Secure Code the Cyber Pandemic Vaccine - Wayne Burke
-
Upload
ec-council -
Category
Technology
-
view
278 -
download
0
Transcript of Secure Code the Cyber Pandemic Vaccine - Wayne Burke
Secure Code the Cyber Pandemic Vaccine
Secure Code the Cyber Pandemic Vaccine
Wayne Pruitt CEI, CEH, ECSA, CHFI, CIH, CSP .Net, CSP Java,
EDRP, MCDBA, MCAD, MCSD, Security +
Owner of
Hardbit Solutions
Secure Code the Cyber Pandemic Vaccine
Secure Code the Cyber Pandemic Vaccine
BSCSE COMPUTER SYSTEMS ENGINEERING Fall 2015 Year One
CSEE 2200 Intro to Computer Systems Engr. I CSCI 1301 Intro to Computing & Programming
CSCI 1302 Software Development CSEE 2210 Intro to Computer Systems Engr. II
Year Two
CSEE 2220 Fundamentals of Logic Design CSEE 2920 CSEE Design Methodology
CSCI 1730 Systems Programming CSCI 2720 Data Structures
Year Three
CSEE 4280 Advanced Digital Design CSEE 4230 Embedded Systems Design CSEE 4270 Design of Digital Systems
CSEE Track Elective
Year Four CSEE 4920 CSEE Capstone Design Project
CSEE Track Elective CSEE Track Elective CSEE Track Elective
Secure Code the Cyber Pandemic Vaccine
BSCSE Electives Computer Hardware Systems
CSCI 4150 Numerical Simulations in Science & Engineering CSCI 4370 Database Management
CSCI 4730 Operating Systems CSCI 4740 Real-Time Scheduling CSCI 4760 Computer Networks
CSEE 4210 Digital Signal Processing CSEE 4240 Sensor Networks
ENGR 4260 Intro to Nano-electronics Mechatronics
CSEE 4320 Mechatronics CSCI 4150 Numerical Simulations in Science & Engineering
CSCI 4530 Intro to Robotics CSCI 4830 Virtual Reality
CSEE 4310 Embedded Robotics CSEE 4530 Intro to Optical Engineering ENGR 4220 Feedback Control Systems
ENGR 4270 Electronics II ENGR 4540 Applied Machine Vision
Biological Systems CSCI 4150 Numerical Simulations in Science & Engineering
CSCI 4490 Algorithms for Computational Biology CSEE 4630 Instrumentation for Monitoring Biological Systems
ENGG 4620 Biomedical Imaging ENGR 4220 Feedback Control Systems
MATH 4780 Mathematical Biology
Secure Code the Cyber Pandemic Vaccine
C++ Unit 1: Introduction and Setup Unit 2: Dealing with Data and Compound Types Unit 3: Object-Oriented Programming Unit 4: Advanced Concepts Unit 5: Memory Management and Testing Unit 6: Useful Examples and C++ Glossary
Web Development
Unit 1: The Internet and Web Protocols Unit 2: Client Server Architecture Unit 3: Web Software Unit 4: Hyptertext Markup Language (HTML) Unit 5: JavaScript, Ajax, and Java Server Pages (JSP) Unit 6: Web Security and Encryption
CS101 Unit 1: Introduction Unit 2: Object-Oriented Programming Unit 3: Java Fundamentals Unit 4: Relational and Logical Operators in Java Unit 5: Control Structures Unit 6: User-Defined Methods Unit 7: Arrays Unit 8: Java I/O and Exception Handling
CS102
Unit 1: C++ and Java Unit 2: The Building Blocks of Object-Oriented Programming Unit 3: C++ Standard Template Library Unit 4: Exceptions Unit 5: Recursion Unit 6: Searching and Sorting Unit 7: Template Programming
Secure Code the Cyber Pandemic Vaccine
Secure Code the Cyber Pandemic Vaccine
Secure Code the Cyber Pandemic Vaccine
Security - An Afterthought in the SDLC
Secure Code the Cyber Pandemic Vaccine
Security Development Lifecycle
Secure Code the Cyber Pandemic Vaccine
TRAINING
Secure Code the Cyber Pandemic Vaccine
Secure Code the Cyber Pandemic Vaccine
Secure Code the Cyber Pandemic Vaccine
• Input Validation • Output Encoding • Authentication and Password Management • Session Management • Access Control • Cryptographic Practices • Error Handling and Logging • Data Protection • Communication Security • System Configuration • Database Security • File Management • Memory Management
Secure Code the Cyber Pandemic Vaccine
• Input Validation
Do Not Trust Any Input!!!
Secure Code the Cyber Pandemic Vaccine
• Output Encoding
Sanitize Data to Other Systems!!!
Secure Code the Cyber Pandemic Vaccine
• Authentication and Password Management
Make Sure the Person or System that is
Asking, is who they say they are!!!
Secure Code the Cyber Pandemic Vaccine
• Session Management
Make Sure it is the Same SESSION!!!
Secure Code the Cyber Pandemic Vaccine
• Access Control
Least Privilege!!!
Secure Code the Cyber Pandemic Vaccine
• Cryptographic Practices
Do Not Write Your Own Crypto!!!
Protect the Keys!!!
Secure Code the Cyber Pandemic Vaccine
• Error Handling and Logging
Do Not Disclose Sensitive Info!!!
Secure Code the Cyber Pandemic Vaccine
• Data Protection
Protect DATA!!! Encryption
ACLs
Secure Code the Cyber Pandemic Vaccine
• Communication Security
Protect the Transmission!!!
TLS
Secure Code the Cyber Pandemic Vaccine
• System Configuration
Protect the System, Not Just the App!!!
Secure Code the Cyber Pandemic Vaccine
• Database Security
See Data Protection & Input Validation!!!
Secure Code the Cyber Pandemic Vaccine
• File Management
Restrict Access!!!
Scan Uploaded Files!!!
Secure Code the Cyber Pandemic Vaccine
• Memory Management
Prevent Buffer Overflows!!!
Clear Memory Often!!!
Secure Code the Cyber Pandemic Vaccine
Keep
It
Simple
Stupid
Secure Code the Cyber Pandemic Vaccine
Conclusion
Secure Code the Cyber Pandemic Vaccine
Questions
Secure Code the Cyber Pandemic Vaccine
Wayne Pruitt [email protected]