[ :: mainpage :: register :: conference :: training :: call for papers (CFP) :: the venue ]
[ :: capture the flag (CTF) :: press/media :: conference agenda :: contact us ]
[ :: forum :: sponsors :: past conferences :: conference kit (PDF) ]

Paul Boehm (Founding member of TESO Security, Security Consultant, SEC Consult)

Filed under: Main Page — Administrator @ 10:28 am

May 19, 2006

Presentation Title: Taming Bugs: The Art and Science of Writing Secure Code
Presentation Details:

Writing secure code isn’t just about avoiding bugs. If you give a thousand programmers the same task and the same tools, chances are a lot of the resulting programs will break on the same input. Programming is as much about People, as it is about Code and Techniques. This talk will look deeper, beyond the common bug classes, and provide explanations for why programmers are prone to making certain mistakes. New strategies for taming common bug sources will be presented. Among these are TypedStrings for dealing with Injection Bugs (XSS, SQL, etc), and Path Normalization to deal with Path Traversal.

About Paul

Paul Boehm was a founding member of TESO Security in 1998, and has spent a lot of time breaking code. In 2003 he has worked on quantum cryptography at the University of Vienna where he has developed and implemented an improved efficiency qc protocol. His current interest is in Vulnerabilty Defense and Secure Software. He works as a Security Consultant for SEC Consult.



Event Organizer


Hack In The Box (M) Sdn. Bhd.

Supported & Endorsed By


Malaysian Communications and Multimedia Commission (MCMC)


Malaysian Administrative Modernisation & Management Planning Unit

Platinum Sponsors


Foundstone - A division of McAfee Inc.

Microsoft Corporation

Main Sponsors

Cisco Systems

Lucent Technologies - Bell Labs Innovations

Official Airline Partner


Internet Bandwidth Sponsor


AIMS - Malaysia's Telecommunications Hub

Official Hotel


Westin Kuala Lumpur

CTF Sponsor


Ascendsys

CTF Prize Sponsor


Scan Associates Berhad.


Our Speakers Are Supported By:


Bellua Asia Pacific


Core Security Technologies

Media Partners:

InfoSec News

(ISN) InfoSec News

Virus Bulletin online magazine is dedicated exclusively to reporting and analysing malicious computer programs and spam. The annual Virus Bulletin conference is cited by many in the industry as the anti-malware event of the year.

Insecure Magazine

Phrack Magazine

Hakin9 Magazine

Supporting Organizations


HERT


ISECOM - Insititue for Security and Open Methodologies


IT Underground


Chaos Computer Club (Germany)


X-Focus China

Zone-H Defacement Mirror


Xatrix Security


SyScan


Special Interest Group in Security & Information InteGrity Singapore