[Owasp-ireland] Secure application development workshop

Roberto Martelloni rmartelloni at gmail.com
Wed Jun 24 11:11:11 UTC 2015


Hello Eoin,

I know you can't accommodate all requests but as you are asking for
feedbacks .. here I'am :P

If there will be an its own class focused only on SDLC/CI/AGILE it would be
nice.

In alternative could you have a little break between: XSS, CSRL ... HTTP
HEADERS and SDLC/CI/AGILE  ?
I would like to attend the last part but not the first part.

Do you also have an idea about the 'when' ?

Many Thanks,

R.





On Wed, Jun 24, 2015 at 11:14 AM, Eoin Keary <eoin.keary at owasp.org> wrote:

> Hi,
> I'm afraid we can't do everything in 3-4 hours. We can cover off a piece
> on CI / agile SAST and sprint-based security if that works? I'd like to
> cover off
> XSS
> CSRF
> SQLI
> CRYPTO
> CLICKJACKING
> HTTP HEADERS
> SDLC/CI/AGILE
>
>
>
> Eoin Keary
> OWASP Volunteer
> @eoinkeary
>
>
>
> On 24 Jun 2015, at 11:56, McCavana, Leo <Leo.McCavana at allstate.com> wrote:
>
>  Hello All,
>
>
>
> Apologies for the broad, sweeping question, but will the class provide
> coverage as to how secure coding can be facilitated in an Agile environment
> as opposed to a traditional waterfall environment …. e.g. expressing secure
> requirements in ‘stories’ or doing an initial ‘security sprint’?  Maybe
> that’s a whole class on its own!
>
>
>
> Thanks,
>
>
>
> Leo
>
>
>
> *From:* owasp-ireland-bounces at lists.owasp.org [
> mailto:owasp-ireland-bounces at lists.owasp.org
> <owasp-ireland-bounces at lists.owasp.org>] *On Behalf Of *Eoin Keary
> *Sent:* Friday, June 19, 2015 6:28 PM
> *To:* Roberto Martelloni
> *Cc:* owasp-ireland at lists.owasp.org; Paul Canavan
> *Subject:* Re: [Owasp-ireland] Secure application development workshop
>
>
>
> Working on it.
>
> Appsec 101
>
> Csrf
>
> Xss
>
> Sqli
>
> Nodejs
>
> Http sec
>
> Crypto
>
>
>
> Eoin Keary
>
> BCC Risk Advisory - edgescan CTO
>
> Gartner "notable vendor" MSSP MQ
>
>
>
>
>
>
> On 19 Jun 2015, at 09:58, Roberto Martelloni <rmartelloni at gmail.com>
> wrote:
>
>   Hi Eoin,
>
>
>
> Is there, even if only preliminary, an agenda of the workshop ?
>
>
>
> Many Thanks,
>
> R.
>
>
>
> On Thu, Jun 18, 2015 at 7:03 PM, Eoin Keary <eoin.keary at owasp.org> wrote:
>
> Hi Paul,
>
> I believe we shall have 40-60 people attending.
>
> See you there.
>
> Eoin Keary
>
> BCC Risk Advisory - edgescan CTO
>
> Gartner "notable vendor" MSSP MQ
>
>
>
>
>
>
> On 18 Jun 2015, at 15:18, Paul Canavan <pcanavan at gmail.com> wrote:
>
>    Hi Eoin,
>
> Myself and several others in my company would be interested and happy to
> pay the 50 euro membership.
>
> How many would you need in order to run it?
>
> Cheers,
>
> Paul.
>
>
>
> On 17 June 2015 at 13:00, <owasp-ireland-request at lists.owasp.org> wrote:
>
> Send Owasp-ireland mailing list submissions to
>         owasp-ireland at lists.owasp.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
>         https://lists.owasp.org/mailman/listinfo/owasp-ireland
> or, via email, send a message with subject or body 'help' to
>         owasp-ireland-request at lists.owasp.org
>
> You can reach the person managing the list at
>         owasp-ireland-owner at lists.owasp.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Owasp-ireland digest..."
>
>
> Today's Topics:
>
>    1. Secure application development workshop (Eoin Keary)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Tue, 16 Jun 2015 22:45:55 +0100
> From: Eoin Keary <eoin.keary at owasp.org>
> To: "owasp-ireland at lists.owasp.org" <owasp-ireland at lists.owasp.org>
> Cc: Rahim Jina <rahim at bccriskadvisory.com>
> Subject: [Owasp-ireland] Secure application development workshop
> Message-ID: <A17924AB-1D00-44CB-975A-05208396C3A5 at owasp.org>
> Content-Type: text/plain; charset="utf-8"
>
> Hello Chapter,
>
> I was considering delivering a free half day secure application
> development workshop in July.
>
> This would be open to all OWASP members and non members can join OWASP
> (?50) to attend also.
>
> The class would be similar to the class I've previously delivered with Jim
> Manico (@manicode) at RSA USA, RSA EU, AppsecEu etc.
>
> It is suitable for development types who would like a grounding in secure
> Dev and also pentesters who need a refresher.
> So send your devs to the class!
>
> Beer and pizza shall also be provided by sponsors / chapter funds if
> possible.
>
> Any takers?
>
>
>
>
> Eoin Keary
> BCC Risk Advisory - edgescan CTO
> Gartner "notable vendor" MSSP MQ
>
>
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <
> http://lists.owasp.org/pipermail/owasp-ireland/attachments/20150616/73ba8bf0/attachment-0001.html
> >
>
> ------------------------------
>
> _______________________________________________
> Owasp-ireland mailing list
> Owasp-ireland at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-ireland
>
>
> End of Owasp-ireland Digest, Vol 100, Issue 6
> *********************************************
>
>
>
>  _______________________________________________
> Owasp-ireland mailing list
> Owasp-ireland at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-ireland
>
>
> _______________________________________________
> Owasp-ireland mailing list
> Owasp-ireland at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-ireland
>
>
>
>
>
> --
>
> Roberto Martelloni
> boos @ http://boos.core-dumped.info
>
>


-- 
Roberto Martelloni
boos @ http://boos.core-dumped.info
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-ireland/attachments/20150624/a552daeb/attachment-0001.html>


More information about the Owasp-ireland mailing list