Application Security/Software Assurance


Education Level: Intermediate

5316 - How to Implement the Eight Most Effective Secure Development Practices in Use Today

Tuesday, September 26
3:00 PM - 4:00 PM

SAFEcode members will present eight tested, implemented and fundamental software development practices every company should be doing to ensure the security of its development process. The presentation is backed by extensive research and analysis of SAFECode members and prominent enterprises with experience in managing the security of acquired software. Key areas of discussion include: secure design principles, secure coding principles, testing recommendations and technology recommendations.

Attendees will leave this presentation with:

  • Tools to help solve many of the challenges of working with software suppliers.
  • Insight into improving a risk assessment process.
  • Detailed outline of an effective security assessment.

    Learning Objectives:

    • Detail specific steps to improve software assessment and assurance practices across an enterprise.
    • Understand the most critical areas of software assurance as employed by leading, mature software security organizations.
    • Participate in an interactive discussion on the most critical practices in today's software assurance environment.
  • John Martin

    Program Manager, COTS Software Security

    John Martin, CISSP, CISM, is Boeing’s program manager for commercial software security. His career spans the years between Blue-Box MF generators, through the era of automated hacks and into our modern age of industrialized paranoia. Unlike more statesman-like peers, he suffers the disadvantage of being alive. He is, unfortunately, a frequent speaker on the topic of commercial software security. In his spare time, he designs specialized NSA-proof tin-foil hats designed to keep the implant signals in. John was named by SANS as one of the 10 Difference Makers in Security for 2016.


    Send Email for John Martin

    Steven B. Lipner

    Executive Director

    Steven B. Lipner, CISSP, is the executive director of SAFECode. Steve is a computer security pioneer with more than 40 years of experience as a researcher, development manager and general manager in IT security. In 2015, he retired from Microsoft ,where he was the creator and long-time leader of Microsoft’s Security Development Lifecycle (SDL) team. While at Microsoft, Steve also created initiatives to encourage industry adoption of secure development practices and the SDL, and served as a member and chair of the SAFECode board. Throughout his career, Steve has been a contributor to government and industry efforts to improve cybersecurity. He was one of the founding members of the U.S. Government Information Security and Privacy Advisory Board—serving two terms (a total of more than ten years).

    Steve has been a member of nine National Research Council committees and is named as co-inventor on 12 U.S. patents. He was elected to the ISSA Hall of Fame in 2010 and to the National Cybersecurity Hall of Fame in 2015. In 2017, Steve was elected a member of the National Academy of Engineering for developing and deploying practical methods for engineering secure software and computer systems.


    Send Email for Steven Lipner


    5316 - How to Implement the Eight Most Effective Secure Development Practices in Use Today

    MP3 Audio Video

    Attendees who have favorited this

    Please enter your access key

    The asset you are trying to access is locked. Please enter your access key to unlock.

    Send Email for How to Implement the Eight Most Effective Secure Development Practices in Use Today