This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Pilot Cambridge WebAppSec Mini Conference 2012"

From OWASP
Jump to: navigation, search
(Guest Speakers)
(Guest Speakers)
Line 12: Line 12:
 
== Guest Speakers ==
 
== Guest Speakers ==
  
<strong>Dennis Groves:</strong>  Dennis is the co-founder of OWASP. He is a well known thought leader in application security who's work focuses on multidisciplinary approaches to information security risk management. He holds an MSc in Information Security from the University of Royal Holloway. He is currently an expert for the UK mirror of ISO subcommittee 27, WG4.<br /><br /><strong>Fabio Cerullo: </strong> Fabio has over 10 years of experience in the information security field across a diverse range of industries. As CEO & Founder of Cycubix, he helps customers around the globe building and optimizing risk assurance initiatives, assessing the security of applications developed internally or purchased from third parties, defining policies and standards on secure coding, as well as providing training on the subject to developers, auditors, executives and security professionals. As a member of the OWASP organization, Fabio is part of Global Education Committee whose mission is to provide training and educational services to businesses, governments and educational institutions on application security. He coordinates international conferences around this topic, and since early 2010 has been appointed OWASP Ireland Chapter Leader. Fabio holds a Msc in Computer Engineering from UCA and has been granted the CISSP & CSSLP certificates by (ISC)2. <br /><br /><strong>Colin Watson:</strong> Colin is the Technical Director for Watson Hall Ltd, an application security consultancy providing services such as application defence, web application risk management, secure software development lifecycle, online and web project security &amp; privacy policies,  He writes a less-technical blog aimed at website designers, developers and owners called Web Security, Usability and Design and tweet occasionally as Clerkendweller.  Colin also serves as a Global Industry Committee Member for the OWASP Foundation.<br />
+
<strong>Dennis Groves:</strong>  Dennis is the co-founder of OWASP. He is a well known thought leader in application security who's work focuses on multidisciplinary approaches to information security risk management. He holds an MSc in Information Security from the University of Royal Holloway. He is currently an expert for the UK mirror of ISO subcommittee 27, WG4.<br /><br /><strong>Fabio Cerullo: </strong> Fabio has over 10 years of experience in the information security field across a diverse range of industries. As CEO & Founder of Cycubix, he helps customers around the globe assessing the security of applications developed internally or purchased from third parties, defining policies and standards on secure coding, building and optimizing risk assurance initiatives, as well as providing training on the subject to developers, auditors, executives and security professionals. As a member of the OWASP organization, Fabio is part of Global Education Committee whose mission is to provide training and educational services to businesses, governments and educational institutions on application security. He coordinates international conferences around this topic, and since early 2010 has been appointed OWASP Ireland Chapter Leader. Fabio holds a Msc in Computer Engineering from UCA and has been granted the CISSP & CSSLP certificates by (ISC)2. <br /><br /><strong>Colin Watson:</strong> Colin is the Technical Director for Watson Hall Ltd, an application security consultancy providing services such as application defence, web application risk management, secure software development lifecycle, online and web project security &amp; privacy policies,  He writes a less-technical blog aimed at website designers, developers and owners called Web Security, Usability and Design and tweet occasionally as Clerkendweller.  Colin also serves as a Global Industry Committee Member for the OWASP Foundation.<br />
  
 
== Background ==
 
== Background ==

Revision as of 13:50, 16 February 2012


The Department of Computing & Technology, Anglia Ruskin University, with support from volunteer contributors to the OWASP (Open Web Application Security Project), is hosting a free mini conference on Web Application Security in Cambridge on Tuesday 28th February 2012 from 4pm – 8pm, entitled

Building in Security for Application Development

The Department of Computing & Technology at Anglia Ruskin University in partnership with OWASP are attempting to establish a joint professional networking group and local chapter in the Cambridge/East Anglia region concentrating on aspects of computing and application security as a key part of both organisations drive to promote the importance of including security within application development. Anyone wishing to help establish a group or become involved, please let us know.

In addition, the establishment of a local Information Security Student Society affiliated to OWASP is another activity we are keen to promote.

Guest Speakers

Dennis Groves: Dennis is the co-founder of OWASP. He is a well known thought leader in application security who's work focuses on multidisciplinary approaches to information security risk management. He holds an MSc in Information Security from the University of Royal Holloway. He is currently an expert for the UK mirror of ISO subcommittee 27, WG4.

Fabio Cerullo: Fabio has over 10 years of experience in the information security field across a diverse range of industries. As CEO & Founder of Cycubix, he helps customers around the globe assessing the security of applications developed internally or purchased from third parties, defining policies and standards on secure coding, building and optimizing risk assurance initiatives, as well as providing training on the subject to developers, auditors, executives and security professionals. As a member of the OWASP organization, Fabio is part of Global Education Committee whose mission is to provide training and educational services to businesses, governments and educational institutions on application security. He coordinates international conferences around this topic, and since early 2010 has been appointed OWASP Ireland Chapter Leader. Fabio holds a Msc in Computer Engineering from UCA and has been granted the CISSP & CSSLP certificates by (ISC)2.

Colin Watson: Colin is the Technical Director for Watson Hall Ltd, an application security consultancy providing services such as application defence, web application risk management, secure software development lifecycle, online and web project security & privacy policies, He writes a less-technical blog aimed at website designers, developers and owners called Web Security, Usability and Design and tweet occasionally as Clerkendweller. Colin also serves as a Global Industry Committee Member for the OWASP Foundation.

Background

Tackling today's security challenges now far exceeds the "we've got a firewall connected to the Internet so we're covered" fallacy. Increasingly the most critical areas of vulnerability and weakness have become the web application server and client. Protecting corporate and personal data has never been more crucial with the increasing trend towards mandatory public disclosure of 'lost' data and the ever increasing loss of reputation, regulatory penalties and litigation from victims.

Developing secure code is the most effective method of securing an organisations web applications which results in a more stable and robust application and assists in protecting an organisations brand. However the ability to develop this code takes additional skill and know-how which traditionally has not commonly formed part of many computer science curricula and most organizations have not focused on instituting a culture that includes application security as a core part of their software development training

The Department of Computing & Technology at Anglia Ruskin University is enhancing its curricula and capabilities in information security following its successful BSc(Hons) Information Security and Forensic Computing pathway. Establishing a joint professional networking group with OWASP concentrating on aspects of computing and application security is a key part of this enhancement. A key aim the department is working towards is developing a MSc Information Security specialising in Application Security and as part of this activity looking to develop a local Information Security Student Society.


Agenda

  • 4.30pm - 5.00pm Welcome and introductions, Adrian Winckles, Senior Lecturer, Information Security & Forensic Computing.
  • 5.00pm - 5.30pm Dennis Groves, Introduction to OWASP and Application Security 02 Project Framework
  • 5.30pm - 6.30pm Fabio Cerullo, Open Software Assurance Maturity Model and Enterprise Security API
  • 6.30pm - 7.00pm Colin Watson, AppSensor Project - Intrusion Detection
  • 7.00pm - 8.00pm Informal drinks and networking

Registration

Please register online for this free event : http://www.surveymonkey.com/s/QL3NYH3

Location

The conference will be held in the Lord Ashcroft Building, Room 002 (Breakout Room 006 for networking & refreshments).

Please enter through the Helmore Building and ask at reception.

Anglia Ruskin University
Cambridge Campus
East Road
Cambridge
Cambs
CB1 1PT


For further infotmation on travelling to the Cambridge campus, please visit http://www.anglia.ac.uk/ruskin/en/home/your_university/anglia_ruskin_campuses/cambridge_campus/find_cambridge.html