TC October 2009

The essential role of incident response in secure software development

Security Workshop - 5th Colaris (Day 1)

Tuesday — October 20th, 2009 09:30

Incident response as we know it has come a long way since its inception in the late 1980s. In today's environment, it is vital that incident response teams are able to rise to increasing demands which range from ensuring regulatory compliance through working with software development teams to help adequately build security in to our business software. In his talk, I will discuss the changing incident response environment and what sorts of technical skill sets it will take for a CSIRT to be able to succeed in the future.

Presenters

  • Kenneth R. van Wyk (KRvW Associates, LLC, US) US

    Kenneth R. van Wyk

    Kenneth R. van Wyk is an internationally recognized information security expert and author of the O’Reilly and Associates books, Incident Response and Secure Coding. In addition to providing consulting and training services through his company, KRvW Associates, LLC, (http://www.KRvW.com), he currently holds numerous positions: Founder and moderator of the “Secure Coding” mailing list, SC-L@SecureCoding.org, Member of the Board of Directors and Steering Committee for non-profit organization, FIRST.org, Inc. (http://www.first.org), monthly columnist for on-line security portal, eSecurityPlanet (http://www.eSecurityPlanet.com), and a Visiting Scientist at Carnegie Mellon University's Software Engineering Institute (http://www.sei.cmu.edu). Ken has 20+ years experience as an IT Security practitioner in the academic, military, and commercial sectors. He has held senior and executive technologist positions at Tekmark, Para-Protect, Science Applications international Corporation (SAIC), in addition to the U.S. Department of Defense and Carnegie Mellon and Lehigh Universities.

    Ken also served a two-year elected position as a member of the Steering Committee, and a one-year elected position as the Chairman of the Steering Committee, for the Forum of Incident Response and Security Teams (FIRST) organization. At Carnegie Mellon University’s Software Engineering Institute, Ken was one of the founders of the Computer Emergency Response Team (CERT®). He holds an engineering degree from Lehigh University and is a frequent speaker at technical conferences, and has presented tutorials and technical sessions CSI, ISF, USENIX, FIRST, AusCERT, and others. Kenis also a CERT® Certified Computer Security Incident Handler.