Wednesday, April 23, 2014

Date: April 25, 2014

Time: 10:30 a.m. ET - 12:00 p.m. ET

Cost: Complimentary

About the Webcast

Join technical staff from the Software Engineering Institute (SEI) and Codenomicon during a live-streamed panel discussion on the impact of the recently announced Heartbleed OpenSSL vulnerability along with methods to mitigate and even prevent crises like this in the future. Chris Clark, Security Engineer from Codenomicon, one of the cybersecurity organizations that discovered the Heartbleed vulnerability, will join members of SEI's technical staff from the CERT and Software Solutions divisions and from the SEI's Information Technology department. They will be discussing how software vulnerabilities like Heartbleed can be mitigated through the different phases of the secure software lifecycle using techniques available today. They will also discuss how changes to our current software development and management techniques need to be managed to more effectively reduce the effects of incidents like Heartbleed.

About the Panelists

Will Dormann has been a software vulnerability analyst with the CERT Coordination Center (CERT/CC) since 2004. His focus areas include web browser technologies, ActiveX, and fuzzing. Will has discovered thousands of vulnerabilities using a variety of tools and techniques.

Robert Seacord is a senior vulnerability analyst in the CERT® Program

at the Software Engineering Institute (SEI) in Pittsburgh, PA where he leads the Secure Coding Initiative. Robert is the author of The CERT C Secure Coding Standard (Addison-Wesley, 2008/2nd Ed. 2014) and Secure Coding in C and C++(Addison-Wesley, 2002) as well as co-author of two other books. Robert is an adjunct professor at Carnegie Mellon University.

Christopher Clark, a twenty-two year veteran of the Information Technology world, is a Security Engineer at Codenomicon. Chris utilizes his extensive background and experience to help organizations effectively integrate meaningful security practices into their environments.

Brent Kennedy is a member of CERT's Cyber Security Assurance team focusing on penetration testing operations and research. Brent leads an effort that partners with the DHS National Cybersecurity Assessments and Technical Services (NCATS) team to develop and execute a program that offers risk and vulnerability assessments to federal, state, and local entities.

William Nichols joined the Software Engineering Institute (SEI) in 2006 as a senior member of the technical staff and serves as a Personal Software Process (PSP) instructor and Team Software Process (TSP) Mentor Coach with the TSP Initiative within the Software Solutions Division (SSD).

Jason McCormick has been with SEI Information Technology Services since 2004 and is currently the Manager of Network and Infrastructure Engineering. He oversees datacenter, network, storage, and virtualization services and plays a key role in information security policy, practices, and technologies for the SEI.

Timur Snoke is a Member of the Technical Staff with the CERT® Division Network Situational Awareness team.

Robert Floodeen (Moderator) has worked across federal and Department of Defense operations in the United States. He has led teams performing intrusion detection at the Pentagon, Army Research Lab, and for the Defense Research and Engineering Network (DREN). Additionally, he spent several years managing CSIRT operations for the Defense Threat Reduction Agency.

Who Should Attend?

Security Managers and CISOs
CIOs and CTOs
Information Assurance Specialists
System Administrators
Network and IT Managers
Software Developers

Please share with colleagues or interested parties!

No comments:

Post a Comment