[Owasp-southafrica] OWASP NY

OWASP - South Africa owasp-southafrica at lists.owasp.org
Thu Aug 14 03:07:47 EDT 2008

Thanks Lindsay,

My talk is based on the past 4 years worth of active research and  
testing on financial banking applications. Whilst security testing of  
banking applications isn't new, there are a handful of issues that  
need to be looked at, that are drastically different from your  
standard web applications.

We have found that many security consultancies do not understand the  
applications they are testing and therefore pass insecure applications  
as secure and ready to make the move from UAT into production,  
increasing the risk for the bank.

This talk will hopefully give testers, and indeed anyone involved  
within the SDLC, the right information to determine if a banking  
application is fit for purpose.

Obviously I will be in NYC, so more than happy to have a drink with  
anyone who is flying out.


On 14 Aug 2008, at 8:54 AM, OWASP - South Africa wrote:

> Hi everyone,
> With the OWASP New York conference fast approaching, was wondering  
> if any of our local chapter members will be attending.
> I see according to the schedule, Daniel Cuthbert will be doing a  
> presentation entitled:   OWASP Testing Guide - Offensive Assessing  
> Financial Applications.
> http://www.owasp.org/index.php/OWASP_NYC_AppSec_2008_Conference
> For those like myself working in the financial sector, am hoping  
> Daniel who is part of this mailing list wouldn’t mind giving a bit  
> more insight into the topic discussion, and with any luck, consider  
> presenting to the rest of us unfortunate plebs that simply cant’ get  
> away from work to make it to NY.
> I’d also like to introduce a new member of the local OWASP Chapter,  
> Wimpie du Plessis, whom will be assisting me with the running of the  
> chapter and organising of events.
> Wimpie du Plessis has over 10 years experience in the Information  
> Security Sector ranging from government agencies, ISP’s to large  
> corporations.
> Welcome Wimpie!
> Lindsay van Eden
> GRCB Information Security
> Barclays PLC – ZA Regional Data Centre
> Direct:  +27 11 772 7172
> mailto:  Lindsay.vaneden at absa.co.za
> mailto:  Lindsay.vaneden at barclays.com
> mailto:  GRCBZARegionalDataCentreInformationSecurity at Barclays.com
> OWASP South Africa
> https://www.owasp.org/index.php/South_Africa
> ___________________________________________________________
> Important Notice:
> Absa is an Authorised Financial Services Provider and Registered  
> Credit Provider,
> registration number: NCRCP7.
> This e-mail and any files transmitted with it are confidential and  
> intended for the use of
> the individual or entity to whom they are addressed.
> Please note that there are terms and conditions and some important  
> restrictions,
> qualifications and disclaimers ("the Disclaimer") that apply to this  
> email. To read this
> click on the following address or copy into your Internet browser:
> http://www.absa.co.za/disclaimer
> The Disclaimer forms part of the content of this email in terms of
> section 11 of the Electronic Communications and Transactions
> Act, 25 of 2002.
> If you are unable to access the Disclaimer, send a blank e-mail
> to disclaimer at absa.co.za and we will send you a copy of the
> Disclaimer.
> _______________________________________________
> Owasp-southafrica mailing list
> Owasp-southafrica at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-southafrica

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-southafrica/attachments/20080814/dd564943/attachment.html 

More information about the Owasp-southafrica mailing list