This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP AppSec India Conference 2008 AppSec For Managers"
(→Who Should Attend) |
(→Students who take this course will be able to) |
||
| Line 10: | Line 10: | ||
=== Students who take this course will be able to === | === Students who take this course will be able to === | ||
| − | + | *Introduction to concepts of Application Security | |
| − | + | *Understand the threat landscape in application security | |
| − | + | *Acquire the toolset required for securing and assessing their applications | |
| − | + | *Learn aspects of Secure SDLC | |
| − | + | *Be able to articulate a plan to start an Application Security Program | |
| − | + | *Learn metrics to aid in assessing organization's application security posture | |
| + | *Be able to confidently promote application security throughout the organization | ||
=== Who Should Attend === | === Who Should Attend === | ||
Revision as of 17:52, 2 July 2008
Application Security for Managers
Summary
Most of the current effort in Application Security is directed towards securing applications after deployment to production. In an ideal environment however, security is at the forefront of daily operations, saving an organization time and money. This course aims to make this a reality by teaching executives and information security managers their important role in Application Security, giving them a general understanding of the threat landscape, and outlining the controls they may use to start or enhance their current Application Security Program. A major case study and various demonstration based components are used to guide students in understanding their role and how they can improve their organization's overall security posture.
Course Overview
Part 1 : Application Security - The Threat Landscape
Part 2 : Application Security - Architecture & Security Principles
Part 3 : Secure SDLC
Students who take this course will be able to
- Introduction to concepts of Application Security
- Understand the threat landscape in application security
- Acquire the toolset required for securing and assessing their applications
- Learn aspects of Secure SDLC
- Be able to articulate a plan to start an Application Security Program
- Learn metrics to aid in assessing organization's application security posture
- Be able to confidently promote application security throughout the organization
Who Should Attend
- CISO's and CSO's
- Information security managers
- Designated security experts
- Anyone with a desire to understand application security
About Instructor
Jason is a Senior Application Security Engineer at Aspect Security during which time he has performed code reviews, penetration testing and training at a variety of financial, commercial, and government institutions. He is a certified GIAC Secure Software Programmer in Java and before joining Aspect, he was a Java Software Developer and a Java course instructor for Johns Hopkins University. He is currently working on the OWASP UI Verification Project and along with Arshan Dabirsiaghi, he is a core developer of the OWASP AntiSamy Project. Jason received his Post-Master's in Computer Science with a concentration in Information Security from Johns Hopkins University and both his Master's and B.S in Computer Science from Cornell University.
