[Owasp-ireland] OWASP Ireland News - July 11th 2010

Fabio Cerullo fcerullo at owasp.org
Sat Jul 10 23:41:06 EDT 2010

OWASP Ireland News
           July 11th, 2010

*1. OWASP Ireland 2010 Conference: Register Early to win an Ipod Touch!*

*2. OWASP Ireland August Event: Security Implications and Solutions
for Web Applications based on SOA*

*3. OWASP Ireland Jobs Board*


*1. OWASP Ireland 2010 Conference: Register Early to win an Ipod Touch!*

We are approaching fast to the biggest Application Security Conference
in Ireland.

And just to make it more exciting we are going to raffle TWO Ipod
Touch among those who register for the conference before our next
chapter meeting on 11th August (more details below).

So grab your ticket in the URL below and be in a chance to win one of
these great gadgets!


*2. OWASP Ireland August Event: Security Implications and Solutions
for Web Applications based on SOA*

**This is a reminder for the forthcoming OWASP Ireland chapter meeting
to be held on August 11th at 6:30pm-7:30pm (show up at venue between

As usual our location are the Ernst & Young offices in Dublin who
kindly agreed to host our event:

- Ernst & Young, Harcourt Street, Dublin 2, Opposite the Odeon Pub,
Dublin, Ireland

Google Map location here:


last time, we should have plenty of time to have a talk and a few
drinks afterwards.

If you are planning to attend you must RSVP at

Note, please enter your real name, as this will be given to Ernst &
Young building security.

If you don't RSVP, you may not be let into the building.

A certificate of participation will be provided to those attending the event.
== Talk == Title: Security Implications and Solutions for Web
Applications based on SOA
The main point of SOA (in this context) is combining systems and
applications to make new applications, or a big 'overall' application.

This higher inter-operability does (by default) lower security. For a
start, a request originating from a web user might end up at several
back end systems, which do not know who or what the request came from.

Each back end system might have no access to the customer data, have a
different security models, and serve serveral front end. Each of the
above systems could be under different ownership, thus the owners have
different concerns and priorities. Also, the basic solution at a
technical level include single sign on, or security as a service. This
can be costly, give limited coverage and have a performance hit. But
is pretty much the only way to do it. The other thing to do (probably
in tandem) is strict management, and delegation of authority.

== Presenters ==

John Marmelstein has about 13 years in IT. Most of this in distributed
systems and 'Middleware' integration software. Including BEA (now
owned by Oracle). Mainly working on Enterprise Java and more recently
on Microsoft BizTalk. Various industries, incuding financials, public
services, and a fish farm.ˇ

Further details and schedule for the night will be available on the
chapter page:


*3. OWASP Ireland Job Board*

We have decided to open a section in our newsletter to promote
application security jobs in Ireland.

If you are an employer and would like to advertise a job in this
section please send Fabio an e-mail.

These are some of the jobs currently available:

*Application Security Engineer - Amazon Data Services*

*Application Security Analyst - Realex Payments *

You could find more details about them here:


The professional association of OWASP Foundation Inc., is always free and
open to anyone interested in learning more about application security.
Prior to participating with OWASP please review the Chapter Rules and the
OWASP overview for some background. As a 501(3)c non-profit professional
association your support and sponsorship of a meeting venue and/or
refreshments is tax-deductible and all financial contributions can be made
online using the online chapter donation button. We encourage organization
and individual supporters of our ethics & principals to become a voting
MEMBER. More information on how to become a member could be found
here: http://www.owasp.org/Membership
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-ireland/attachments/20100711/2167f4b7/attachment.html 

More information about the Owasp-ireland mailing list