"I'm a software developer. What do you mean I'm on the blue team?"

BSides SATX 2016

Presented by: Aaron Poffenberger
Date: Saturday May 21, 2016
Time: 14:00 - 14:55
Location: Moody Room 102
Track: In The Weeds

It's tempting to think as software developers we've done everything possible to secure our product once we've eliminated (or tried to eliminate) buffer overflows, implemented encryption and a dozen other secure-development practices. But is that all there is to developing secure software? In this talk Aaron discusses software development in context of red-team/blue-team exercises. He contends that developers are with few exceptions always members of the blue team and that that role brings with it obligations and opportunities to improve software security.

Aaron Poffenberger

Aaron Poffenberger, CISSP, has more than 18 years experience developing commercial software. Aaron has developed security and auditing software for PentaSafe Security Technologies, NetIQ and now BRS Labs, Inc. Aaron has also worked in the field of web services and streaming media, most recently for The Anime Network where he designed and implemented public-facing APIs for mobile-app access, payment processing and delegated authentication. At BRS Labs Aaron leads development of the AISight API and SDK, server and web UI.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats