Washington DC area talk on Exploiting Software

["Gary McGraw" <gem () cigital com>]

FYI.  Hope to see some of you there.

gem

> -----Original Message-----
> From: Landwehr, Carl E. [mailto:[EMAIL PROTECTED] 
> Sent: Wednesday, May 05, 2004 8:29 AM
> To: Washington Area Trustworthy Systems Hour
> Subject: May WATSH coming next Tuesday: Gary McGraw, Cigital, 
> on How to Break Code: NSF Stafford I Rm 110
>
>
> WATSHers,
>
> The May WATSH is coming up next Tuesday, May 11. If you keep wondering
> exactly how it is that those viruses and worms get into 
> machines all around
> the world, this is your chance to find out the details.  Gary 
> McGraw of
> Cigital will discuss how exploits work. Don't miss this one! 
>
> Join us: Tuesday, May 11, 4pm, NSF Stafford I, Room 110.  
>
> Cheers,
> --Carl
>
> P.S. Next month's date is June 8; Paul Syverson of the Naval Research
> Laboratory will speak.
>
> P.P.S. Is there a topic you would like to see discussed at 
> WATSH or a talk
> you would like to give? If so, send me an email at [EMAIL PROTECTED]
>
>
> ******************************************************************
> TWENTY SIXTH Washington Area Trustworthy Systems Hour (WATSH)
> ****************************************************************** 
>
> Gary McGraw, Ph.D.
> Chief Technology Officer, 
> Cigital, Inc.
>
> will speak on
>
> ******************************************************************
> Exploiting Software: How to Break Code
> ******************************************************************
> Tuesday, May 11, 4pm
> NSF Stafford I, Room 110
> ******************************************************************
>
> Software vulnerability and software exploit are the root cause of a
> majority of computer security problems.   But how does software break?
> How do attackers make software break on purpose?  What tools 
> can be used
> to break software?  This talk is about making software beg for mercy.
> You will learn:
> *     Why software exploit will continue to be a serious problem
> *     When network security mechanisms fail
> *     How attack patterns can be used to build better software
> *     Why reverse engineering is an essential skill
> *     Why rootkits are the apex of software exploit, and how they work
> *     Why the only answer is building better software
> Some may argue that discussing software exploit in public is 
> a bad idea.
> In fact, it's impossible to protect yourself if you don't know what
> you're up against.  Come find out for yourself.
>
> About the speaker:
>
> Dr. Gary McGraw
> http://www.cigital.com
> http://www.cigital.com/~gem
>
> Gary McGraw, Cigital, Inc.'s CTO, researches software 
> security and sets
> technical vision in the area of Software Quality Management.  
> Dr. McGraw is
> co-author of four popular books: Java Security (Wiley, 1996), 
> Securing Java
> (Wiley, 1999), Software Fault Injection (Wiley 1998), and 
> Building Secure
> Software (Addison-Wesley, 2001).  His fifth book, Exploiting Software
> (Addison-Wesley), was released in February 2004.  A noted authority on
> software and application security, Dr. McGraw consults with 
> major software
> producers and consumers.  Dr. McGraw has written over sixty 
> peer-reviewed
> technical publications and functions as principal 
> investigator on grants
> from Air Force Research Labs, DARPA, National Science 
> Foundation, and NIST's
> Advanced Technology Program.  He serves on Advisory Boards of 
> Authentica,
> Counterpane, Fortify Software, and Indigo Security as well as 
> advising the
> CS Department at UC Davis. Dr. McGraw holds a dual PhD in 
> Cognitive Science
> and Computer Science from Indiana University and a BA in 
> Philosophy from
> UVa.  He regularly contributes to popular trade publications 
> and is often
> quoted in national press articles.
>
> ***************************************************
> Check the WATSH Web page at (note: new URL 1/9/04): 
> http://www.cise.nsf.gov/events/lec/lectures.cfm 
> (scroll down) for information on past talks, including copies 
> of visuals. 
> Webcasts archive (note: new URL 1/9/04):
> http://hpn.east.isi.edu/events.html
> ****************************************************
> WATCH WATSH ON THE WEB
> We plan to archive streaming video of this seminar for later viewing
> ****************************************************
> Directions to NSF:
> http://www.nsf.gov/home/visit/start.htm
> ****************************************************
> Sign up for the WATSH mailing list:
> To subscribe to the WATSH meeting announcement list server, 
> simply send a blank email message to: 
> [EMAIL PROTECTED]
> No subject or message body is necessary.
> ****************************************************


----------------------------------------------------------------------------
This electronic message transmission contains information that may be
confidential or privileged.  The information contained herein is intended
solely for the recipient and use by any other party is not authorized.  If
you are not the intended recipient (or otherwise authorized to receive this
message by the intended recipient), any disclosure, copying, distribution or
use of the contents of the information is prohibited.  If you have received
this electronic message transmission in error, please contact the sender by
reply email and delete all copies of this message.  Cigital, Inc. accepts no
responsibility for any loss or damage resulting directly or indirectly from
the use of this email or its contents.
Thank You.
----------------------------------------------------------------------------