PDUG Meetup: disassembling WAFs on cogs, climbing into binaries with bare hands, assembling the development environment infrastructure

PDUG Meetup: J'adore hardcore - the final community meeting of the Positive Development User Group this year, dedicated to safe development, will take place on December 20 in Digital October.

At the previous mitap, we talked a lot about the fundamental aspects of the implementation of the Security Development Lifecycle, dealt with organizational issues and management challenges. This time it is planned to leave theory to the maximum and focus on hardcore: we invite everyone who is not indifferent to safe development, break away from the usual working projects and delve right into the code together with colleagues.

Topics and experts are selected very different, so that everyone will find a report on their interests, will be able to learn something new or, on the contrary, teach something to everyone else.
')
Preliminary program mitap:

Introductory report
Andrey Ivanov, Microsoft Information Security Expert

"Who said waf?"
Denis Kolegov, Positive Technologies Protection Technology Research Team Leader

Development of protection mechanisms for application-level firewalls (application firewalls, AF) is one of the most difficult, but at the same time the most interesting computer security problems. Its complexity is determined primarily by the black box model, within which, as a rule, classic AFs function.

In the report, we will look at the main methods and algorithms underlying the existing protection mechanisms for web application-level screens (web application firewalls, WAF), discuss the classic computer security problems that WAF developers have to solve, and also talk about the ideas of promising protection mechanisms in WAF .

"Technologies for analyzing binary code applications: requirements, problems, existing tools"
Konstantin Panarin, Specialist, Development Department, Low-Level Applications Analyzer, Positive Technologies

Analysis of a binary code is necessary in a number of situations: in the analysis of malicious code when the source code is missing; during the search for undeclared capabilities in commercial software that comes without source codes, including through certification tests, etc. The purpose of analyzing a binary code is to obtain information about the features of the implementation of algorithms, recognition of algorithms, recovery of data exchange protocols and data formats analyzed programs.

The report will be a detailed introduction to the methods of binary analysis: differences from program analysis using source codes will be described, the main problems encountered in the analysis process will be described, and a review of modern binary code analyzers will be given.

“A flexible and secure infrastructure for a development environment based on Microsoft and 5nine technologies”
Yury Brazhnikov, CEO, 5nine Software Inc. across Russia and the CIS

What is well designed should be well protected. During the report, it is planned to consider the process of building the IB infrastructure for developers, the design features of the virtual infrastructure, as well as the creation of a simple and convenient self-service portal.

Question and answer session, discussion
Participation is traditionally free, but the number of seats is limited, so you need to register.