Running a Software Security Program with Open Source Tools

I had the opportunity to speak to the Austin ISC(2) SDLC event today. The talk I gave was a cut-down (45 minutes) version of a two-day class we’ve given called “Running a Software Security Program on Open Source Tools” The slides from the presentation are online here:

We also decided to release the slides from the full, two-day, hands-on course and those can be found here:

We have a course VM we’d be happy make available upon request.

One of the challenges with this course was keeping the materials up to date as new versions of the tools were released. If anyone is interested in helping out please just let us know and we can get you access to a Powerpoint version of the slides. The best way is probably to reach out to me via email:

Thanks for the ISC(2) folks for the opportunity to speak today. I had a great time and the other presenters were fantastic. Contact us for more information on using open source tools to jump start your software security program.

About John Dickson

John Dickson web resolution

John Dickson is an internationally recognized security leader, entrepreneur and Principal at Denim Group, Ltd, the parent company of ThreadFix. He has more than 20 years' hands-on experience in intrusion detection, network security and application security in the commercial, public and military sectors. As a Denim Group Principal, he helps executives and Chief Security Officers (CSO's) of Fortune 500 companies, including major financial institutions, launch and expand their critical application security initiatives.