Running a Software Security Program with Open Source Tools

I had the opportunity to speak to the Austin ISC(2) SDLC event today. The talk I gave was a cut-down (45 minutes) version of a two-day class we’ve given called “Running a Software Security Program on Open Source Tools” The slides from the presentation are online here:

We also decided to release the slides from the full, two-day, hands-on course and those can be found here:

We have a course VM we’d be happy make available upon request.

One of the challenges with this course was keeping the materials up to date as new versions of the tools were released. If anyone is interested in helping out please just let us know and we can get you access to a Powerpoint version of the slides. The best way is probably to reach out to me via email:

Thanks for the ISC(2) folks for the opportunity to speak today. I had a great time and the other presenters were fantastic. Contact us for more information on using open source tools to jump start your software security program.