The majority of hacker attacks (70 %) are directed at weaknesses that are the result of problems in the implementation and/or architecture of the application. This session shows how you can protect your web applications (J2EE or .NET) against these attacks. The session covers lots of practical examples and techniques for attack. Furthermore, it shows strategies for defense, including a “Secure Software Development Lifecycle”. A “Live Hacking” demo rounds it out.
This episode features a discussion with Dan Grossman about an essay paper he wrote for this year’s OOPSLA conference. The paper is about an analogy between garbage collection and transactional memory. In addition to seeing the beauty of the analogy, the discussion also serves as a good introduction to transactional memory (which was mentioned in the Goetz/Holmes episode) and – to some extent – to garbage collection.