[Owasp-denver] Reminder: Denver OWASP Tomorrow (Wed) @6PM
eduprey at owasp.org
Tue May 19 15:00:26 EDT 2009
This is a reminder that the Denver OWASP meeting is tomorrow evening
(Wednesday 5/20) at Raytheon Polar Services, at 6:00 PM.
7400 S. Tucson Way, Centennial CO 80112
More information is available at:
If you have not accepted the previous calendar invite and need to RSVP,
please send email to eduprey at owasp.org to help us in planning for the
proper amount of food and beverage. :)
The May meeting of the Denver OWASP chapter is on the topic of compliance,
communicating risk, and justifying spending on an application security
program. Given the current economy, (heightened risk and an often-limited
security budget) these issues are increasingly vital.
Date: 5/20/2009 @ 6:00 PM Mountain Time
Title: Compliance while under siege: justifying security spending for the
holes in your defenses.
Presenters: Dr. Joseph McComb, CISSP, CISA, G7799, CHSS and Daniel Weiske,
CISSP, CISA, CAP, NSA-IAM
Synopsis: This presentation will show how to integrate a compliance
framework into application security testing to produce an effective
mechanism for presenting risk. Regulations, including security breach
notification legislation, HIPAA, FISMA and other regulations specify
penalties for failing to safeguard specific types of information. This
presentation will demonstrate how to weave regulatory frameworks into the
application testing process and how to quantify risk based upon penalties
and ease of exploitation. Using real world examples, the presenters will
show how this methodology can be used to justify security testing as a
necessary expenditure for a secure environment.
More information is at http://www.owasp.org/index.php/Denver
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OWASP-DENVER