PHDays VII Secure Development Section: PDUG Community Meeting Summary

On May 24, a regular event of the Positive Development User Group community took place at the PHDays VII forum. While behind the wall, hackers enthusiastically (and quite successfully) attacked the infrastructure of a fictional city, we talked about how developers can make their applications invulnerable to hacking.

What came of it, look under the cut - there are collected presentations and videos of reports.
')
The eight-hour program of the track includes a master class on Application Security and six reports on various areas of safe development.

Workshop "Slum Application Security"

Vladimir Kochetkov, head of application security research, Positive Technologies, and Denis Kolegov, head of security technology research, Positive Technologies.


First part:


The second part of:


The third part:

Automating the construction of rules for Approof

Denis Efremov, Institute for System Programming of the Russian Academy of Sciences.

ASP.NET Core Attack Prevention Mechanisms

Mikhail Shcherbakov, independent developer and consultant.

Formal verification of C code

Denis Efremov, Institute for System Programming of the Russian Academy of Sciences.

Vulnerable Android application: N proven ways to step on a rake

Nikolay Anisenya and Sergey Toshin, experts of mobile applications security research, Positive Technologies.

Security Requirements in Software Architecture

Kirill Ivanov, architect, Positive Technologies.

From experimental programming to industrial: a 10-year path

Katerina Troshina, leading information security expert, Solar Security.



Thanks to everyone who came to our track! Over the course of the year, we plan to conduct several more thematic meetings and are already actively looking for new speakers and colleagues who are ready to support the popularization of safe development. If you have questions to the organizers or speakers, send them to pdugorg@ptsecurity.com or pdug.org@gmail.com .