[ OWASP - Montreal ] July 24th - Web security for DevOps: the glory is in the headers
jonathan.marcil at owasp.org
Mon Jul 21 20:55:26 UTC 2014
Hi OWASP Montreal,
I'll be doing an online presentation for DevOps on security with HTTP
headers next Thursday at noon.
Tune in here:
or in Google+:
If you are around the old port you can come live on site, just contact
me to do so.
- Jonathan Marcil
OWASP Montreal Chapter Leader
jonathan.marcil at owasp.org
OWASP Montreal - July 24th - Web security for DevOps: the glory is in
MAIN PRESENTER: Jonathan Marcil
ABSTRACT: DevOps is a buzzword which can be easily demystified: in
essence it is a process which aims to combine the development and system
administration process into one; Operations. As developers become
responsible for server setup, security counter measures are evolving as
well. The line between server configuration and application behaviour
has been blurred. In this talk we will cover some HTTP headers in
regards to security such as CORS, CSP and HSTS. We will demonstrate
several forms of attack, and how they can (should) be countered.
BIO: Jonathan is devoted to security and specialized in Web application
security. His main occupation is consulting in Web security, but deep
down he is a developer with a agnostic vision of programming languages.
He has a diploma in Software Engineering from Ecole de Technologie
Superieure and more than 10 years of experience in Information
Technology and Security.
WHEN: At noon on July 24th 2014
WHERE: 75 Queen Street, office 3100, Montreal, QC H3C 2N6
REGISTRATION: You can join us on site for a pizza slice but this is
mainly an online event. Contact jonathan.marcil at owasp.org.
EVENT SPONSOR: Pheromone http://www.pheromone.ca/
12:00-12:10 Welcome and quick OWASP introduction
12:10-13:10 Main presentation - "Web security for DevOps: the glory is
in the headers" Jonathan Marcil
13:10-... Open discussion and questions
AppSecUSA will be in Denver, Colorado September 16-19 2014
AppSec USA is a world-class software security conference for developers,
auditors, risk managers, technologists, and entrepreneurs gathering with
the world’s top practitioners to share the latest research and
practices, in the high energy atmosphere of Downtown Denver.
WHY YOU SHOULD ATTEND?
Insightful keynote addresses delivered by leading industry visionaries
from thought leaders of critical infrastructure.
Over 50 sessions across 5 tracks (developer, tester, operations,
workshops, and legal) with world-renowned subject matter experts
An all-new Legal Track to address industry regulations, privacy laws,
liability, and more
A hands-all Workshop Track providing instruction on essential security
tools and skills
Thousands of attendees exclusively focused on Software Security
Extensive Capture the Flag competition developed exclusively for AppSec
Home-brewed beer competition open to all attendees
Convenience of Downtown Denver
WHO SHOULD ATTEND?
Developers, Security Auditors, Risk Managers, Executive Management,
Government, Press, Law Enforcement, Entrepreneurs
OWASP Montreal on Twitter And YouTube
More information about the Owasp-montreal