Name
How to Build a Blueprint for Secure Software
Date & Time
Tuesday, July 12, 2022, 1:25 PM - 1:50 PM
Description

Application developers are increasingly taking the “DevSecOps” ethos to heart. They are realizing that security is not just something that gets bolted onto apps or around networks. Instead, security needs to be built into the applications that they create. While many have turned to SAST solutions to identify vulnerabilities such as Log4Shell in Log4J, others rightfully wonder how to protect the code that they write themselves; code that – by definition – contains working examples of how to penetrate the security perimeter that their InfoSec colleagues have put in place.

In this session, you will learn:

  • How threat actors reverse engineer applications
  • How a “Protection Blueprint” secures applications
  • What unobfuscated and disassembled machine code looks like to a threat actor
  • How obfuscated machine code makes the threat actor’s job more difficult
  • What anti-tamper measures do to prevent reverse engineering of applications
Dan Shugrue Cole Herzog