[Owasp-boston] OWASP Boston AppSec Conf topics

George Ehrhorn George.Ehrhorn at mathworks.com
Mon Jun 23 11:38:31 UTC 2014


A huge echo to this one:

Security test automation with OWASP ZAP and Zest scripting language

And follow the same line with


*         Security Unit testing with Selenium

*         Effective static code analysis tools

If someone would like a topic done on, "Conducting lightweight threat modeling" I just presented at ISACA NE about using the OCTAVE Allegro framework to do a risk assessment. I could make some minor modifications and highlight the threat modelling aspects. Slides are here<https://drive.google.com/file/d/0Bz9j_qHxxTNiN3lpeU1Oa2tBTFE/edit?usp=sharing>

-George

From: owasp-boston-bounces at lists.owasp.org [mailto:owasp-boston-bounces at lists.owasp.org] On Behalf Of Brian Cortez
Sent: Sunday, June 22, 2014 23:27
To: jim.weiler at owasp.org; mark.champine at gmail.com
Cc: owasp-boston at lists.owasp.org
Subject: Re: [Owasp-boston] OWASP Boston AppSec Conf topics

Personally, one of the biggest challenges in this industry it's training front line developers in security awareness. Then, making that knowledge embedded as part of their daily development mantra. I would love a conversation on thoughts, ideas, and/or successful use cases to make this possible.

(Sent from my Android phone)

Brian Cortez
Product Security Advisor
OSS US HE01

Ericsson
77 Sundial Ave Suites 301W & 317
Manchester, NH. 03103
603-263-6491



-----Original Message-----
From: Mark Champine [mark.champine at gmail.com]
Received: Saturday, 21 Jun 2014, 1:36AM
To: Jim Weiler [jim.weiler at owasp.org]
CC: owasp-boston at lists.owasp.org<mailto:owasp-boston at lists.owasp.org> [owasp-boston at lists.owasp.org]
Subject: Re: [Owasp-boston] OWASP Boston AppSec Conf topics
Some ideas:

Web security testing in a DevOps organization
Building web app security expertise in engineering teams
Conducting lightweight threat modeling
Vulnerability Management - Process & Tools
Developing your own web app security development standard
Security test automation with OWASP ZAP and Zest scripting language
Securing REST APIs
Authentication & Enterprise Web Applications (incl. Federation, 2 Factor Auth, SSO)
Open Source Identity Management
Open Source Static Analysis


On Fri, Jun 20, 2014 at 8:15 PM, Jim Weiler <jim.weiler at owasp.org<mailto:jim.weiler at owasp.org>> wrote:
Hi Folks,
The OWASP Boston Application Security Conference 2014 will be at the Microsoft office at 1 Cambridge Place (Not NERD as before) on Oct. 18.
What topics would you like to hear about? Please let me know if you have any suggestions. Below are some ones I came up with.
Mobile app security, forensics
Javascript servers, apps, frameworks
Security for NFC, Bluetooth LE apps
Google Glass app security
web app security trends

_______________________________________________
Owasp-boston mailing list
Owasp-boston at lists.owasp.org<mailto:Owasp-boston at lists.owasp.org>
https://lists.owasp.org/mailman/listinfo/owasp-boston

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-boston/attachments/20140623/e0304e01/attachment.html>


More information about the Owasp-boston mailing list