Charles J. Lord, PE, President & Chief Trainer, Blue Ridge Advanced Design and Automation
In this class, we will teach software developers, testers, and analysts how taint analysis can identify exploitable areas within an application and/or system that could be used as an entry point by a hacker. Using IoT as our example, we will help perform proper taint analysis, evaluating how data modified purposely by a user or system (such as a variable set by a field in a web form or a package of information send across an automotive CAN bus) poses a potential security risk. With the continuing surge in code and data spawned by the IoT’s popularity, this is especially needed to maximize security and maintain an efficient data flow, regardless of whether it’s data within an application or data that’s transferred between applications. Given the enormous increase in application and system connectivity, all software should be analyzed for taint defects. Day 1 sponsored by GrammaTech.