Zeroization – Cleaning up your secrets in memory

Security needs a preventative mindset. Develop one and make secure coding a second nature!

In this webinar you will learn:

  • About the cat and mouse game of software security
  • Why it’s hard to get rid of data when you no longer need it
  • About the challenges of cleaning memory contents
  • About alternatives to string zeroization
  • How Cydrill courses can raise your paranoia to a healthy level and can contribute to your code hygiene

Outline

Secure data handling in Java

Introduction to software security

  • AppSec: The weakest link in cybersecurity
  • Outbound password management
  • Hard coded passwords
  • Best practices
  • Demo – Hardcoded password
  • Protecting sensitive information in memory
  • Challenges in protecting memory
  • Storing sensitive data in memory
  • Demo – Using secret-handling classes in Java

Learning how not to code

Presenter: Balazs Kiss

Balazs has been working with software security for over 13 years as a security evaluator, researcher, and mentor. Recently he’s been focusing on helping developers learn about typical vulnerabilities to stop the problem literally at the source. To date, he has held more than 60 training courses of various sizes.