[Owasp-twincities] OWASP MSP February Meeting

Alex Bauert alex.bauert at owasp.org
Fri Feb 1 15:43:37 UTC 2013


*OWASP MSP <http://www.owasp.org/index.php/Minneapolis_St_Paul>  Presents*

*Tony UV*

* *

 Web Application Cooking with PASTA  - Process for Attack Simulation and
Threat Assessment
*Date:* Monday, February 11, 2013

Register Here <http://www.eventbrite.com/event/5330523740#>

*Agenda:*

*5:30 PM *Room opens for networking

*6:15 PM* Welcome: OWASP chapter update

*6:30 PM* *Tony Uceda-Velez*

*7:45 PM* Wrap-up

*Thank You Cargill *for sponsoring our meeting location



Talk Title:  Web Application Cooking w/ PASTA - Process for Attack
Simulation and Threat Assessment
The attack landscape has changed and is too dynamic to apply one
dimensional strategies. Mitigation begins with planning and threat modeling
is a great and integrated way to enhance greater governance around security
via an integrated risk methodology such as PASTA, a risk centric or asset
centric threat modeling methodology.  Beyond simply attack enumeration and
countermeasure development planning, PASTA allows for threat modelers to
integrate security to a multitude of fractured security disciplines.
Today's shifting attack landscape requires planning as to who your
attackers are, what are they after, and why are they attacking you. The
methodology of PASTA will be covered and applied to web application
technologies for this discussion.





Bio
Tony UcedaVelez, CRISC, CISM, CISA, GIAC has more than 14 years of hands-on
security and technology experience across government, healthcare,
financial, education, and utility sectors. Tony founded VerSprite with the
premise of redefining security services to a point that it reflects a
hybrid and balanced approach in understanding client needs. Tony has
consulted for numerous Fortune 500 organizations as well as large
government entities within the areas of application security, security risk
management, network security, and governance. Before VerSprite, Tony was
the Sr. Director of Policy and Risk Management for a major Fortune 50
information service bureau. Tony's background in IT operations and software
development, coupled with security operations, allows him to lead VerSprite
with the mission of providing tailored, strategic solutions to its client
base. Tony is a frequent speaker/ writer at ISACA, OWASP, and other
information security forums around the world and is currently managing the
Atlanta OWASP Chapter. He is also currently co-writing a book on
application threat modeling via Wiley Life Sciences and has co-developed a
patent pending methodology for risk based threat models. Tony is a graduate
from Cornell University.
*You must be registered for the event to attend.  Register
Here<http://www.eventbrite.com/event/5330523740#>





Please contact Alex at alex.bauert at owasp.org <lorna.alamri at owasp.org> or
651-587-4572 <http://www.eventbrite.com/event/5330523740#> if you would
like to sponsor a meeting or meeting location for an upcoming OWASP MSP
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-twincities/attachments/20130201/17a1dcf5/attachment.html>


More information about the Owasp-twincities mailing list