Num Date Topic Reading Notes Lab Assignment
0 2009-01-12 Software Security McGraw ch1, ch3 SoftwareSecurity    
1 2009-01-14 Code Reviews Chess ch 1-3 CodeReviews Code Review  
2 2009-01-21 Code Reviews Chess ch 4 StaticAnalysis    
3 2009-01-26 Static Analysis McGraw ch 4   Static Analysis  
4 2009-01-28 Snow Day        
5 2009-02-09 Handling Input Chess ch 5 InputValidation    
6 2009-02-11 Cross-Site Attacks XSS Attacks, ch 3 CrossSiteAttacks    
7 2009-02-16 Architectural Risk Analysis McGraw ch 5 RiskAnalysis   a1
8 2009-02-18 Protection Poker
  1. Protection Poker
  2. iTrust Medical Care Requirements Specification
ProtectionPoker Protection Poker  
9 2009-02-23 Penetration Testing McGraw ch 6   AppScan  
10 2009-02-25 Security Testing McGraw ch 7 SecurityTesting    
11 2009-03-02 Attack Surface Measuring the Attack Surfaces of Two FTP Daemons AttackSurface    
12 2009-03-16 Web Applications Chess ch 9 HTTP_Server_Security Pen Test Tool Demo a2
13 2009-03-18 Web Services Chess ch 10 WebServices    
14 2009-03-23 Midterm Exam        
15 2009-03-25 Security Requirements McGraw ch 8 Requirements    
16 2009-03-30 Secure Design BSI: Secure Design Principles SecureDesign    
17 2009-04-01 Secure Design Patterns
  1. Security Patterns for Input Validation
  2. The Security Architecture of qmail
SecureDesignPatterns    
18 2009-04-06 Buffer Overflows Chess ch 6 BufferOverflows    
19 2009-04-08 Integer Overflows Chess ch 7 IntegerOverflows    
20 2009-04-13 Error Handling, Privacy Chess ch 8, 11 ErrorHandling    
21 2009-04-15 Privileged Programs Chess ch 12 PrivilegedPrograms    
22 2009-04-20 Metricon        
23 2009-04-22 Authentication   Authentication   a3
24 2009-04-27 Access Control   AccessControl    
25 2009-04-29 Security Operations McGraw ch 9-10 SecurityOperations    
 

©2009 James Walden, Ph.D.