Security starts at the coding activity... See he quote:
A proactive approach to more secure code – Microsoft Security Response Center
Quoting:
"Since 2004, the Microsoft Security Response Centre (MSRC) has triaged every reported Microsoft security vulnerability. From all that triage one astonishing fact sticks out: as Matt Miller discussed in his 2019 presentation at BlueHat IL, the majority of vulnerabilities fixed and with a CVE assigned are caused by developers inadvertently inserting memory corruption bugs into their C and C++ code. As Microsoft increases its code base and uses more Open Source Software in its code, this problem isn’t getting better, it’s getting worse. And Microsoft isn’t the only one exposed to memory corruption bugs—those are just the ones that come to MSRC."
The PDF presentation can be found here:
https://github.com/microsoft/MSRC-Security-Research/raw/master/presentations/2019_02_BlueHatIL/2019_01%20-%20BlueHatIL%20-%20Trends%2C%20challenge%2C%20and%20shifts%20in%20software%20vulnerability%20mitigation.pdf
Well, as the title states we'll be addressing software development topics (mainly in English). Topics will be quick and short and most probably aligned with the training "problems", sorry, programs I am involved in. PS. Some links are "internal" (not publicly available): If you are not able to reach it, google will find you a publicly available information source for sure. Happy trails to you.
quinta-feira, 18 de julho de 2019
Security: A proactive approach to more secure code (MSRC, article)
Etiquetas:
201907,
Application Security,
Article,
C,
C++,
Microsoft,
MSRC,
PDF,
Secure Code,
Secure Coding,
Security