Aaron Poffenberger

I submitted a talk proposal to BSidesSATX (San Antonio) but it was not accepted, until just a few minutes ago. Or to be more precise, it wasn't accepted but another speaker couldn't make it. I just received an email asking whether I could still speak.

I'll be in San Antonio this weekend speaking 14:00 - 15:00 on the same topic as Austin: "I'm a Software Developer. What Do You Mean I'm on the Blue Team?" What we can learn in a red/blue world.


It's tempting to think as software developers we've done everything possible to secure our product once we've eliminated (or tried to eliminate) buffer overflows, implemented encryption and a dozen other secure-development practices. But is that all there is to developing secure software?

In this talk Aaron discusses software development in context of red-team/blue-team exercises. He contends that developers are with few exceptions always members of the blue team and that that role brings with it obligations and opportunities to improve software security.