Software Engineering Institute

About the Webcast

In this webcast, David Svoboda (CERT Secure Coding) and Arthur Hicken (Parasoft) review the SEI CERT C Coding Standard and why it is necessary. They also cover how to best configure static analysis tools to conform to the SEI CERT C Coding Standard to minimize the noise and effort required to achieve compliance.

What attendees will learn

• why secure coding is important
• how the SEI CERT C Coding Standard is organized
• how static analysis can enforce the SEI CERT C Coding Standard

Who should attend?

• developers
• cybersecurity professionals
• development managers

About the Speakers

David Svoboda is a software security engineer at the CERT Division of the Software Engineering Institute. He co-authored or contributed to four books, including The SEI CERT C Coding Standardand The CERT Oracle Secure Coding Standard for Java. He also maintains the SEI CERT Coding Standards wiki and has taught Secure Coding in C and C++ all over the world to various groups in the military, government, and banking industries. 

David is also involved in several ISO standards groups: the JTC1/SC22/WG14 for standardizing C and the JTC1/SC22/WG21 for standardizing C++.

Arthur Hicken has served Parasoft in a technical capacity for over 25 years. He has worked on several projects for the company, including those that addressed the software development lifecycle, test automation, static analysis research and development, and software security.

Additionally, Arthur developed and conducted several technical training courses for Parasoft’s professional services and technical sales associates. He is well versed in programming languages that are commonly used for embedded as well as web applications, including C, C++, and Java. He published several papers and speaks frequently on software testing, development strategies, software compliance, and security best practices.