[Owasp-SFL] Wednesday, May 21, 2014 - 5:00pm - South Florida OWASP Meeting
rohini_sulatycki at yahoo.com
Thu Apr 17 12:57:09 UTC 2014
Wednesday, May 21, 2014 - 5:00pm - South Florida OWASP Meeting – 2 great talks and networking after
Talk 1: Agile Security
Agile, DevOps, and the Security Practioner? I have worked in this business for almost 15 years now. I left for a few years because of the misery of the industry. Or so I thought? I really went to go find myself. When I came back I found that I was a different person. What I learned about working outside of Information Security is that we really have lost touch and have stopped relating with our peers. I felt the schism very much so. Lets fix that. This talk is about our Industry and about us. Its about Culture, People over Tools, what we need to do to be successful, and how we need to work together. Its about
what the next 15 years will be for us and why its important that we much adopt and change the way we are.
If you don’t understand the fight or flight moment we all face then we will be replaced with those who do understand it. It’s not that we won’t be subject matter experts, or that we are not some of the brightest minds in our fields. The problem is we can’t get out of own way. In this mostly visually impactful, entertaining talk, I present a way out. We must be brave to embrace it. Most of all, we must start that education process now, because we are already behind the eight ball.
This talk is built like a sermon, almost religious like, because make no mistakes, The way to solve the problem is to start re-thinking who we are and why we are here. The time is now.
BIO: Moses Hernandez
My name is Moses Hernandez. I’ve been in the Information Security ‘industry’
professionally since the late 90′s. Having worked in and around the industry for as long as I have, you get to wear many hats and see many things. From Network Engineering and Architecture and also getting involved in Software, Applications, Development and other aspects of computer science I have no business being in.
He has worked for SANS as a Instructor for their Penetration Testing Courses as well as worked for at an Architect Capacity for many years. He is currently employed with Cisco Systems. If you want to talk about the intricacies of building scalable networks or get down in debugging software we can have both conversations comfortably. But you know what really gets me going? People, Companies, Software, and our community.
Talk 2: 3rd party application software controls
All businesses depend on software from third-party software providers and commercial off-the-shelf software
(COTS) vendors. Organizations can hope the software from third parties is built securely, but hope isn’t a viable security strategy. Recent breaches highlight that understanding risks introduced by third party software can impact an organization’s confidentiality, integrity and availability. However, a recent study by PWC highlighted that only 20% of organizations consider the impact of 3rd party risk in their security strategy. The FS-ISAC published controls for addressing third party risks in your software. This presentation talks through the 3 technical controls recommended and how you can benefit from them.
Bio: Rishi Pande
NOVA SOUTHEASTERN UNIVERSITY
DeSantis Building, Main Davie Campus
Dean Conference Room 4030(4th Floor)
3301 College Ave Fort Lauderdale, FL 33314-7796
Phone: 800-541-NOVA (6682)
FREE CPE CREDITS! Did you know you earn 2 CPE credits for attending an OWASP Meeting? It's true! Join us to feed your certs
Rohini Sulatycki | Senior Security Consultant
OWASP South Florida Chapter co-chair
email: rohini_sulatycki at yahoo.com
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-florida