[Owasp-sanantonio] Final reminder - OWASP San Antonio March Meeting - Web Application Remediation

Dan Cornell dan at denimgroup.com
Tue Mar 27 10:01:02 EDT 2007


All:

This is the final reminder about the OWASP San Antonio meeting on Wed
March 28th.  Hope to see folks there and please invite anyone you think
might be interested.  Details are below.

Thanks,

Dan


=============================

San Antonio OWASP Chapter: March 2007 Meeting
Topic: Web Application Remediation
Presenter: Dan Cornell
Date: March 28th, 11:30am - 1:00pm
Location:
San Antonio Technology Center (Web Room)
3463 Magic Drive
San Antonio, TX 78229
http://maps.google.com/maps?f=q&hl=en&q=3463+Magic+Drive,+San+Antonio,+T
X+78229

Abstract:
What do you do when the dust settles after a web application assessment
or penetration test? You know you have applications with vulnerabilities
and you know your organization is exposed to risks. How do you go about
addressing these risks while still making progress on an already
aggressive development schedule? What issues need to be fixed and which
can be ignored until later.

This presentation will discuss strategies for organizations remediating
vulnerable web applications. It focuses on practical concerns for
planning and executing a successful remediation effort.
* Classifying risks and ranking the severity of web application
vulnerabilities using tools such as STRIDE and DREAD
* Making challenging tradeoff decisions about which vulnerabilities to
address and which risks to live with
* Planning and executing remediation tasks and integrating these with
existing project plans and timelines
* Integrating lessons learned from the assessment and remediation back
into your organization's SDLC

Presenter Bio:
Dan Cornell is a Principal of the Denim Group, a Texas-based consultancy
providing software development and application security services. He has
extensive experience architecting and developing enterprise web
applications on a variety of platforms as well as training and mentoring
development teams on application security and secure coding techniques.
Dan is the creator and primary author of the sprajax open source AJAX
security assessment tool. He is an MCSD as well as a Java 2 Certified
Programmer.

Sodas and snacks will be provided. Feel free to bring a brown-bag lunch.

Please RSVP: E-mail owasprsvp at denimgroup.com or call (210) 572-4400.


More information about the Owasp-sanantonio mailing list