Application Security/Software Assurance

3316 - Application Security Design Patterns: Pick a Language, Any Language

Wednesday, October 10
1:45 PM - 2:45 PM
Location: Floor 2: Galerie 4

Application developers really want to create secure programs—they just don't know it yet. When we give them the tools and patterns to design and code securely, they get really excited and immediately put those patterns to use.

Before we give developers a long list of vulnerabilities, we must give them the design patterns—in the language they program—to fix those security holes. Better yet, as they learn these patterns, they will build them in to their applications.

We will present numerous AppSec design patterns, case studies of companies who've deployed patterns in production applications, challenges throughout the SDLC and the feelings of contentment as developers get those pesky security folks off their backs.


Learning Objectives:

Joe Friedman

Information Security
ICE - New York Stock Exchange

Joe Friedman is on the information security team at ICE, where he helps developers do security right at the New York Stock Exchange and other exchanges and clearinghouses. He developed code from his first job at a startup, where lunch was taken during reading sessions of Lions' Commentary on UNIX, 6th Edition. He continued at Bell Labs, Merrill Lynch and other financial firms. When he started using the first open-source firewall, he was hooked on security, always with an architecture and application security focus. He moved between finance, pharma at Johnson & Johnson, healthcare and various consulting gigs. He strives to be a programmer's best friend.


Send Email for Joe Friedman


3316 - Application Security Design Patterns: Pick a Language, Any Language



Presentation Slides




Attendees who have favorited this

Please enter your access key

The asset you are trying to access is locked. Please enter your access key to unlock.

Send Email for Application Security Design Patterns: Pick a Language, Any Language