Speaking at BSidesAustin

[Update]

The schedule is up. I'm speaking from 13:30 to 14:30. My talk is called: "I'm a software developer. What do you mean I'm on the blue team?": What we can learn in a red/blue world.

Link

Abstract

It's tempting to think as software developers we've done everything possible to secure our product once we've eliminated (or tried to eliminate) buffer overflows, implemented encryption and a dozen other secure-development practices. But is that all there is to developing secure software?

In this talk Aaron discusses software development in context of red-team/blue-team exercises. He contends that developers are with few exceptions always members of the blue team and that that role brings with it obligations and opportunities to improve software security.