Organizations are becoming increasingly aware of the importance of secure coding. Secure coding includes software development principles in an effort to minimize the introduction of vulnerabilities within software applications. One of the most common software vulnerabilities is insufficient input validation, which accounts for 50 percent of the most critical vulnerabilities reported to the National Vulnerability Database from 2011 to 2015. Poor input validation is a decades old challenge and to that point, is believed to have caused a glitch within a medical device during the 80s that resulted in patients being over-radiated. Additionally, a failed space launch (including ten years of lost productivity) was also blamed on this same issue and resulted in a $7 billion loss. In this webinar, AIS’s Thomas Dube will showcase an input validation failure by demonstrating a known command injection vulnerability (CVE-2015-5083) within an open-source firewall application. Thomas will then discuss methods of input validation, while demonstrating AIS’s efforts to reduce the likelihood of this critical vulnerability.
Host a Webinar with CSIAC
Are you interested in delivering a webinar presentation on your DoD research and engineering efforts?
Want to find out more about this topic?
Request a FREE Technical Inquiry!