CSC 666 -- Secure Software Engineering: Schedule | |||||||
|
|||||||
| Num | Date | Topic | Reading | Notes | Lab | Assignment |
|---|---|---|---|---|---|---|
| 0 | 2009-01-12 | Software Security | McGraw ch1, ch3 | SoftwareSecurity | ||
| 1 | 2009-01-14 | Code Reviews | Chess ch 1-3 | CodeReviews | Code Review | |
| 2 | 2009-01-21 | Code Reviews | Chess ch 4 | StaticAnalysis | ||
| 3 | 2009-01-26 | Static Analysis | McGraw ch 4 | Static Analysis | ||
| 4 | 2009-01-28 | Snow Day | ||||
| 5 | 2009-02-09 | Handling Input | Chess ch 5 | InputValidation | ||
| 6 | 2009-02-11 | Cross-Site Attacks | XSS Attacks, ch 3 | CrossSiteAttacks | ||
| 7 | 2009-02-16 | Architectural Risk Analysis | McGraw ch 5 | RiskAnalysis | a1 | |
| 8 | 2009-02-18 | Protection Poker | ProtectionPoker | Protection Poker | ||
| 9 | 2009-02-23 | Penetration Testing | McGraw ch 6 | AppScan | ||
| 10 | 2009-02-25 | Security Testing | McGraw ch 7 | SecurityTesting | ||
| 11 | 2009-03-02 | Attack Surface | Measuring the Attack Surfaces of Two FTP Daemons | AttackSurface | ||
| 12 | 2009-03-16 | Web Applications | Chess ch 9 | HTTP_Server_Security | Pen Test Tool Demo | a2 |
| 13 | 2009-03-18 | Web Services | Chess ch 10 | WebServices | ||
| 14 | 2009-03-23 | Midterm Exam | ||||
| 15 | 2009-03-25 | Security Requirements | McGraw ch 8 | Requirements | ||
| 16 | 2009-03-30 | Secure Design | BSI: Secure Design Principles | SecureDesign | ||
| 17 | 2009-04-01 | Secure Design Patterns | SecureDesignPatterns | |||
| 18 | 2009-04-06 | Buffer Overflows | Chess ch 6 | BufferOverflows | ||
| 19 | 2009-04-08 | Integer Overflows | Chess ch 7 | IntegerOverflows | ||
| 20 | 2009-04-13 | Error Handling, Privacy | Chess ch 8, 11 | ErrorHandling | ||
| 21 | 2009-04-15 | Privileged Programs | Chess ch 12 | PrivilegedPrograms | ||
| 22 | 2009-04-20 | Metricon | ||||
| 23 | 2009-04-22 | Authentication | Authentication | a3 | ||
| 24 | 2009-04-27 | Access Control | AccessControl | |||
| 25 | 2009-04-29 | Security Operations | McGraw ch 9-10 | SecurityOperations |