- Montréal 2012
In this session, we will discuss how to assure the security and quality of code through the use of static analysis and the application of software code governance. Attendees will learn how static analysis can be used to find and address defects that could become security vulnerabilities while the code is still in development. We will also discuss how to assess the security of code coming from the open source. We’ll look at some specific issues which could become security vulnerabilities that we found in some of the leading open source projects through the Scan initiative.
Finally we’ll present some case studies of customers who have implemented static analysis with software code governance. We’ll discuss how to establish and enforce quality and security thresholds for managing the software assurance of internally developed code and third-party code.
Voir les 161 présentations
Asya Kamsky is a Senior Solutions Architect for Coverity, a leader in development testing. Ms. Kamsky's career has spanned work in software quality, networking, databases, security and the Web including established companies like Cisco, GE and DEC and start-ups like E-Greetings, Elemental Security, RouteScience and TGV Inc.
Ms Kamsky received A.B. in Computer Science from Cornell University and M.S. from NYU. In 2000, she received Computerworld Smithsonian medal for excellence in IT.