https://wiki.owasp.org/index.php?action=history&feed=atom&title=Denver_May_2009_meeting
Denver May 2009 meeting - Revision history
2026-04-25T07:42:15Z
Revision history for this page on the wiki
MediaWiki 1.27.2
https://wiki.owasp.org/index.php?title=Denver_May_2009_meeting&diff=65940&oldid=prev
Dc at 21:10, 14 July 2009
2009-07-14T21:10:25Z
<p></p>
<table class="diff diff-contentalign-left" data-mw="interface">
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr style='vertical-align: top;' lang='en'>
<td colspan='2' style="background-color: white; color:black; text-align: center;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black; text-align: center;">Revision as of 21:10, 14 July 2009</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l6" >Line 6:</td>
<td colspan="2" class="diff-lineno">Line 6:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>Title:  Compliance while under siege: justifying security spending for the holes in your defenses.</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>Title:  Compliance while under siege: justifying security spending for the holes in your defenses.</div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;"></ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;">[http://www.owasp.org/images/0/0d/Compliance_while_under_siege_-_OWASP_05-20-09.ppt Slide Deck]</ins></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>Synopsis:  This presentation will show how to integrate a compliance framework into application security testing to produce an effective mechanism for presenting risk. Regulations, including security breach notification legislation, HIPAA, FISMA and other regulations specify penalties for failing to safeguard specific types of information. This presentation will demonstrate how to weave regulatory frameworks into the application testing process and how to quantify risk based upon penalties and ease of exploitation.  Using real world examples, the presenters will show how this methodology can be used to justify security testing as a necessary expenditure for a secure environment.</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>Synopsis:  This presentation will show how to integrate a compliance framework into application security testing to produce an effective mechanism for presenting risk. Regulations, including security breach notification legislation, HIPAA, FISMA and other regulations specify penalties for failing to safeguard specific types of information. This presentation will demonstrate how to weave regulatory frameworks into the application testing process and how to quantify risk based upon penalties and ease of exploitation.  Using real world examples, the presenters will show how this methodology can be used to justify security testing as a necessary expenditure for a secure environment.</div></td></tr>
<tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l13" >Line 13:</td>
<td colspan="2" class="diff-lineno">Line 15:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>* 6:30pm: Introduction and Chapter business</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>* 6:30pm: Introduction and Chapter business</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>* 6:45pm --> 8pm: Presentation</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>* 6:45pm --> 8pm: Presentation</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del style="font-weight: bold; text-decoration: none;"></del></div></td><td colspan="2"> </td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>[https://www.owasp.org/index.php/Denver Back to OWASP Denver]</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>[https://www.owasp.org/index.php/Denver Back to OWASP Denver]</div></td></tr>
</table>
Dc
https://wiki.owasp.org/index.php?title=Denver_May_2009_meeting&diff=60766&oldid=prev
Eduprey: New page: == Wednesday 20 May 2009, 6pm @ RPSC == === Topic: Compliance and application security testing === Presenters: Dr. Joseph McComb, CISSP, CISA, G7799, CHSS and Daniel Weiske, CISSP, CISA,...
2009-05-14T15:38:05Z
<p>New page: == Wednesday 20 May 2009, 6pm @ RPSC == === Topic: Compliance and application security testing === Presenters: Dr. Joseph McComb, CISSP, CISA, G7799, CHSS and Daniel Weiske, CISSP, CISA,...</p>
<p><b>New page</b></p><div>== Wednesday 20 May 2009, 6pm @ RPSC ==<br />
<br />
=== Topic: Compliance and application security testing ===<br />
<br />
Presenters: Dr. Joseph McComb, CISSP, CISA, G7799, CHSS and Daniel Weiske, CISSP, CISA, CAP, NSA-IAM<br />
<br />
Title: Compliance while under siege: justifying security spending for the holes in your defenses.<br />
<br />
Synopsis: This presentation will show how to integrate a compliance framework into application security testing to produce an effective mechanism for presenting risk. Regulations, including security breach notification legislation, HIPAA, FISMA and other regulations specify penalties for failing to safeguard specific types of information. This presentation will demonstrate how to weave regulatory frameworks into the application testing process and how to quantify risk based upon penalties and ease of exploitation. Using real world examples, the presenters will show how this methodology can be used to justify security testing as a necessary expenditure for a secure environment.<br />
<br />
=== Agenda ===<br />
* 6pm: Pizza & pop @ RPSC, courtesy of Corporate Sponsors [http://www.fishnetsecurity.com/ FishNet Security]<br />
* 6:30pm: Introduction and Chapter business<br />
* 6:45pm --> 8pm: Presentation<br />
<br />
<br />
<br />
[https://www.owasp.org/index.php/Denver Back to OWASP Denver]</div>
Eduprey