Today at the meshU conference I gave a talk about secure programming, with a focus on the web. There were 2 token slides for the C and C++ devs out there, which ended up working perfectly because there were only two people in the room who wrote C/C++ 🙂
I mostly touched on stuff from OWASP‘s vast collection of resources,specifically their top ten principles of secure programming, and their top ten web application vulnerabilities. Slides are after the jump, but I wanted to include some related links to things which came up during the talk:
- SANS says to have good, visible security contact info
- Some more web app hacking learning resources from RSnake
Enjoy the slides! Slideshare messed up the formatting of the additional notes, so for full effect I’d download them from here.
Continue reading “meshU 2009 – writing (more) secure software”