[Owasp-ireland] OWASP Application Security Event - September 2010

Eoin eoin.keary at owasp.org
Mon Jul 26 07:47:50 EDT 2010


*Re: OWASP Ireland September 17th 2010*

Hello,
The agenda has been finalised for the OWASP Ireland event. We have the
pleasure to announce a number of key figures from industry which should
provide some unique insight into the latest trends, threats and
methodologies in the world of application security.
*http://www.owasp.org/index.php/OWASP_IRELAND_2010*<http://www.owasp.org/index.php/OWASP_IRELAND_2010>

*Keynotes*:

*John Viega: “Application Security in the Real World” - Considerations for
AppSec in non-security companies.*

John is Executive Vice President of Products and Engineering at Perimeter
E-Security. John has authored numerous books on security, including the
recent “Myths of Security”, and the seminal “Building Secure Software”,
which was the first book on application security.

http://www.owasp.org/index.php/John_Viega

*Professor Fred Piper "The changing face of cryptography" *

Fred Piper was appointed Professor of Mathematics at the University of
London in 1975 and has worked in information security since 1979. In 1985,
he formed a company, Codes & Ciphers Ltd, which offers consultancy advice in
all aspects of information security. He has acted as a consultant to over 80
companies including a number of financial institutions and major industrial
companies in the UK, Europe, Asia, Australia, South Africa and the USA. The
consultancy work has been varied and has included algorithm design and
analysis, work on EFTPOS and ATM networks, data systems, security audits,
risk analysis and the formulation of security policies. He has lectured
worldwide on information security, both academically and commercially, has
published more than 100 papers and is joint author of Cipher Systems (1982),
one of the first books to be published on the subject of protection of
communications, Secure Speech Communications (1985), Digital Signatures -
Security & Controls (1999) and Cryptography: A Very Short Introduction
(2002).

http://www.owasp.org/index.php/User:Professor_Fred_Piper

* *

*Damian Gordon Phd: “Hackers and Hollywood: The Implications of the Popular
Media Representation of Computer Hacking"*

Damian Gordon is a lecturer with the School of Computing at the Dublin
Institute of Technology and is Programme Co-ordinator for the School's
Masters in Computing (Assistive Technology). He was primary researcher on
two EU funded projects whose particular focus was looking at issues
associated with technoacceptance - the ILT and the E4 projects - and was
Educational Advisor for the Ireland-China EMERSION project. His research
interests include Differentiated Instruction, Computer Security,
Technostress, ICT and Special Needs, Virtual Learning Environments, Image
reconstruction from specular reflections, and Lateral Thinking Techniques.

http://www.owasp.org/index.php/User:Damian_Gordon
*We also have some great international and local speakers covering topics
from Smart phone application security to SDLC to Penetration testing
techniques:*

·         Dan Cornell ("Smart Phones with Dumb Apps")

·         Ryan Berg ("Path to a Secure Application")

·         Dr Marian Ventunaec ("Testing the Enterprise E-mail Security -
from Software to Cloud-based Services")

·         Fred Donovan and (“Counter Intelligence as Defense……”)

·         Nick Coblentz (“Microsoft's Security Development Lifecycle……”) but
to name a few



http://www.owasp.org/index.php/OWASP_IRELAND_2010#Agenda_and_Presentations_-_September_17



*Training*:

http://www.owasp.org/index.php/OWASP_IRELAND_2010#Training

Secure application development training shall also be held on the 16th (day
prior to the event):

*“Secure Application Development: Writing secure code (and testing it)”*

Testing shall be delivered by Eoin Keary, OWASP board member and “The OWASP
Code Review Guide” (
http://www.owasp.org/index.php/Category:OWASP_Code_Review_Project) Lead &
Rahm Jina, Senior consultant with Ernst & Young.

This intensive one-day course focuses on the most common web application
security problems, including aspects of both the OWASP Top Ten (2010) and
the MITRE Top 25.  The course will introduce and demonstrate application
assessment techniques, illustrating how application vulnerabilities can be
exploited so students really understand how to avoid introducing such
vulnerabilities in their code, covering of the following areas:

Unvalidated Input

Injection Flaws

Cross-Site Scriping

CSRF

Authentication & Session Management

Access control & Authorisation

Broken Caching

Error Handling

Cryptography

Resource Management

Rich Internet Applications & Webservices

The Secure SDLC

-- 
Eoin Keary
OWASP Global Board Member
OWASP Code Review Guide Lead Author

Sent from my i-Transmogrifier
http://asg.ie/
https://twitter.com/EoinKeary
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-ireland/attachments/20100726/0dc5e089/attachment.html 


More information about the Owasp-ireland mailing list