[Owasp-SFL] Wednesday, May 21, 2014 - 5:00pm - South Florida OWASP Meeting – 2 great talks and networking after

Sulatycki Rohini rohini_sulatycki at yahoo.com
Wed Apr 23 15:48:33 UTC 2014

Wednesday, May 21, 2014 - 5:00pm - South Florida OWASP Meeting – 2 great talks and networking after

Talk 1: Agile Security
 DevOps, and the Security Practioner? I have worked in this business for
 almost 15 years now. I left for a few years because of the misery of 
the industry. Or so I thought? I really went to go find myself. When I 
came back I found that I was a different person. What I learned about 
working outside of Information Security is that we really have lost 
touch and have stopped relating with our peers. I felt the schism very 
much so. Lets fix that. This talk is about our Industry and about us. 
Its about Culture, People over Tools, what we need to do to be 
successful, and how we need to work together. Its about
 what the next 15 years will be for us and why its important that we 
much adopt and change the way we are.

If you don’t understand the
 fight or flight moment we all face then we will be replaced with those 
who do understand it. It’s not that we won’t be subject matter experts, 
or that we are not some of the brightest minds in our fields. The 
problem is we can’t get out of own way. In this mostly visually 
impactful, entertaining talk, I present a way out. We must be brave to 
embrace it. Most of all, we must start that education process now, 
because we are already behind the eight ball.

This talk is built 
like a sermon, almost religious like, because make no mistakes, The way 
to solve the problem is to start re-thinking who we are and why we are 
here. The time is now. 

BIO: Moses Hernandez
 name is Moses Hernandez. I’ve been in the Information Security 
 professionally since the late 90′s. Having worked in and around the 
industry for as long as I have, you get to wear many hats and see many 
things. >From Network Engineering and Architecture and also getting 
involved in Software, Applications, Development and other aspects of 
computer science I have no business being in.

He has worked for 
SANS as a Instructor for their Penetration Testing Courses as well as 
worked for at an Architect Capacity for many years. He is currently 
employed with Cisco Systems. If you want to talk about the intricacies 
of building scalable networks or get down in debugging software we can 
have both conversations comfortably. But you know what really gets me 
going? People, Companies, Software, and our community.

Talk 2: 3rd party application software controls
 businesses depend on software from third-party software providers and 
commercial off-the-shelf software
 (COTS) vendors. Organizations can hope the software from third parties 
is built securely, but hope isn’t a viable security strategy. Recent 
breaches highlight that understanding risks introduced by third party 
software can impact an organization’s confidentiality, integrity and 
availability. However, a recent study by PWC highlighted that only 20% 
of organizations consider the impact of 3rd party risk in their security
 strategy. The FS-ISAC published controls for addressing third party 
risks in your software. This presentation talks through the 3 technical 
controls recommended and how you can benefit from them.

Bio: Rishi Pande

Facility Location:
 DeSantis Building, Main Davie Campus 
Dean Conference Room 4030(4th Floor) 
3301 College Ave Fort Lauderdale, FL 33314-7796
Phone: 800-541-NOVA (6682)
FREE CPE CREDITS! Did you know you earn 2 CPE credits for attending an OWASP Meeting? It's true! Join us to feed your certs
Best regards,

Rohini Sulatycki | Senior Security Consultant
OWASP South Florida Chapter co-chair
email: rohini_sulatycki at yahoo.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-florida/attachments/20140423/3a98dbbc/attachment.html>

More information about the Owasp-florida mailing list