These days, the whole world runs on software. Things which were previously manual or purely mechanical have been automated. Your fridge may well be smarter than a 1950's era super computer. The cyber age has brought about amazing efficiencies in our everyday lives. Unfortunately, this includes the efficiency with which bad actors can take advantage of you if the software upon which you depend is not secure.
Security is not a feature which can be bolted on as an afterthought. The software development lifecycle must have security considerations built in, including application security testing at all levels. This has become a common practice (though not common enough), with standards and tools available to assist in the production of trustworthy applications.
Alan Dewar will present an overview of vulnerability classifications and enumerations, and the various types of application security testing which can and should be used. Different roles have different needs, and there are tradeoffs to be considered.
Alan Dewar is a staff software engineer at Synopsys, working as part of the Software Integrity Group. He has been focusing on making it easier for you to build trust in software. He is also a long-time CUUG member and director, currently serving as CUUG President.
800 - 6 Ave. S.W.
Plus-15 Conference Room
There is $2 parking available one block north-east of the meeting location, in the underground parkade at McDougall Centre.
Snacks at 17:30. Meeting begins at 18:00.
Attendance is free for CUUG members, or $10 (cash only) at the door for non-CUUG members.
See the main CUUG web page for general information about CUUG.