Microsoft SDL Verification Phase: Security Practices
In this video, Aviram Jenik, CEO, Beyond Security, talks about processes that help build secure systems, focusing on the Verification phase of the Microsoft Security Development Lifecycle. Aviram discusses the concept of “black box” testing, explains the importance of testing data entry endpoints with good, bad and fuzzed input, and points to the tools that can assist with these tasks. On a practical side, Aviram shows a detailed demo of “JPG fuzzing”, generating malformed images, and identifying vulnerabilities in image processing application.
Published Date: December 15, 2010
Presented By: Aviram Jenik
Tags: Zune , IPOD , TwC , Trustworthy Computing , SDL , Security Development Lifecycle , Videos , TechNet Edge , SDL Pro Network , Beyond Security , Aviram Jenik