[Owasp-SFL] Wednesday, May 21, 2014 - 5:00pm - South Florida OWASP Meeting - 2 Great talks and networking after

South Florida OWASP sfl.owasp at gmail.com
Tue May 20 12:03:23 UTC 2014

Wednesday, May 21, 2014 - 5:00pm - South Florida OWASP Meeting – 2 great
talks and networking after

Talk 1: Agile Security
Agile, DevOps, and the Security Practioner? I have worked in this business
for almost 15 years now. I left for a few years because of the misery of
the industry. Or so I thought? I really went to go find myself. When I came
back I found that I was a different person. What I learned about working
outside of Information Security is that we really have lost touch and have
stopped relating with our peers. I felt the schism very much so. Lets fix
that. This talk is about our Industry and about us. Its about Culture,
People over Tools, what we need to do to be successful, and how we need to
work together. Its about what the next 15 years will be for us and why its
important that we much adopt and change the way we are.

If you don’t understand the fight or flight moment we all face then we will
be replaced with those who do understand it. It’s not that we won’t be
subject matter experts, or that we are not some of the brightest minds in
our fields. The problem is we can’t get out of own way. In this mostly
visually impactful, entertaining talk, I present a way out. We must be
brave to embrace it. Most of all, we must start that education process now,
because we are already behind the eight ball.

This talk is built like a sermon, almost religious like, because make no
mistakes, The way to solve the problem is to start re-thinking who we are
and why we are here. The time is now.

BIO: Moses Hernandez
My name is Moses Hernandez. I’ve been in the Information Security
‘industry’ professionally since the late 90′s. Having worked in and around
the industry for as long as I have, you get to wear many hats and see many
things. From Network Engineering and Architecture and also getting involved
in Software, Applications, Development and other aspects of computer
science I have no business being in.

He has worked for SANS as a Instructor for their Penetration Testing
Courses as well as worked for at an Architect Capacity for many years. He
is currently employed with Cisco Systems. If you want to talk about the
intricacies of building scalable networks or get down in debugging software
we can have both conversations comfortably. But you know what really gets
me going? People, Companies, Software, and our community.

Talk 2: 3rd party application software controls
All businesses depend on software from third-party software providers and
commercial off-the-shelf software (COTS) vendors. Organizations can hope
the software from third parties is built securely, but hope isn’t a viable
security strategy. Recent breaches highlight that understanding risks
introduced by third party software can impact an organization’s
confidentiality, integrity and availability. However, a recent study by PWC
highlighted that only 20% of organizations consider the impact of 3rd party
risk in their security strategy. The FS-ISAC published controls for
addressing third party risks in your software. This presentation talks
through the 3 technical controls recommended and how you can benefit from
Bio: Rishi Pande

Facility Location:
Carl DeSantis Building, Main Davie Campus
Dean Conference Room 4030(4th Floor)
3301 College Ave Fort Lauderdale, FL 33314-7796
Phone: 800-541-NOVA (6682)

FREE CPE CREDITS! Did you know you earn 2 CPE credits for attending an
OWASP Meeting? It's true! Join us to feed your certs

Best regards,

Rohini Sulatycki
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-florida/attachments/20140520/8af810f5/attachment.html>

More information about the Owasp-florida mailing list