careerlab.ru/mssd/
Conference site: http://www.mssdcon.ru
Friends, 5- March March in Moscow, Microsoft holds the second conference on approaches to safe development mssdcon.ru. The so-called Security Development Lifecycle is becoming increasingly popular among professional developers. Nowadays, when you can’t practically take a step without IT, more and more attention, materials and even laws and regulations are devoted to the security of the technologies that we all use: the law on personal data, the President’s decree on the creation of a state detection, warning and the elimination of the consequences of computer attacks on the information resources of the Russian Federation, etc.
As we all are well aware, security must be comprehensive, and its provision must be process-based. So SDL is only one of the components of ensuring the security of the end system, but it is very important and even, to some extent, special, as it is a contribution on the part of the developer to the security of the future information system functioning on the customer side. The main goals of the SDL are to reduce and mitigate vulnerabilities. The statement of goals does not operate with absolute values, since the complete disposal of vulnerabilities is, firstly, most likely impossible, and, secondly, not the fact that it is economically feasible. Actually, SDL uses a classic risk-based approach, the main purpose of which is to reduce risks to an acceptable level,
SDL-published materials ( http://www.microsoft.com/security/sdl/discover/default.aspx ) describe in detail the processes that ensure security during development, the roles of specialists involved in these processes, and the utilities used in the work. By the way, Microsoft provides a large set of free utilities that you can use at one stage or another of the safe development life cycle ( http://www.microsoft.com/security/sdl/adopt/tools.aspx) But, of course, no documents can replace live communication and the opportunity to participate in the discussion of the latest trends, which, of course, include the development of secure mobile or cloud applications. That is why the Microsoft Russian representative office regularly holds conferences on such an interesting and important topic. This time, one of the invited speakers was the legendary Steve Lipner, who was at the origins of the implementation of SDL in Microsoft, it was under his leadership that this process grew to the existing version and began to be used in many companies around the world.
Participation in the conference is free, we are waiting for all those who are interested in the topic of safe development!
And finally: the conference sessions will be useful not only for representatives of development companies - companies that order development will also be able to learn a lot of useful things, including the correct formation of requirements for the supplier’s processes to increase the degree of safety of the supplied products.
Date: March 5, 2013
Registration: http://careerlab.ru/mssd/
Conference site: http://www.mssdcon.ru
Friends, 5- March March in Moscow, Microsoft holds the second conference on approaches to safe development mssdcon.ru. The so-called Security Development Lifecycle is becoming increasingly popular among professional developers. Nowadays, when you can’t practically take a step without IT, more and more attention, materials and even laws and regulations are devoted to the security of the technologies that we all use: the law on personal data, the President’s decree on the creation of a state detection, warning and the elimination of the consequences of computer attacks on the information resources of the Russian Federation, etc.
As we all are well aware, security must be comprehensive, and its provision must be process-based. So SDL is only one of the components of ensuring the security of the end system, but it is very important and even, to some extent, special, as it is a contribution on the part of the developer to the security of the future information system functioning on the customer side. The main goals of the SDL are to reduce and mitigate vulnerabilities. The statement of goals does not operate with absolute values, since the complete disposal of vulnerabilities is, firstly, most likely impossible, and, secondly, not the fact that it is economically feasible. Actually, SDL uses a classic risk-based approach, the main purpose of which is to reduce risks to an acceptable level,
SDL-published materials ( http://www.microsoft.com/security/sdl/discover/default.aspx ) describe in detail the processes that ensure security during development, the roles of specialists involved in these processes, and the utilities used in the work. By the way, Microsoft provides a large set of free utilities that you can use at one stage or another of the safe development life cycle ( http://www.microsoft.com/security/sdl/adopt/tools.aspx) But, of course, no documents can replace live communication and the opportunity to participate in the discussion of the latest trends, which, of course, include the development of secure mobile or cloud applications. That is why the Microsoft Russian representative office regularly holds conferences on such an interesting and important topic. This time, one of the invited speakers was the legendary Steve Lipner, who was at the origins of the implementation of SDL in Microsoft, it was under his leadership that this process grew to the existing version and began to be used in many companies around the world.
Participation in the conference is free, we are waiting for all those who are interested in the topic of safe development!
And finally: the conference sessions will be useful not only for representatives of development companies - companies that order development will also be able to learn a lot of useful things, including the correct formation of requirements for the supplier’s processes to increase the degree of safety of the supplied products.