Description: Abstract:
Heartbleed presents a challenge: how can a catastrophic bug in a widely used software library go unnoticed for two years? This presentation explores how better software testing can expose bugs like Heartbleed.
We’ll begin with a detailed description of the Heartbleed vulnerability and the story of how it was discovered. Then we’ll move on to examine the different types of software testing that are currently available and how these techniques can be used in a secure development life cycle. These include static analysis, dynamic approaches such as fuzzing, and a variety of instrumentation for runtime verification.
Attendees interested in creating robust and secure software will come away with a comprehensive understanding of the techniques that can be used to find and fix bugs before product release.
For More Information please visit:- http://bsidesraleigh.org
Tags:
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.