Close

Don't be the one: How one line of code can compromise your system integrity

(8R)

Stream: Virtual Room 8
Time: 16:30 - 17:30


Presentation

In the first section, Scott will cover how incorrect PC routine setup, incorrect SVC or PC parameter checking, incorrect index bounds checking, and incorrect length checking for buffer sizes can all lead to high severity security vulnerabilities and how to prevent it. In the second section, Mike will discuss how less obvious problems in authorized programs can compromise system integrity as well. We will also leave time for questions after each section. 

Attachments

8R Attachments

Speakers


  • Scott Woolley at IBM USA
  • Scott has worked in z/OS development for many years specializing in security, cryptography, and system automation. Since joining the z/OS Secure Engineering Team, he has been innovating local testing of authorized services.


    Email: swoolley@us.ibm.com

  • Michael P Kasper at IBM USA
  • Mike is the z/OS Secure Engineering Team Leader.  He started at IBM twenty three years ago working on TSO/E before being named TSO/E Team Leader in 2007.  In 2013 he joined the Secure Engineering Team and in 2020 he was named to his current role.  He enjoys breaking authorized programs and looking for evidence in IPCS.  In his spare time he enjoys sports or movies.


    Email: mkasper@us.ibm.com

  • Scott Woolley at IBM USA
  • Scott has worked in z/OS development for many years specializing in security, cryptography, and system automation. Since joining the z/OS Secure Engineering Team, he has been innovating local testing of authorized services.


    Email: swoolley@us.ibm.com

  • Michael P Kasper at IBM USA
  • Mike is the z/OS Secure Engineering Team Leader.  He started at IBM twenty three years ago working on TSO/E before being named TSO/E Team Leader in 2007.  In 2013 he joined the Secure Engineering Team and in 2020 he was named to his current role.  He enjoys breaking authorized programs and looking for evidence in IPCS.  In his spare time he enjoys sports or movies.


    Email: mkasper@us.ibm.com

    Feedback

    Click here to give some Feedback so we can make it even better next year!