Secure Coding Practices and Automated Assessment Tools
TimeSunday, November 11th8:30am - 12pm
DescriptionHigh performance computing increasingly involves the development and deployment of network and cloud services to access resources for computation, communication, data, and analytics. Unique to the HPC field is the large amount of software that we develop to drive these services. These services must assure data integrity and availability, while providing access to a global scientific and engineering community.
Securing your network is not enough. Every service that you deploy is a window into your data center from the outside world, and a window that could be exploited by an attacker.
This tutorial is relevant to anyone wanting to learn about minimizing security flaws in the software they develop or manage. We share our experiences gained from performing software vulnerability assessments. You will learn skills critical for software developers and analysts concerned with security.
Software assurance tools – tools that scan the source or binary code of a program to find weaknesses – are the first line of defense in assessing the security of a software project. These tools can catch flaws in a program that affect both the correctness and safety of the code. This tutorial is also relevant to anyone wanting to learn how to use these tools.