This video by Simon Roses Femerling from OWASP AppSec USA will cover the current state of verification technologies that developers can use to check the lack of security mitigations (ASLR, DEP, SafeSEH, Stack Guard, PIE, etc.) and vulnerabilities (Missing Code Signing, Insecure API, DLL planting, poor coding, etc.) and how to implement a battery of tests in their organization to verify their products are safe before releasing as required by an Application Assurance process.
Simon presents BinSecSweeper, a tool that performs security binary analysis. It's open source and cross platform (Windows and Linux) and can scan PE & ELF file formats for x86-64 that can be used by developers to check their software. It includes security mitigations and is compliance with Application Assurance best practices or by IT pros to identify insecure applications in their networks.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.