SeaJUG is an all volunteer effort - which means items such as the website and mailing list are updated as schedules afford. We meet on the 3rd Tuesday of every month. We need suggestions/volunteers for topics! If you'd like to donate your time/skills to the cause, contact Nimret Sandhu.
In this session we will look at best practices to avoid introducing security vulnerabilities into your Java application and how to discover those that may have already found their way in. Over the several years studies have shown that 70% of exploitable vulnerabilities occur in application code, so we will discuss how these can be prevented. Of these 70 percent, half are design flaws, so we will also discuss what Secure Development Lifecycle processes should be adopted to avoid these expensive problems.
Eric Raisters, CISSP, CSSLP has been testing software for nearly 3 decades and has worked as a security thought leader at Attachmate (and previously WRQ) for the last 17 of those. For the last two years his title has been Manager, Secure Software Development and so he manages a team of 1 (himself). Over the last three years he has introduced and cajoled the Attachmate development team into adopting a Secure Development Lifecycle process to improve the quality and security of Attachmate products.
Pizza and pop are provided by TekSystems.