Secure Design/Development/Testing/Deployment Challenges

Venkat Pothamsetty

Abstract:
"Acheving security" is a very complex and difficult task at a product oriented company. There is no single silver bullet solution to "acheving security", and such a term does not even make sense. There is no silver bullet solution not because of the absence of solutions, but because
  1. There is no end to the goal of "acheving security",
  2. Security is not a feature that can be implemented and forgotten and
  3. The product's life cycle is involved with complex tasks, its deployed environment and threats that it will face are ever changing.

Security should be integrated as a process into each stage of the product's life cycle, from development of the product to deployment and supporting the product. The talk will focus on the challenges that a product oriented company will face when it thinks about security, vareity of solutions at various stages of product's life cycle that will help to solve those challenges.

Biography of Mr. Pothamsetty

Did his Bachelors in Electrical Engineering in India, Masters in Computer Engineering from Wright State University, M.S thesis is titled "Laboratory Setup for Courses on Internet Security". Joined at Cisco right after completion of masters, worked in a security testing group, called STAT for a couple of years and moved to CIAG. Interested in security : Security testing, Security education, Control systems and SCADA security.

IA Colloquium Home Page return to Information Assurance Colloquium Home Page