This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
C/C++ Appsec in 2014
App Security Use Case: PCI Compliance by Jaime D'Anna
When most people hear the term 'Application Security' they often think of web and mobile applications - but the term can apply to an application written in any language or framework on any operating system. A large majority of applications we rely on every day are written in older languages such as C and C++. These languages put developers in control of raw memory and as a result security bugs often have disastrous consequences. While the concept of memory safety is not new, the trends in C/C++ vulnerability research change with time. We will explore some of the newer and more complex bug classes prevalent in applications today and what tools and techniques can be used to find and fix them.
Chris Rohlf is the founder of Leaf Security Research where he specializes in vulnerability discovery and reverse engineering. Chris has over ten years of experience in various security roles including developer, researcher and consultant. Prior to founding Leaf SR he was a Principal Security Consultant at Matasano Security in NYC and has previously worked as a Security Researcher for the US Department of Defense. Chris has discovered and published many security vulnerabilities affecting web browsers, operating systems and more. He has spoken at industry conferences including BlackHat and is the author of numerous open source security tools.
Jaime D'Anna is a Senior Director of Product Marketing at TIBCO Software Inc, charged with the success of the Loglogic product line. With over 15 years of professional experience, Jaime has held roles in Product Marketing, Product Strategy and Pre-Sales Engineering for various ERP, CRM and Internet Applications in companies such as IBM, Oracle, OpenText and Documentum. He holds a BS from Santa Clara University as well as a number of industry and regulatory certifications.
TIBCO Software Inc. (NASDAQ: TIBX) is a provider of infrastructure software for companies to use on-premise or as part of cloud computing environments. TIBCO LogLogic provides organizations with security, compliance and IT optimization through enterprise-class log management and predictive intelligence for big data which enables companies to achieve the two-second advantage® – the ability to capture the right information at the right time and act on it preemptively for a competitive advantage. Learn more at www.tibco.com/loglogic.