Fortify Software to Keynote Front Range OWASP Application Security Conference 2010

DENVER, June 2 /PRNewswire/ -- No matter how proficient programmers are at making secure software, it will never be perfect—we will always have to contend with incomplete or inadequate code. Most efforts at dealing with bad code have focused on shoring it up from the outside: limiting network access or watching for suspicious behavior. For years we have focused on eliminating well-known classes of defects, such as SQL injection and cross-site scripting (XSS) and while this is a battle worth fighting, we will never be able to make perfect software. When it comes to cloud computing, these defects are even uglier because it's harder to defend against them with network devices and cloud-ready code needs to take its security with it wherever it goes. This puts additional focus on some old refrains (eliminate defects early) and creates a new emphasis on creating software that's able to defend itself.

Brian Chess, Co-founder and Chief Scientist of Fortify Software, will present the keynote, "Watching Software Run: Beyond Defect Elimination," at the third annual Front Range OWASP Application Security Conference, co-organized with the Cloud Security Alliance.  During his talk, Chess will discuss building software that allows us to compensate for defects after it has been written, covering the latest techniques for identifying and blunting the effects of software shortcomings from the inside by watching the software run. The session will also examine the importance of "cloud-ready" software - creating code that is ready for a cloud environment.

SOURCE Fortify Software