[OWASP-Bangalore] Who is responsible for Application Security in the SDLC?

Don Cochran dcochran at scippinternational.org
Tue Jun 1 12:10:02 EDT 2010

As members of OWASP, this webinar might not be for you - as you already know
about the importance of security in web-applications - but what about
getting others involved? Ever wanted to get your Program Managers a little
more familiar with the principals of secure coding? How about QA or the
Architects?  And what about the Team Leads and certainly the new Developers
who you'll be working beside.


Why not suggest that they attend a webinar specifically tailored for them. 


Featured Webinar:  <http://www.brighttalk.com/webcast/20658> WHO IS
RESPONSIBLE FOR APPLICATION SECURITY in the Software Development Lifecycle?

Sponsored by: SCIPP International


WHEN: Live, June 3rd, 2:00 EST, or anytime after via Webcast


SPEAKER: Dow Williamson, CISSP, CSSLP, Executive Director of SCIPP


REGISTER: For Webinar version  <http://www.brighttalk.com/webcast/20658>
click here, for recorded Webcast version,
<http://www.brighttalk.com/webcast/20658> click here


About This 45-Minute Webinar

You will hear that application security is a "finger-pointing" blame game.
Traditional Security staff claim that it's the responsibility of the
Developers.  Developers say security is not mandated in the design specs.
And, Program Managers think security has to do with patches and virus
scanners. No one seems to know who is responsible - and typically, no one
steps up and takes responsibility. 

This webinar will explore how to change all of this through a three-tiered
approach - Awareness, Training, and Education. Depending on your role within
the SDLC, you have some responsibilities for security - but to what extent
is determined by various factors. Some may just need to be familiar with the
fundamentals of secure coding, while others may need in-depth training -
while even others may want a formalized education and possibly receive
certification of their skills and knowledge.

About the Speaker:
Dow Williamson, CISSP, CSSLP, Executive Director of SCIPP International

Dow Williamson has 20+ years of experience in the information security and
secure enterprise software industry. His career includes several years with
(ISC)2, RSA Security, Sun Microsystems, and as the head of cyber security
for the U.S. nuclear war plan at the Air Force's Strategic Air Command and
later at the United States Strategic Command (USSTRATCOM). In his current
role at SCIPP International, one of his focuses is ensuring that all SCIPP
certificate of training programs are ANSI-accredited in accordance with the
latest American National Standard.


Sponsored by: SCIPP International

SCIPP International is an ANSI-accredited, global non-profit organization
dedicated to solving information security problems where they need to be
solved - at the human level.  Based in Vienna, VA, with offices in London
and Hong Kong, SCIPP International delivers information security awareness,
training, and certification programs throughout the world. 


SCIPP International was formed to develop, define and promote best business
practices for security awareness training with a singular focus on
increasing understanding and instilling positive behavioral changes as they
relate to protecting information assets.


To unsubscribe from SCIPP Alerts,
OycYxqKGN5TotVqYrBzgbA> click here.


Don Cochran                                   

SCIPP International

1964 Gallows Road, Suite 320

Vienna, Virginia 22182

United States of America


+1 703.637.4422 (Direct)



Ansi100x100.jpg           SCIPP International

"The Security Awareness Certification Company"



-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-bangalore/attachments/20100601/acf91b68/attachment.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/jpeg
Size: 2320 bytes
Desc: not available
Url : https://lists.owasp.org/pipermail/owasp-bangalore/attachments/20100601/acf91b68/attachment.jpe 

More information about the OWASP-Bangalore mailing list