Presentations
Sean Barnum
2007
Attack Patterns: Knowing Your Enemy in Order to Defeat Them [PDF]
As presented at Blackhat DC 2007.
Michael Cohen
2007
Pragmatic Secure Architecture
Presented at the Washington, DC Regional Chapter meeting of IASA.
Scott Matsumoto
2007
Is Secure AJAX an Oxymoron? [PDF]
As presented at SD West 2007.
Gary McGraw
2007
Software Security: Building Security In [PDF]
Presented on CFI-CIRT Professional Development Day in Toronto, ON, Canada.
2005
Exploiting Software: How to Break Code
2004
Exploiting Software: How to Break Code (2004)
This talk has been given at NCSU and Johns Hopkins.
Exploiting Software: How to Break Code (2004)
Invited Talk at Usenix Security 2004 (San Diego).
Software Security Clue Distribution: Can we teach things like security?
17th Conference on Software Engineering Education and Training (CSEE&T) keynote on education and software security
2003
XP and Software Security?! You gotta be kidding
2002
INET 2002 Wireless Security Tutorial
Internet Security: Issues and Trends
Software Fault Injection2000
Java Security Architecture: Risks and Realities
Why Monitoring Mobile Code is Harder than it Sounds
2001
Attacking Malicious Code: The evolution of attack code and defenses against it
Managing Risks in Complex Systems: Policy enforcement and software security (PPT format)
John Steven
2007
Making Threat Modeling Useful to Software Development [PDF]
As presented at QCon, San Francisco 2007.