Software

With virtualization, mobile apps, and agile dev platforms, software increasingly defines business. Take advantage of our expert guidance for developing, managing, and monetizing software.

  • Webcasts // Aug 2015

    Webcast: HP Support Desk Reduces Mean Time to Repair by 90% with Operations Analytics

    With over 150,000 cases to solve a year, HP's Support desk needed a better way to troubleshoot and find answers for their customers. Engineers at HP’s Current Product Engineering handle level 3 case escalations, and they decided to embark on a pilot to determine how HP Operations Analytics can help...

    Sponsored By Hewlett-Packard (HP)

  • Webcasts // Jun 2015

    IBM Webcast : Advanced Analytics at Scale

    Wednesday, June 17, 2015 1:00 PM EDT / 10:00 PM PDT Duration: 30-Minutes As the volume, variety and velocity of information increases, a larger burden is placed on organizations to distribute the right information, at the right time, to the people, processes and applications that rely on it to...

    Sponsored By IBM

  • Webcasts // Jun 2015

    Free Webcast : Advanced Analytics at Scale with IBM: Because Business Outcomes Matter

    Wednesday, June 17, 2015 1:00 PM EDT / 10:00 PM PDT Duration: 30-Minutes As the volume, variety and velocity of information increases, a larger burden is placed on organizations to distribute the right information, at the right time, to the people, processes and applications that rely on it to...

    Sponsored By IBM

  • Webcasts // Jun 2015

    Webcast: Advanced Analytics at Scale with IBM: Because Business Outcomes Matter

    Wednesday, June 17, 2015 1:00 PM EDT / 10:00 PM PDT Duration: 30-Minutes As the volume, variety and velocity of information increases, a larger burden is placed on organizations to distribute the right information, at the right time, to the people, processes and applications that rely on it to...

    Sponsored By IBM

  • Webcasts // Jun 2015

    On-Demand Webcast: How to put IBM Watson to work for powerful information access and insights

    Most organizations struggle to deliver the information and insights their front-line staff need for top performance. The challenges that must be overcome are the amount of information that needs to be digested; the fact that it is scattered among many different silos and across hybrid cloud infrastructures; and the...

    Sponsored By IBM

  • Webcasts // May 2015

    Master the Mobile Mindshift

    Engineer your business to win the mobile moment Mobility has produced a mind shift with your customers. They have become the consumers of now. They demand an exceptional mobile user experience anytime and anywhere. Forrester Research calls this the mobile moment, a point in time when...

    Sponsored By Hewlett-Packard (HP)

  • Webcasts // Aug 2015

    Secure Software Development

    Developing software is hard, and there are lots of different facets to consider. In this webcast, the presenter will explain about how to think about security during the software development lifecycle, hopefully making software more secure.

    Provided By SecurityTube.net

  • Webcasts // Aug 2015

    Low-Level Software Security: Attacks and Countermeasures

    In this webcast, the presenter will introduce common low-level security problems and solutions by example. Focusing on the C language, the presenters will discuss four common attack techniques that attackers can use to gain control over the execution of software: return address clobbering, where an attacker gains control by overwriting...

    Provided By SecurityTube.net

  • Webcasts // Aug 2015

    Authorization With Oauth 2.0

    OAuth 2.0 is an open standard for authorization and is becoming the de facto standard to integrate with social media like Facebook and Twitter. It allows users to share private resources between sites without having to hand out their credentials. In this webcast, the presenters will describe how OAuth works...

    Provided By SecurityTube.net

  • Webcasts // Apr 2015

    New Insights for Driving Cloud Strategy

    You don’t know what you don’t know! New insights for driving cloud strategy through analysing existing behavior. You can’t manage what you can’t measure and most of us find it difficult to formulate a strong cloud policy to complement what we’ve been doing in-house because it’s difficult to understand how...

    Provided By Hewlett-Packard (HP)

  • Webcasts // Mar 2015

    Secure and Private Outsourcing to Untrusted Cloud Servers

    Storage and computation outsourcing to cloud servers has become very popular due to the large volume of data that needs to be hosted at cloud servers and the intent to employ servers to perform computational work for clients. However, many clients are still reluctant to do so due to their...

    Provided By SecurityTube.net

  • Webcasts // Mar 2015

    Reverse Engineering with Powershell

    Whether the users are performing incident response, black box code analysis, or analyzing malicious code, PowerShell is a powerful tool to add to the users reverse engineering tool arsenal. In this webcast, the presenter will explain how to use PowerShell to analyze binary file formats and reverse engineer managed and...

    Provided By SecurityTube.net

  • Webcasts // Mar 2015

    Monitoring Using Powershell

    In this webcast, the presenter will give real world examples of how to use PowerShell for monitoring servers, websites, active directory, exchange, DNS, DHCP, anti-virus, WSUS patching, and notification using email and websites.

    Provided By SecurityTube.net

  • Webcasts // Mar 2015

    Advanced Powershell Threat - Lethal Client Side Attacks Using Powershell

    Powershell is an ideal platform for client side attacks as it is available on all the Windows machines. The presenter would see how easy and effective it is to use Powershell for various client side attacks like drive-by-downloads, malicious attachments, Java applets, human interface devices etc.

    Provided By SecurityTube.net

  • Webcasts // Feb 2015

    On the Effectiveness of Full-ASLR on 64-Bit Linux

    The effectiveness of ASLR hinges on the entirety of the address space layout remaining unknown to the attacker. Only executables compiled as Position Independent Executable (PIE) can obtain the maximum protection from the ASLR technique since all the sections are loaded at random locations. The presenter has identified a security...

    Provided By SecurityTube.net

  • Webcasts // Feb 2015

    Ruby Meta-Programming: Here's How to Do It Wrong

    Ruby is a powerful programming language, it includes way to write dynamic code at run time, this is called meta-programming. Meta-programming, everyone's favorite Rubyism to hate. It can lead to less code, more abstraction and tears of pain and sorrow. During the review of lots of rails and ruby applications...

    Provided By SecurityTube.net

  • Webcasts // Feb 2015

    Understanding a New Memory Corruption Defense: Use-After-Free (UAF) Mitigation and Bypass

    Memory corruption has plagued computers for decades. These software bugs can often be transformed into working cyber-attacks. High-level protections, such as anti-virus, have done little to stop the tide. Recent low-level protections such as non-executable memory and module randomization have helped.

    Provided By SecurityTube.net

  • Webcasts // Feb 2015

    NACL: A New Crypto Library

    NaCl (pronounced \"Salt\") is a new easy-to-use high-speed software library for encryption, decryption, signatures, etc. NaCl's goal is to provide the entire core operations needed to build higher-level cryptographic tools. Of course, other libraries already exist for these core operations, but NaCl improves security, improves usability, and improves speed.

    Provided By SecurityTube.net

  • Webcasts // Feb 2015

    The Windows Sandbox Paradox

    More user applications are relying on sandboxes to limit the damage remote code execution vulnerability can inflict. It started with Web browsers such as with Internet Explorer's protected mode and now covers many different applications. Unfortunately the Windows operating system isn't well matched to providing secure sandboxing.

    Provided By SecurityTube.net

  • Webcasts // Jan 2015

    Powershell and You: Using Microsoft's Incident Response Language

    Anyone can write useful security tools in PowerShell. With just a little bit of knowledge the user can automate almost anything. From advanced post-exploitation tasks to incident response tools, they can do it with PowerShell. This webcast will explain why they should learn a new language and cover the basics...

    Provided By SecurityTube.net

  • Webcasts // Jan 2015

    An Open Hardware and Software Platform, Based on the (Nominally) Closed-Source MT6260 SoC

    In this webcast, the presenter will introduce Fernvale, a reverse-engineered, open hardware and software platform based upon Mediatek's MT6260 value phone SoC. The MT6260 is the chip that powers many of the $10 GSM feature phones produced by the Shanzhai. Fernvale is made available as open-licensed schematics, board layouts, and...

    Provided By SecurityTube.net

  • Webcasts // Jan 2015

    Attacks on UEFI Security, Inspired by Darth Venamis's Misery and Speed Racer

    On modern Intel based computers there exist two powerful and protected code regions: the UEFI firmware and System Management Mode (SMM). UEFI is the replacement for conventional BIOS and has the responsibility of initializing the platform. SMM is a powerful mode of execution on Intel CPUs that is even more...

    Provided By SecurityTube.net

  • Webcasts // Jan 2015

    Finding the Weak Crypto Needle in a Byte Haystack

    Using the same stream cipher key twice is known to be a very bad idea, but keystream-resuse vulnerabilities are still very much a thing of the present - both in legitimate software and in the malware landscape. In this webcast, the presenter will describe a heuristic algorithm which can detect...

    Provided By SecurityTube.net

  • Webcasts // Jan 2015

    Cyber Necromancy - Reverse Engineering Dead Protocols

    Reverse engineering is not all binaries and byte-code. The black art also extends to networks and unobtainable game servers. In this webcast, the presenters will go into the gruesome details of how they dug through the graveyards of console binaries and mausoleums of forgotten network protocols in order to stitch...

    Provided By SecurityTube.net

  • Webcasts // Jan 2015

    Reproducible Builds - Moving Beyond Single Points of Failure for Software Distribution

    Software build reproducibility is the ability to use independent build machines to compile bit-identical binaries from program source code. In this webcast, the presenters will discuss the motivation for and the technical details behind software build reproducibility. They will describe the technical mechanisms used by the Tor project to produce.

    Provided By SecurityTube.net

  • Webcasts // Dec 2014

    Abuse of Blind Automation in Security Tools

    It is impossibly overwhelming for security personnel to manually analyze all of the data that comes to them in a meaningful way. Intelligent scripting and automation is key. This webcast aims to be a humorous reminder of why the word \"Intelligent\" really matters; the user's security devices might start doing...

    Provided By SecurityTube.net

  • Webcasts // Dec 2014

    Abusing Software Defined Networks

    Software Defined Networking (SDN) transfers all forwarding decisions to a single controller and provides the network with the same degree of control and flexibility as the cloud. And with all the major vendors onboard, it will soon be supporting networks everywhere. But current implementations are full of weaknesses that could...

    Provided By SecurityTube.net

  • Webcasts // Dec 2014

    Android Hacker Protection Level 0

    Have no fear, after drinking all the cheap wine two Android hackers has attacked all the protectors currently available for everyone's enjoyment! Whether the user have never reversed Android before or are a hardened veteran there will be something for the user, along with all the glorious PoC tools and...

    Provided By SecurityTube.net

  • Webcasts // Dec 2014

    Extreme Privilege Escalation on Windows 8/UEFI Systems

    It has come to light that state actors install implants in the BIOS. Let no one ever again question whether BIOS malware is practical or present in the wild. However, in practice attackers can install such implants without ever having physical access to the box. Exploits against the BIOS can...

    Provided By SecurityTube.net

  • Webcasts // Dec 2014

    Getting Windows to Play with Itself: A Hacker's Guide to Windows API Abuse

    Windows APIs are often a blackbox with poor documentation, taking input and spewing output with little visibility on what actually happens in the background. By analyzing (and abusing) the underlying functionality of these seemingly benign APIs, the presenter can effectively manipulate Windows into performing stealthy custom attacks bypassing the latest...

    Provided By SecurityTube.net

  • Webcasts // Dec 2014

    Some Vulnerabilities are Different Than Others Studying Vulnerabilities and Attack Surfaces in the Wild

    The security of deployed and actively used systems is a moving target, influenced by factors not captured in the existing security metrics. For example, the count and severity of vulnerabilities in source code, as well as the corresponding attack surface, are commonly used as measures of a software product's security....

    Provided By SecurityTube.net

  • Webcasts // Dec 2014

    What Happens in Windows 8 Stays in Windows 8

    Systems evolve over time, patches are applied, holes are fixed and new features are added. Windows 10 is the new flagship product of Microsoft, and as prepared as it can be for a world of white-, grey- and black-hat hackers.

    Provided By SecurityTube.net

  • Webcasts // Dec 2014

    Test Driven Security Testing

    As more and more businesses are moving to rapid application development frameworks, and methodologies. The presenter find that testing within these constructs to become more difficult due to shorter cycles, incomplete applications, limited staff and resources. How do they test within these frameworks leveraging existing people, and infrastructure to provide...

    Provided By SecurityTube.net

  • Webcasts // Nov 2014

    Security Model Bedfellows

    The penetration test finds a bug in the code that was coded four months ago and could have been prevented a year ago during requirements gathering. The vendor says they will fix it shortly after the software launches - if a change order is issued and they're paid for their...

    Provided By SecurityTube.net

  • Webcasts // Nov 2014

    Automatically Detecting Vulnerable Websites Before They Turn Malicious

    Significant recent research advances have made it possible to design systems that can automatically determine with high accuracy the maliciousness of a target website. While highly useful, such systems are reactive by nature. In this webcast, the presenter will take a complementary approach, and attempt to design, implement, and evaluate...

    Provided By SecurityTube.net

  • Webcasts // Nov 2014

    Epidemiology of Software Vulnerabilities: A Study of Attack Surface Spread

    Many developers today are turning to well established third-party libraries to speed the development process and realize quality improvements over creating an in-house proprietary font parsing or image rendering library from the ground up. Efficiency comes at a cost though: a single application may have as many as 100 different...

    Provided By SecurityTube.net

  • Webcasts // Nov 2014

    GRR Find All the Badness, Collect All the Things

    In this webcast, the presenter will introduce GRR capabilities with some use cases and discuss the difficulties of running the tool across different environments. The presenter will explain and demonstrate GRR artifact collection as well as talk about some of the aspects that make artifacts powerful but challenging to implement.

    Provided By SecurityTube.net

  • Webcasts // Nov 2014

    Digging for IE11 Sandbox Escapes Part 1

    Microsoft started the first of their new bug-bounty programs, focusing on finding vulnerabilities in IE11 on the upcoming Windows 8.1 OS. Rather than spending time fuzzing for RCEs, the presenter focused on pure logic bugs and the best place to find them was in the sandbox implementation.

    Provided By SecurityTube.net

  • Webcasts // Nov 2014

    Digging for IE11 Sandbox Escapes Part 2

    In this webcast, the presenter undertake to find these vulnerabilities, giving time to go in-depth on how to investigate the IE11 sandbox, run the users own code and analyze the attack surface. Sample source code for all issues will be provided for use to allow the users to test the...

    Provided By SecurityTube.net

  • Webcasts // Nov 2014

    Exploiting Unpatched iOS Vulnerabilities for Fun and Profit

    Patching all vulnerabilities for a modern, complex software system (i.e., Windows, iOS) is often difficult due to the volume of bugs and response time requirements. Instead, software vendors usually devise quick workarounds to mitigate the exploitation of a given vulnerability. However, those patches are sometimes incomplete, and attackers can utilize...

    Provided By SecurityTube.net