Thursday, May 21 • 15:45 - 16:30
Security Policy Management: Easy as PIE

Sign up or log in to save this to your schedule and see who's attending!

There are many security frameworks for web applications such as Content Security Policy (CSP), the Java Security Manager, and Spring Security. Effective use of these tools can mitigate or even eliminate entire classes of defects, but despite this they don't see widespread, standard use. This presentation discusses why this is, and focuses on one particular obstacle: defining a good security policy is hard. As part of this talk we present a new open-source tool, Policy Instantiation & Enforcement (PIE). PIE is designed as a generic tool which hooks into security managers and generates effective, simple, and verifiable security policies.

avatar for Ian Haken

Ian Haken

Ian Haken is a security researcher at Coverity where he develops tools and methods for application security, software analysis, and detection of security defects. Prior to working at Coverity, he received his Ph.D. in mathematics from the University of California, Berkeley... Read More →

Thursday May 21, 2015 15:45 - 16:30
E104&105 Amsterdam RAI

Attendees (0)