[Owasp-sanantonio] Meeting on Tuesday, September 25
lmadrid at denimgroup.com
Sat Sep 22 18:07:56 UTC 2012
The next OWASP San Antonio chapter meeting will be on Tuesday, September 25 at 11:30 a.m. See below for details, and don't forget to RSVP at owasprsvp at denimgroup.com or 210-572-4400.
San Antonio OWASP Chapter:
Tuesday, September 25, 2012
Topic: Dev/Ops, Continuous Deployment and APIs, Oh My!
Presenter: Jarret Raim and Matt Tesauro
Date: Tuesday, September 25, 2012
Location: San Antonio Technology Center (Web Room on the first floor)
3463 Magic DriveSan Antonio, TX 78229http://maps.google.com/maps?f=q&hl=en&q=3463+Magic+Drive,+San+Antonio,+TX+
Abstract: As the world of application development continues to change, the security community needs to change with it. With agile development, continuous deployment, the pace of change in IT has only increased. Add in Dev/Ops and the traditional security processes just don’t work. Even if testing windows exist, they are too short for the traditional scanning or manual testing programs. Then, there’s the lack of viable tools to test API’s. What’s a security professional in charge of rolling out an SDLC supposed to do? This talk will cover methods of adapting traditional security practices into a test driven development (TDD) for security and provide practical advice on how to handle short development and promotion cycles with few or no testing windows. A demonstration of a new testing tool will also be part of the presentation.
Presenter Bios: Jarret Raim is the Security Product Manager at Rackspace Hosting. Since joining Rackspace, he has built a software assurance program for Rackspace’s internal software teams as well as defined strategy for building secure systems on Rackspace’s OpenStack Cloud implementation. Through his experience at Rackspace, and as a consultant at Denim Group, Jarret has assessed and remediated applications in all industries and has experience width a wide variety of both development environments and the tools used to audit them. Jarret has recently taken charge of Rackspace's efforts to secure the Cloud through new product development, training and research. Jarret holds an M.S. in Computer Science from Lehigh University and a B.S. in Computer Science from Trinity University.
Matt Tesauro has been involved in the Information Technology industry for more than 10 years. Matt's focus has been in application security including testing, code reviews, design reviews and training. His background in web application development and system administration helped bring a holistic focus to Secure SDLC efforts he's driven. Matt is currently on the board of the OWASP Foundation and highly involved in many OWASP projects and committees. Matt is the project leader of the OWASP WTE (Web Testing Environment) which is the source of the OWASP Live CD Project and Virtual Machines pre-configured with tools and documentation for testing web applications. He has taught both graduate level university courses and for large financial institutions. Matt has presented and provided training a various industry events including DHS Software Assurance Workshop, AppSec EU, AppSec US, AppSec Academia, and AppSec Brazil. Matt Tesauro has a B.S. in Economics and a M.S in Management Information Systems from Texas A&M University. He is also has the CISSP, CEH (Certified Ethical Hacker), RHCE (Red Hat Certified Engineer), and Linux+ certifications.
Lunch will be provided.
Please RSVP: E-mail owasprsvp at denimgroup.com or call (210) 572-4400
More information about the Owasp-sanantonio