CSC 666 -- Secure Software Engineering: Schedule | |||||||
|
|||||||
Num | Date | Topic | Reading | Notes | Lab | Assignment |
---|---|---|---|---|---|---|
0 | 2009-01-12 | Software Security | McGraw ch1, ch3 | SoftwareSecurity | ||
1 | 2009-01-14 | Code Reviews | Chess ch 1-3 | CodeReviews | Code Review | |
2 | 2009-01-21 | Code Reviews | Chess ch 4 | StaticAnalysis | ||
3 | 2009-01-26 | Static Analysis | McGraw ch 4 | Static Analysis | ||
4 | 2009-01-28 | Snow Day | ||||
5 | 2009-02-09 | Handling Input | Chess ch 5 | InputValidation | ||
6 | 2009-02-11 | Cross-Site Attacks | XSS Attacks, ch 3 | CrossSiteAttacks | ||
7 | 2009-02-16 | Architectural Risk Analysis | McGraw ch 5 | RiskAnalysis | a1 | |
8 | 2009-02-18 | Protection Poker | ProtectionPoker | Protection Poker | ||
9 | 2009-02-23 | Penetration Testing | McGraw ch 6 | AppScan | ||
10 | 2009-02-25 | Security Testing | McGraw ch 7 | SecurityTesting | ||
11 | 2009-03-02 | Attack Surface | Measuring the Attack Surfaces of Two FTP Daemons | AttackSurface | ||
12 | 2009-03-16 | Web Applications | Chess ch 9 | HTTP_Server_Security | Pen Test Tool Demo | a2 |
13 | 2009-03-18 | Web Services | Chess ch 10 | WebServices | ||
14 | 2009-03-23 | Midterm Exam | ||||
15 | 2009-03-25 | Security Requirements | McGraw ch 8 | Requirements | ||
16 | 2009-03-30 | Secure Design | BSI: Secure Design Principles | SecureDesign | ||
17 | 2009-04-01 | Secure Design Patterns | SecureDesignPatterns | |||
18 | 2009-04-06 | Buffer Overflows | Chess ch 6 | BufferOverflows | ||
19 | 2009-04-08 | Integer Overflows | Chess ch 7 | IntegerOverflows | ||
20 | 2009-04-13 | Error Handling, Privacy | Chess ch 8, 11 | ErrorHandling | ||
21 | 2009-04-15 | Privileged Programs | Chess ch 12 | PrivilegedPrograms | ||
22 | 2009-04-20 | Metricon | ||||
23 | 2009-04-22 | Authentication | Authentication | a3 | ||
24 | 2009-04-27 | Access Control | AccessControl | |||
25 | 2009-04-29 | Security Operations | McGraw ch 9-10 | SecurityOperations |