Brian Caswell is currently employed as a Principal Research Engineer within the Vulnerability Research Team at Sourcefire, where he is the primary author of the intrusion detection rulesets for Snort, an open source network intrusion prevention and detection system (IDS/IPS), and the de facto standard for IPS.  His credits include working on and contributing to several books on intrusion detection, a Honeynet Project alumni, and Metasploit contributor.  He is also a member of the Shmoo group, an international not-for-profit, non-milindustrial independent private think tank. Before Sourcefire,
Brian was the IDS team leader and all around "supergeek" for MITRE, a government sponsored think tank.

Topic:

With the increasing frequency and complexity of application-level attacks, combined with regulatory requirements for secure application development, todayís development organizations must focus on building security into the software development lifecycle. This talk will encompass techniques for writing secure multi-platform, multi-language code. It will address common mistakes in coding that arise from programmatic misconceptions. It will also bring to light easy-to-use paradigms that can be applied to all programming languages. Various methodologies will be explored for code auditing to provide a basis for security code auditing.