The Center for Education and Research in Information Assurance and Security (CERIAS)

The Center for Education and Research in
Information Assurance and Security (CERIAS)

Cassio Goldschmidt - Symantec

Students: Spring 2025, unless noted otherwise, sessions will be virtual on Zoom.

The Dark Side of Software Engineering and How to Defend Against It

Feb 04, 2009

Download: Video Icon MP4 Video Size: 332.0MB  
Watch on Youtube Watch on YouTube

Abstract

If you create an application that runs on one or more computers
connected to a network such as the internet, your code will be attacked.

Consequences of compromised systems often include loss of trust,
reputation and revenue. Software will always have defects and
vulnerabilities. Strikes against digital assets are unquestionably on
the rise. We can, however, make it substantially harder to find and
exploit vulnerabilities by identifying insecure coding practices and
developing secure alternatives.

During this practical session, we'll examine in detail the principles
behind some of the worst attack patterns seen today in the software
industry. Most importantly, we'll learn effective defense programming
techniques every developer must employ when building software.

About the Speaker

Cassio Goldschmidt is senior manager of the product security team under
the Office of the CTO at Symantec Corporation. In this role he leads
efforts across the company to ensure the secure development of software
products. His responsibilities include managing Symantec's internal
secure software development process, training, threat modeling and
penetration testing. Cassio's background includes over 12 years of
technical and managerial experience in the software industry. During
the six years he has been with Symantec, he has helped to architect,
design and develop several top selling product releases, conducted
numerous security classes, and coordinated various penetration tests.

Cassio represents Symantec on the SAFECode technical committee and
(ISC)2 in the development of the CSSLP certification. He holds a
bachelor degree in computer science from Pontificia Universidade
Catolica do Rio Grande Do Sul, a masters degree in software engineering
from Santa Clara University, and a masters of business administration
from the University of Southern California.


Ways to Watch

YouTube

Watch Now!

Over 500 videos of our weekly seminar and symposia keynotes are available on our YouTube Channel. Also check out Spaf's YouTube Channel. Subscribe today!