лекция безопасная разработка приложений

  • Published on
    16-Jun-2015

  • View
    346

  • Download
    0

Embed Size (px)

DESCRIPTION

. 4 . .

Transcript

  • 1. kisttan@gmail.com

2. 3. - 4. : -2005 -795 -796 5. - ; ; ; . 6. ; ; SIEM; ( ); 7. ? . Aberdeen: 4 8. SDL 9. SDL fuzzing - 10. SDL Requirement s Training Design Implementati on Verification Release Response . . , , , n 80% RTM 11. SDL Training Requirement s Design Implementati on Verification Release Response , , (bug tracking/job assignment system) 12. SDL - Training Requirements Design Implementatio n Verification Release Response . 13. SDL - Training Requirement s Design Implementat ion Verification Release Response , (/analyze (PREfast), FXCop, CAT.NET) API (NX, ASLR HeapTermination) ( , SQL ..) ( Standard Annotation Language (SAL)) 14. SDL - Training Requirements Design Implementatio n Verification Release Response . code complete. . ? Fuzz , security push ( ) 15. SDL - Training Requirements Design Implementati on Verification Release Response - Software Security Incident Response Plan (SSIRP) 24x7x365 3-5 , 3-5 , 1-2 . . 16. Design Implementati on Response ; ; ; ; ; ; .Training Requirements Verification Release 17. SDL- Training Requirements Design Implementati on Verification Release Response ? . 18. ?

Recommended

View more >