Running a Software Security Program with Open Source Tools

I had the opportunity to speak to the Austin ISC(2) SDLC event today. The talk I gave was a cut-down (45 minutes) version of a two-day class we’ve given called “Running a Software Security Program on Open Source Tools” The slides from the presentation are online here:

We also decided to release the slides from the full, two-day, hands-on course and those can be found here:

We have a course VM we’d be happy make available upon request.

One of the challenges with this course was keeping the materials up to date as new versions of the tools were released. If anyone is interested in helping out please just let us know and we can get you access to a Powerpoint version of the slides. The best way is probably to reach out to me via email: dan@denimgroup.com.

Thanks for the ISC(2) folks for the opportunity to speak today. I had a great time and the other presenters were fantastic. Contact us for more information on using open source tools to jump start your software security program.

About Dan Cornell

A globally recognized application security expert, Dan Cornell holds over 15 years of experience architecting, developing and securing web-based software systems. As the Chief Technology Officer and a Principal at Denim Group, Ltd., he leads the technology team to help Fortune 500 companies and government organizations integrate security throughout the development process. He is also the original creator of ThreadFix, Denim Group's industry leading application vulnerability management platform.
More Posts by Dan Cornell

One Response to “Running a Software Security Program with Open Source Tools”

  1. Blessen Thomas

    Hi Team ,

    Thanks for the amazing project.
    I am very happy to see the presentations.
    I would like to try this distro and also contribute to this project.

    Could you please provide me a copy of virtual machine & slides so that I can try it out.

    Hope to hear from you soon.

Leave a Reply

Your email address will not be published. Required fields are marked *