[Owasp-portland] What are you more interested in learning about?

Timothy D. Morgan tmorgan-owasp at vsecurity.com
Wed May 12 11:43:43 EDT 2010

Hey Mike,

> Well heck, if the bar is so low I'll throw my hat in the ring. I get
> fired up about:
> - threat modeling
> - Chicken Little syndrome
> - authentication
> - *useful* distinctions in crypto-land
> - the overuse of firewalls, IDS and NAT

We definitely don't want to give the impression that speakers need to
come up with conference-level talks or training to get a discussion
going in our meetings.  If it's something you're fired up about,
you're halfway there.  Persuasive talks are great for getting people
thinking about issues.

As for your list above, I'd personally be most interested in
authentication and to find out what you mean by "*useful* distinctions
in crypto-land".  

> I'm sure no one here's ever heard of me, so a little intro is in
> order: I've done security consulting as a blue badge for both
> Microsoft and Intel (my current employer), and while I started out my
> career as an infrastructure security guy, I'm pretty heavily into the
> design side of SDL now.  I've got plenty of opinions (and a few of 'em
> may be worthwhile), and I monkey around with a few .NET code projects
> on Codeplex.
> Happy to help get some momentum going, especially if there are a few
> willing zealots in the room to banter back & forth on a hot button
> issue with me.
> Oh, and BTW I'm Canadian (and insufferably vocal about it).

Nice to meet you.  I'm sure you'll find a zealot or two to banter with
in our group.  At a minimum, there's me. ;-)

Let us know if/when you'd be interested in giving a talk and what your
first topic would be.


More information about the Owasp-portland mailing list