Posted by: Adrienne Hall, General Manager, Trustworthy Computing

If you follow this blog regularly, you know that security development policies, tools and practices are at the heart of what Trustworthy Computing does. From my first ever post, to Tim Rains’ recent Cloud Fundamentals video with Steve Lipner, you can see that creating, refining and sharing best practices for how to write code with a goal of reducing the number and severity of vulnerabilities is an ever-present driver for us.

Given how important security development is to our efforts, you can imagine our excitement for the inaugural Security Development Conference taking place May 15-16 in Washington D.C. This is just around the corner and promises to be a fantastic event. 

While we previewed the conference a few months ago, I want to be sure you have updated information and an outline as to what attendees can expect.

First and foremost, the Security Development Conference will feature several industry luminaries in keynote roles:

  • Richard Clarke, Chairman, Good Harbor Consulting, LLC and Former Special Advisor to the President for Cyber Security
  • General Michael Hayden, Principal, The Chertoff Group and Former Director of the Central Intelligence Agency and the National Security Agency
  • Scott Charney, Corporate Vice President of Trustworthy Computing at Microsoft

These featured speakers will join a great roster of panelists and session speakers in discussing the central theme of the conference: how to evolve from security development principles to security development practices.

At the conference, attendees can engage with this theme in one of three different tracks:

  1. Security Engineering – writing secure code, fuzz testing, HTML5 and JavaScript, securing cloud applications, etc.;
  2. Security Development Lifecycle (SDL) and Business – building a mature SDL program from scratch, growing a security training program, building and maturing an effective security response team,   applying SDL to critical infrastructure systems, etc.;
  3. Managing the Process – security metrics, risk and compliance, measuring ROI for SDL practices, applying the SDL to mobile security, etc.

Security development is a topic that is important for any security professional to have a firm handle on. If you are involved in or are just interested in learning more about security development, sign up now for the Security Development Conference, May 15-16 in Washington, D.C.!