[Owasp-scotland] Reminder - OWASP Application Security Event - September 2010

Justin Clarke justin.clarke at owasp.org
Tue Aug 10 10:55:57 EDT 2010

Re: OWASP Ireland September 17th 2010


The agenda has been finalised for the OWASP Ireland event. We have the pleasure to announce a number of key figures from industry which should provide some unique insight into the latest trends, threats and methodologies in the world of application security.

John Viega: “Application Security in the Real World” - Considerations for AppSec in non-security companies.

John is Executive Vice President of Products and Engineering at Perimeter E-Security. John has authored numerous books on security, including the recent “Myths of Security”, and the seminal “Building Secure Software”, which was the first book on application security.


Professor Fred Piper "The changing face of cryptography"

Fred Piper was appointed Professor of Mathematics at the University of London in 1975 and has worked in information security since 1979. In 1985, he formed a company, Codes & Ciphers Ltd, which offers consultancy advice in all aspects of information security. He has acted as a consultant to over 80 companies including a number of financial institutions and major industrial companies in the UK, Europe, Asia, Australia, South Africa and the USA. The consultancy work has been varied and has included algorithm design and analysis, work on EFTPOS and ATM networks, data systems, security audits, risk analysis and the formulation of security policies. He has lectured worldwide on information security, both academically and commercially, has published more than 100 papers and is joint author of Cipher Systems (1982), one of the first books to be published on the subject of protection of communications, Secure Speech Communications (1985), Digital Signatures - Security & Controls (1999) and Cryptography: A Very Short Introduction (2002).



Damian Gordon Phd: “Hackers and Hollywood: The Implications of the Popular Media Representation of Computer Hacking"

Damian Gordon is a lecturer with the School of Computing at the Dublin Institute of Technology and is Programme Co-ordinator for the School's Masters in Computing (Assistive Technology). He was primary researcher on two EU funded projects whose particular focus was looking at issues associated with technoacceptance - the ILT and the E4 projects - and was Educational Advisor for the Ireland-China EMERSION project. His research interests include Differentiated Instruction, Computer Security, Technostress, ICT and Special Needs, Virtual Learning Environments, Image reconstruction from specular reflections, and Lateral Thinking Techniques.


We also have some great international and local speakers covering topics from Smart phone application security to SDLC to Penetration testing techniques:
·         Dan Cornell ("Smart Phones with Dumb Apps")
·         Ryan Berg ("Path to a Secure Application")
·         Dr Marian Ventunaec ("Testing the Enterprise E-mail Security - from Software to Cloud-based Services")
·         Fred Donovan and (“Counter Intelligence as Defense……”)
·         Nick Coblentz (“Microsoft's Security Development Lifecycle……”) but to name a few



Secure application development training shall also be held on the 16th (day prior to the event):

“Secure Application Development: Writing secure code (and testing it)”

Testing shall be delivered by Eoin Keary, OWASP board member and “The OWASP Code Review Guide” (http://www.owasp.org/index.php/Category:OWASP_Code_Review_Project) Lead & Rahm Jina, Senior consultant with Ernst & Young.

This intensive one-day course focuses on the most common web application security problems, including aspects of both the OWASP Top Ten (2010) and the MITRE Top 25.  The course will introduce and demonstrate application assessment techniques, illustrating how application vulnerabilities can be exploited so students really understand how to avoid introducing such vulnerabilities in their code, covering of the following areas:

Unvalidated Input
Injection Flaws
Cross-Site Scriping
Authentication & Session Management
Access control & Authorisation
Broken Caching
Error Handling
Resource Management
Rich Internet Applications & Webservices
The Secure SDLC

Justin Clarke
OWASP London Chapter Leader
OWASP Global Connections Committee
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-scotland/attachments/20100810/79ce7377/attachment.html 

More information about the Owasp-scotland mailing list