Secure Software Development - Secure Software Development Conference
Venue: Exhibition Center "Infoprostvo", 1st Zachatievsky lane, 4
Date: March 5, 2013
Registration: http://careerlab.ru/mssd/
Conference site: http://www.mssdcon.ru
Friends, on March 5th in Moscow Microsoft is holding a second conference dedicated to the approaches to the secure development of mssdcon.ru . The so-called Security Development Lifecycle is becoming increasingly popular among professional developers. Nowadays, when without IT it is impossible to practically step on and take a step, the security of technologies we all use is devoted to more and more attention, materials and even laws and regulations: the law on personal data, the presidential decree on the creation of a state system of detection, warning and eliminate the consequences of computer attacks on information resources of the Russian Federation, etc.
As we all well know, security should be integrated, and its maintenance should be of a process character. So, SDL is only one of the security components of the final system, but it is very important and even, to some extent, special, as it is a contribution from the developer to the security of the future information system functioning on the customer’s side. The main goals of the SDL are to reduce the number and reduce the risk of vulnerabilities. The formulation of goals does not operate with absolute values, since complete elimination of vulnerabilities is, firstly, most likely impossible, and, secondly, not a fact that is economically feasible. Actually, the SDL uses the classic risk-oriented approach, whose main goal is to reduce risks to an acceptable level, and not to spend a huge amount of manpower and resources to eliminate them completely.
')
The materials published on SDL ( http://www.microsoft.com/security/sdl/discover/default.aspx ) describe in detail the processes that ensure development safety, the roles of the specialists involved in these processes and the utilities used in the work. By the way, Microsoft provides a large set of free utilities that can be used at a particular stage of the life cycle of secure development ( http://www.microsoft.com/security/sdl/adopt/tools.aspx ). But, of course, no documents will replace live communication and the opportunity to participate in the discussion of the latest trends, which, of course, include the development of secure mobile or cloud applications. That is why the Russian representative office of Microsoft on a regular basis holds conferences devoted to such an interesting and important topic. This time, one of the invited speakers - the legendary Steve Lipner, who was at the origin of the introduction of SDL into Microsoft, under his leadership, this process grew to the existing version and was used in many companies around the world.
Participation in the conference is free, we are waiting for all who are interested in the topic of secure development!
And finally: the conference sessions will be useful not only to representatives of development companies - companies ordering development will also be able to learn a lot of useful things, including correct formation of requirements for supplier processes to increase the security level of the supplied products.
Date: March 5, 2013
Registration: http://careerlab.ru/mssd/
Conference site: http://www.mssdcon.ru
Friends, on March 5th in Moscow Microsoft is holding a second conference dedicated to the approaches to the secure development of mssdcon.ru . The so-called Security Development Lifecycle is becoming increasingly popular among professional developers. Nowadays, when without IT it is impossible to practically step on and take a step, the security of technologies we all use is devoted to more and more attention, materials and even laws and regulations: the law on personal data, the presidential decree on the creation of a state system of detection, warning and eliminate the consequences of computer attacks on information resources of the Russian Federation, etc.
As we all well know, security should be integrated, and its maintenance should be of a process character. So, SDL is only one of the security components of the final system, but it is very important and even, to some extent, special, as it is a contribution from the developer to the security of the future information system functioning on the customer’s side. The main goals of the SDL are to reduce the number and reduce the risk of vulnerabilities. The formulation of goals does not operate with absolute values, since complete elimination of vulnerabilities is, firstly, most likely impossible, and, secondly, not a fact that is economically feasible. Actually, the SDL uses the classic risk-oriented approach, whose main goal is to reduce risks to an acceptable level, and not to spend a huge amount of manpower and resources to eliminate them completely.
')
The materials published on SDL ( http://www.microsoft.com/security/sdl/discover/default.aspx ) describe in detail the processes that ensure development safety, the roles of the specialists involved in these processes and the utilities used in the work. By the way, Microsoft provides a large set of free utilities that can be used at a particular stage of the life cycle of secure development ( http://www.microsoft.com/security/sdl/adopt/tools.aspx ). But, of course, no documents will replace live communication and the opportunity to participate in the discussion of the latest trends, which, of course, include the development of secure mobile or cloud applications. That is why the Russian representative office of Microsoft on a regular basis holds conferences devoted to such an interesting and important topic. This time, one of the invited speakers - the legendary Steve Lipner, who was at the origin of the introduction of SDL into Microsoft, under his leadership, this process grew to the existing version and was used in many companies around the world.
Participation in the conference is free, we are waiting for all who are interested in the topic of secure development!
And finally: the conference sessions will be useful not only to representatives of development companies - companies ordering development will also be able to learn a lot of useful things, including correct formation of requirements for supplier processes to increase the security level of the supplied products.
Source: https://habr.com/ru/post/168161/
All Articles