Achim: category OWASP/Training changed to OWASP Training

2014-11-10T21:21:51Z

category OWASP/Training changed to OWASP Training

Achim: category changed to OWASP/Training AppSec_DC_2010

2014-11-10T20:46:49Z

category changed to OWASP/Training AppSec_DC_2010

Jeff Williams: moved Leading an AppSec Initative to Leading an AppSec Initiative

2010-11-07T00:08:19Z

moved Leading an AppSec Initative to Leading an AppSec Initiative

Mark.bristow: Created page with 'NOTOC link=http://www.owasp.org/index.php?title=OWASP_AppSec_DC_2010 [https://guest.cvent.com/EVENTS/Register/IdentityConfirmation.aspx?e=…'

2010-10-20T18:43:31Z

Created page with '__NOTOC__ link=http://www.owasp.org/index.php?title=OWASP_AppSec_DC_2010 [https://guest.cvent.com/EVENTS/Register/IdentityConfirmation.aspx?e=…'

New page

__NOTOC__
[[Image:468x60-banner-2010.gif|link=http://www.owasp.org/index.php?title=OWASP_AppSec_DC_2010]]

[https://guest.cvent.com/EVENTS/Register/IdentityConfirmation.aspx?e=d52c6f5f-d568-4e16-b8e0-b5e2bf87ab3a Registration] | [https://resweb.passkey.com/Resweb.do?mode=welcome_gi_new&groupID=2766908 Hotel] | [http://www.dcconvention.com/ Walter E. Washington Convention Center]
<br>
==Description==
'''Course Length: 2 Days'''

Today, every business function relies on custom software applications. These applications are typically built under tremendous time pressure by internal or contracted developers to fulfill a specific business need. Organizations need to be able to trust that this software has appropriate security mechanisms to thwart attacks and that the code does not contain vulnerabilities. Even software product companies have an extremely difficult time achieving trustworthy code, and experience shows that most custom applications have far more vulnerabilities. Recent market trends show a clear pattern: organizations need an Application Security Initiative in order to achieve this level of trust in their custom-built applications.

In this two-day management session you’ll get an industry perspective of application security, understand the key vulnerabilities to applications, be able to analyze root cause, and provide practical and proven techniques in building out an application security initiative. This course gives executives and managers the education and practical guidance they need to ensure that software projects properly address security. The course is designed to provide a firm understanding of the importance of software security, the critical security activities required within the software development lifecycle, and how to efficiently manage security issues during development and maintenance. This understanding is reinforced through industry awareness, live demonstrations of commonly found application vulnerabilities and workgroup exercises allowing attendees to conduct capability assessments and recommend improvement plans.

==Student Requirements==
None.

==Objectives==
Skill: Basic Training

# Be aware of secure application development and the value it brings
# Be able to compare your project with other comparable companies efforts in application security
# Understand that application security risks and their associated business risks need to be identified for all applications
# Be aware of the key security areas and understand the major threats to each
# Understand application security root causes, analyze an organization’s capability and utilize proven techniques in planning and managing an effective application security initiative.
# Understand how to successfully integrate secure coding activities and techniques across the application development lifecycle
# Be able to determine whether their team has the appropriate skills to build a secure application, and how to build teams with the required skills.
# Be familiar with common application security tools and technologies for building secure web applications and what security capabilities they provide

==Instructor==
'''Instructor: ''' Aspect Security has been working with development teams around the country for years to help them identify, diagnose, and address security issues throughout the application development lifecycle. Through these efforts, they have learned the key practices that development and project managers, and key support personnel must know to achieve secure applications.

Aspect’s instructors are full-time application security specialists that spend the majority of their time working with clients to secure the nation’s most critical applications. Leveraging this practical experience brings the class to life. Students will gain valuable insight into lessons learned from other development organizations. Our instructors also make themselves available to you for application security questions after the course is complete.

Aspect is a Founding OWASP Member and supports several OWASP projects. In particular, Aspect conceived the OWASP Top Ten project and led the effort to build the document. We also built WebGoat and Stinger and donated them to the OWASP effort. Aspect personnel assist with the management of the OWASP Foundation and help run the OWASP AppSec conference series.

[[Category:AppSec_DC_2010_Training]] [[Category:Basic_Training]]]

← Older revision		Revision as of 21:21, 10 November 2014
Line 34:		Line 34:


−	[[Category:OWASP/~~Training~~ AppSec_DC_2010]] [[Category:OWASP/~~Training~~ Basic]]	+	[[Category:OWASP Training/AppSec_DC_2010]] [[Category:OWASP Training/Basic]]

← Older revision		Revision as of 20:46, 10 November 2014
Line 34:		Line 34:


−	[[Category:~~AppSec_DC_2010_Training~~]] [[Category:~~Basic_Training]~~]]	+	[[Category:OWASP/Training AppSec_DC_2010]] [[Category:OWASP/Training Basic]]

← Older revision	Revision as of 00:08, 7 November 2010
(No difference)

Leading an AppSec Initiative - Revision history

Achim: category OWASP/Training changed to OWASP Training

Achim: category changed to OWASP/Training AppSec_DC_2010

Jeff Williams: moved Leading an AppSec Initative to Leading an AppSec Initiative

Mark.bristow: Created page with '__NOTOC__ link=http://www.owasp.org/index.php?title=OWASP_AppSec_DC_2010 [https://guest.cvent.com/EVENTS/Register/IdentityConfirmation.aspx?e=…'

Mark.bristow: Created page with 'NOTOC link=http://www.owasp.org/index.php?title=OWASP_AppSec_DC_2010 [https://guest.cvent.com/EVENTS/Register/IdentityConfirmation.aspx?e=…'