[Owasp-boston] OWASP meeting 5/26 MS Waltham

Weiler, Jim Jim.Weiler at starwoodhotels.com
Fri May 20 16:25:14 EDT 2011

The speaker for our original May chapter meeting changed plans, so we
will not have our regular meeting. However, our second meeting on
Thursday 5/26 this month at Microsoft Waltham, 6:30,  will continue as
planned.     If anyone would like to be a pizza sponsor, let Jim Weiler


There will be 2 presentations


Topic - OWASP Top 10 issue #4 - Insecure Direct Object Reference 

Presenter - Jim Weiler, Sr. Mgr. Information Security, Starwood Hotels
and President of OWASP Boston 

Jim Weiler will discuss threat models, risks and various remediations of
issue #4 in the 2010 OWASP Top 10 - Insecure Direct Object References. 

Topic - A Web-Application Architecture for Regulatory Compliant Cloud

Presenter - Arshad Noor, StrongAuth 

The emergence of cloud-computing as an alternative deployment strategy
for IT systems presents many opportunities, yet challenges traditional
notions of data-security. The fact that data-security regulations are
developing teeth, leaves information technology professionals perplexed
on how to take advantage of cloud-computing while proving compliance to
regulations for protecting sensitive information. 

This presentation presents an architecture for building the next
generation of web-applications. This architecture allows you to leverage
emerging technologies such as cloud-computing, cloud-storage and
enterprise key-management (EKM) to derive benefits such as lower costs,
faster time-to-market and immense scalability with smaller investments -
while proving compliance to PCI-DSS, HIPAA/HITECH and similar
data-security regulations. 

Presenter Bio 

Arshad Noor is the CTO of StrongAuth, Inc, a Silicon Vally-based company
that specializes in enterprise key management. He is the designer and
lead-developer of StrongKey, the industry's first open-source Symmetric
Key Management System, and the KeyAppliance - the industry's first
appliance combining encryption, tokenization, key-management and a
cryptographic hardware module at an unprecedented value. He has written
many papers and spoken at many forums on the subject of encryption and
key-management over the years. 


Jim Weiler   CISSP  CSSLP  GSSP-Java

Starwood Hotels and Resorts

Sr. Mgr. Information Security Risk Assessment

Office - 781 356 0067

Cell - 781 654 6048


This electronic message transmission contains information from the Company that may be proprietary, confidential and/or privileged. 
The information is intended only for the use of the individual(s) or entity named above.  If you are not the intended recipient, be 
aware that any disclosure, copying or distribution or use of the contents of this information is prohibited.  If you have received 
this electronic transmission in error, please notify the sender immediately by replying to the address listed in the "From:" field. 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-boston/attachments/20110520/11536eb6/attachment.html 

More information about the Owasp-boston mailing list