Securing Software by Construction: From Research to Industry - Philly ETE 2016

Explore a comprehensive examination of securing software by construction in this 54-minute conference talk from Philly ETE 2016. Delve into technical ideas from research that aid in building secure software from the ground up, addressing the challenges of protecting sensitive data and navigating complex policy requirements. Learn about innovative approaches like the Jeeves language and execution model, which allows programmers to attach policies directly to data. Discover the practical challenges of implementing research prototypes in production environments and the lessons learned from these experiences. Gain insights into the development of Jacqueline, a policy-agnostic web framework, and understand the barriers to industry adoption of long-term security solutions. Examine the unique challenges faced by security startups and learn about the Cybersecurity Factory accelerator's efforts to bridge the gap between academia and industry. Reflect on the broader implications of security in software development and the need for a collective commitment to prioritizing secure practices in the tech industry.