52 Application Security with Glenn Leifheit
In this episode, we talk to Glenn Leifheit, a Senior Information Security Consultant at FICO in Minneapolis-St. Paul, Minnesota about security – what to think about, where to start, approaches and best practices.
In this episode, we talk to Glenn Leifheit, a Senior Information Security Consultant (Application Security Program Leader) at FICO in Minneapolis-St. Paul, Minnesota about security – what to think about, where to start, how to approach it and best practices.
We talk about things like initial areas for concern (input validation, encoding output, whether to trust internal or external data, etc.), how Glenn goes about reviewing application security, threat modeling, static and dynamic analysis, trust boundaries, best practices and then provides some resources to help you get started.
whois Glenn Leifheit
Glenn Leifheit, CISSP, CSSLP is a Senior Security Architect at FICO. He has worked in developing, managing, architecting and securing large scale applications for over 15 years. His day is spent rolling out an Enterprise secure software development lifecycle and managing PCI requirements as well as secure software reviews. Glenn is active in the Technology community as the Co-Chair of (ISC)2 Application Security Advisory Board, President of TechMasters Twin Cities, as an active member of IASA (International Association of Software Architects) and OWASP (Open Web Application Security Project) as well as a regional speaker evangelizing secure software. Glenn's blog is located at www.glennleifheit.com.
- The Open Web Application Security Project (OWASP)
- OWASP Top 10 Risks (2010)
- Microsoft Security Development Lifecycle (SDLC)
- Writing Secure Code, Second Edition (Microsoft Learning)
- HP Fortify – Software Security Assurance Tools
- Web Application Security Consortium
ThatConference is a brand new conference coming to the Kalahari Resort in the Wisconsin Dells on August 13th, 14th, 15th of 2012. This is a conference is founded by Developers who want to create the conference they’ve always want to go to and for a price that’s easy to justify to your boss. First and foremost this is a developer’s conference. 3 days of any technology and nothing but code. You can find more at ThatConference.com.
WebSite Hosting is provided by Applied Innovations.