[ OWASP - Montreal ] July 24th - Web security for DevOps: the glory is in the headers

Jonathan Marcil jonathan.marcil at owasp.org
Mon Jul 21 20:55:26 UTC 2014

Hi OWASP Montreal,

I'll be doing an online presentation for DevOps on security with HTTP
headers next Thursday at noon.

Tune in here:
or in Google+:

If you are around the old port you can come live on site, just contact
me to do so.


 - Jonathan Marcil
   OWASP Montreal Chapter Leader
   jonathan.marcil at owasp.org

OWASP Montreal - July 24th - Web security for DevOps: the glory is in
the headers

MAIN PRESENTER: Jonathan Marcil

ABSTRACT: DevOps is a buzzword which can be easily demystified: in
essence it is a process which aims to combine the development and system
administration process into one; Operations. As developers become
responsible for server setup, security counter measures are evolving as
well. The line between server configuration and application behaviour
has been blurred. In this talk we will cover some HTTP headers in
regards to security such as CORS, CSP and HSTS. We will demonstrate
several forms of attack, and how they can (should) be countered.

BIO: Jonathan is devoted to security and specialized in Web application
security. His main occupation is consulting in Web security, but deep
down he is a developer with a agnostic vision of programming languages.
He has a diploma in Software Engineering from Ecole de Technologie
Superieure and more than 10 years of experience in Information
Technology and Security.

WHEN: At noon on July 24th 2014

WHERE: 75 Queen Street, office 3100, Montreal, QC H3C 2N6
REGISTRATION: You can join us on site for a pizza slice but this is
mainly an online event. Contact jonathan.marcil at owasp.org.

WEBCAST: http://www.youtube.com/watch?v=6bp1NCLT-YQ

EVENT SPONSOR: Pheromone http://www.pheromone.ca/

 12:00-12:10 Welcome and quick OWASP introduction
 12:10-13:10 Main presentation - "Web security for DevOps: the glory is
in the headers" Jonathan Marcil
 13:10-... Open discussion and questions



Other news


AppSecUSA will be in Denver, Colorado September 16-19 2014


AppSec USA is a world-class software security conference for developers,
auditors, risk managers, technologists, and entrepreneurs gathering with
the world’s top practitioners to share the latest research and
practices, in the high energy atmosphere of Downtown Denver.


Insightful keynote addresses delivered by leading industry visionaries
from thought leaders of critical infrastructure.
Over 50 sessions across 5 tracks (developer, tester, operations,
workshops, and legal) with world-renowned subject matter experts
An all-new Legal Track to address industry regulations, privacy laws,
liability, and more
A hands-all Workshop Track providing instruction on essential security
tools and skills
Thousands of attendees exclusively focused on Software Security
Extensive Capture the Flag competition developed exclusively for AppSec
USA 2014
Home-brewed beer competition open to all attendees
Convenience of Downtown Denver

Developers, Security Auditors, Risk Managers, Executive Management,
Government, Press, Law Enforcement, Entrepreneurs


OWASP Montreal on Twitter And YouTube

Follow us!


More information about the Owasp-montreal mailing list