Free security training for application developers

Campus application developers are invited to a free, half-day seminar Aug. 26 that can help them develop secure software--and consequently spend less time responding to data security breaches and regulatory issues concerning applications and data privacy.

Bryan Sullivan, a Microsoft security program manager, will be the main speaker. He discussed AJAX security at UCCSC2009-Focus on Security at UC Davis, is a frequent presenter at the RSA and Blackhat Technical Security conferences, cowrote "Ajax Security," and was a security solutions development manager and security researcher for SPI Dynamics.

"This is a great training opportunity conducted by a well-known and well-respected security authority," said Bob Ono, UC Davis IT security coordinator.

The seminar meets from 10 a.m. to 3 p.m. in 176 Everson, with time for a no-host lunch from noon to 1 p.m. Registration is limited to the first 125 people.

The schedule includes:

  • Information about the "Security Development Lifecycle," why it's important for developers and security technologists, how it fits in a Microsoft framework and other development environments, how to apply the lifecycle, and what templates and tools are available to assist application developers.
  • Product demonstrations of existing and forthcoming templates and tools.

The seminar will answer these questions:

  • What is the difference between these development security tools and the campus IBM AppScan Web application scanner?
  • How does risk assessment fit within the MS Security Development Lifecycle?
  • What is the relationship between security maturity and security development optimization?
  • Where can I learn more, and how do I get started with the Microsoft Security Development Lifecycle?

Read more about the seminar, or register here.