[Owasp-board] Fortify proposed talk.

Dinis Cruz dinis at ddplus.net
Wed Apr 18 17:57:55 UTC 2007


Yes, I am just finishing the Excel doc

You can start reading them since there are lots of proposals (with very good
quality)
https://www.owasp.org/index.php/OWASP_Spring_Of_Code_2007_Applications

Btw, the certification project is also one to consider (Matteo sent a
private email about that last month) since Vigilar (who will join as a
member) will assigin its membership fees to that project

We might need to change a couple a little bit in order to avoid some overlap
and to make sure we get the most out of it

Dinis


On 4/18/07, Jeff Williams <jeff.williams at aspectsecurity.com> wrote:
>
>  Yo D – isn't it about time to start grading the SpoC proposals?
>
>
>
> --Jeff
>
>
>
>
>
> *From:* Dinis Cruz [mailto:dinis at ddplus.net]
> *Sent:* Wednesday, April 18, 2007 1:52 PM
> *To:* Jeff Williams
> *Cc:* Dave Wichers
> *Subject:* Re: Fortify proposed talk.
>
>
>
> Me too
>
> Thanks cool
>
> On 4/18/07, *Jeff Williams* <jeff.williams at aspectsecurity.com> wrote:
>
> I know Brian pretty well and he does a nice job of talking about appsec
> without being too salesy.  I don't have any problem with the talk.
>
>
>
> --Jeff
>
>
>  ------------------------------
>
> *From:* Dave Wichers [mailto:dave.wichers at owasp.org]
> *Sent:* Tue 4/17/2007 9:15 PM
> *To:* Jeff Williams
> *Cc:* 'Dinis Cruz'
> *Subject:* Fortify proposed talk.
>
> I have 2 large speaking slots (1.25 hours) and a smaller slot (45 min)
> still
> to fill.
>
> What do you think about the proposed talk below? Although I agree with the
> premise of the talk, it has the danger of being a thinly veiled ad for
> Fortify's code analysis tools. However, even so, it might still be of
> interest to the OWASP conference audience.
>
> If I agree, I would think 40-45 minutes would be plenty of time for this.
>
> What do you think?
>
> -Dave
>
> p.s. If you don't like the proposed talk, I need some help filling some
> holes in the agenda.
>
> -----Original Message-----
> From: Justin Yu [ mailto:jyu at sterlingpr.com <jyu at sterlingpr.com>]
> Sent: Monday, April 09, 2007 12:04 PM
> To: Dave Wichers
> Subject: Re: Conference speaking opportunities
>
> Hi Dave,
>
> Please find Fortify Software's proposed speaking presentation abstract
> below.  I can supply you with a presentation and a white paper, at your
> request.  Fortify would love to have a speaking slot, if there are any
> available time slots left, as it would
> go well with our sponsorship. (Fortify is sponsoring both appsec
> conference
> in Italy and San Jose) Please let me know what you think.  Thanks for your
> help, Dave!
>
> Best,
>
> Justin
>
>
> Making Source Code Analysis Part of the Security Review Process
>
> Brian Chess
>
>
> How do you know if your software applications are secure? Source code
> analysis allows development organizations to manage software security by
> leveraging well-documented best practices that can be automated. This
> session will reveal how source code
> analysis can be a powerful tool for software security architects,
> developers
> and QA professionals by finding vulnerabilities throughout a code base.
> How
> do you know if your software applications are secure? Manual audits only
> cover a small percentage of
> the source code base and periodic checks only provide a snapshot in time.
> Source code analysis allows development organizations to manage software
> security by leveraging well-documented best practices that can be
> automated.
> This session will reveal how
> source code analysis can be a powerful tool for software security
> architects, developers and QA professionals by pinpointing security
> vulnerabilities throughout an entire code base as an integral part of the
> development cycle, or as part of software
> security audits in order to significantly improve application security.
> The
> session will describe the ins and outs of the technology, including its
> limitations and newly explored areas.  Real life examples from actual
> engagements will be used throughout.
>
>
>
> --------------------
> Justin Yu
> Account Associate
> Sterling Communications, Inc.  |  The Inside Agency
> San Francisco
> 415.992.3223
> www.sterlingpr.com
>
> "Dave Wichers" <dave.wichers at owasp.org> on Friday, April 6, 2007 at 5:24
> PM
> -0800 wrote:
> >Please do.
> >
> >-----Original Message-----
> >From: Justin Yu [mailto:jyu at sterlingpr.com <jyu at sterlingpr.com>]
> >Sent: Friday, April 06, 2007 11:58 AM
> >To: Dave Wichers
> >Subject: Re: Conference speaking opportunities
> >
> >Dave,
> >
> >I took a look at the OWASP Appsec Italy conference website, and tutorial
> 1
> >("Foundations of Web Application Security") would sound like a great fit
> for
> >Fortify Software, who establishes and maintains data security software
> from
> >the source code and
> >throughout the software development lifecycle.  I'd be more than happy to
>
> >forward you an abstract of our proposed presentation, if there are still
> >speaking slots available for this track.  Let me know, thanks Dave!
> >
> >Justin
> >
> >--------------------
> >Justin Yu
> >Account Associate
> >Sterling Communications, Inc.  |  The Inside Agency
> >San Francisco
> >415.992.3223
> > www.sterlingpr.com
> >
> >"Dave Wichers" <dave.wichers at owasp.org> on Wednesday, April 4, 2007 at
> 5:26
> >PM -0800 wrote:
> >>There are two panels on the agenda. Just take a look and if you have
> >someone
> >>interested in serving on either panel, please let me know.
> >>
> >>Thanks, Dave
> >>
> >>-----Original Message-----
> >>From: Justin Yu [mailto:jyu at sterlingpr.com <jyu at sterlingpr.com>]
> >>Sent: Wednesday, April 04, 2007 4:43 PM
> >>To: Dave Wichers
> >>Subject: Re: Conference speaking opportunities
> >>
> >>Dave,
> >>
> >>Thanks for your quick response.  I spoke with Cindi Rizzo, Fortify
> >>Software's Marketing Program Manager yesterday and she informed me that
> you
> >>two had a conversation awhile back regarding submitting a late paper for
> >the
> >>OWASP Milan conference.  Cindi
> >>also mentioned that you had a panel topic already in mind to recommend?
> >Let
> >>me know your thoughts on Fortify's participation and paper submissions
> and
> >>I'll move forward with that.
> >>
> >>Best,
> >>
> >>Justin Yu
> >>
> >>--------------------
> >>Justin Yu
> >>Account Associate
> >>Sterling Communications, Inc.  |  The Inside Agency
> >>San Francisco
> >>415.992.3223
> >> www.sterlingpr.com
> >>
> >>"Dave Wichers" <dave.wichers at owasp.org> on Tuesday, April 3, 2007 at
> 5:45
> >PM
> >>-0800 wrote:
> >>>I have a few slots left for Milan so if you are quick, you might be
> able
> >to
> >>>get in there. I don't have any specific deadlines defined for Mountview
>
> >yet
> >>>(only 1 conference at a time). If you have something you are interested
> in
> >>>submitting for either conference, feel free to submit.
> >>>
> >>>Thanks, Dave
> >>>
> >>>-----Original Message-----
> >>>From: Justin Yu [mailto:jyu at sterlingpr.com <jyu at sterlingpr.com> ]
> >>>Sent: Tuesday, April 03, 2007 2:05 PM
> >>>To: conferences at owasp.org
> >>>Subject: Conference speaking opportunities
> >>>
> >>>Hi there,
> >>>
> >>>I just had a quick question concerning speaking opportunities for both
> the
> >>>OWASP North America show in Mountain View, CA in October 2007 as well
> as
> >>the
> >>>conference in Italy in May.  Fortify Software is a sponsor for both of
> >>these
> >>>conferences and would
> >>>like to get more information about speaking requirements, deadlines
> >>>(specifically for the upcoming show in Mountain View, as no deadlines
> have
> >>>been posted on the website), submission guidelines, etc...please let me
> >>know
> >>>via phone or email as soon as
> >>>possible.  Thank you!
> >>>
> >>>Best regards,
> >>>
> >>>Justin Yu
> >>>
> >>>--------------------
> >>>Justin Yu
> >>>Account Associate
> >>>Sterling Communications, Inc.  |  The Inside Agency
> >>>San Francisco
> >>>415.992.3223
> >>> www.sterlingpr.com
> >>>
> >>>
> >>
> >>
> >>
> >
> >
> >
>
>
>
>


-- 
Dinis Cruz
Chief OWASP Evangelist, Are you a member yet?
http://www.owasp.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20070418/5bdbc6ea/attachment-0002.html>


More information about the Owasp-board mailing list