This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "OWASP AppSec India Conference 2008 AppSec For Managers"

From OWASP
Jump to: navigation, search
(Students who take this course will be able to)
(About Instructor)
 
(3 intermediate revisions by the same user not shown)
Line 25: Line 25:
  
 
== About Instructor ==
 
== About Instructor ==
[[Image:Jason_Li.jpg|thumb|100px|frame|left|Jason Li]]
+
[[Image:Nish_Head.jpg|thumb|10px|frame|left|Nish Bhalla]]
<b>Jason</b> is a Senior Application Security Engineer at Aspect Security during which time he has performed code reviews, penetration testing and training at a variety of financial, commercial, and government institutions. He is a certified GIAC Secure Software Programmer in Java and before joining Aspect, he was a Java Software Developer and a Java course instructor for Johns Hopkins University. He is currently working on the OWASP UI Verification Project and along with Arshan Dabirsiaghi, he is a core developer of the OWASP AntiSamy Project. Jason received his Post-Master's in Computer Science with a concentration in Information Security from Johns Hopkins University and both his Master's and B.S in Computer Science from Cornell University.
+
<b>Nishchal Bhalla</b> is the founder of Security Compass, an Application Security Consulting and Training company. He has over 13 years industry experience.
 +
 
 +
Nish has co-authored, contributed & edited many security books including
 +
- Buffer Overflow Attacks & Hacking Exposed - Web Applications, IInd Edition.
 +
 
 +
He has spoken & taught at many conferences including Blackhat, ShmooCon and RSA.

Latest revision as of 17:58, 2 July 2008

Application Security for Managers

Summary

Most of the current effort in Application Security is directed towards securing applications after deployment to production. In an ideal environment however, security is at the forefront of daily operations, saving an organization time and money. This course aims to make this a reality by teaching executives and information security managers their important role in Application Security, giving them a general understanding of the threat landscape, and outlining the controls they may use to start or enhance their current Application Security Program. A major case study and various demonstration based components are used to guide students in understanding their role and how they can improve their organization's overall security posture.

Course Overview

Part 1 : Application Security - The Threat Landscape

Part 2 : Application Security - Architecture & Security Principles

Part 3 : Secure SDLC


Students who take this course will be able to

  • Introduction to concepts of Application Security
  • Understand the threat landscape in application security
  • Acquire the toolset required for securing and assessing their applications
  • Learn aspects of Secure SDLC
  • Be able to articulate a plan to start an Application Security Program
  • Learn metrics to aid in assessing organization's application security posture
  • Be able to confidently promote application security throughout the organization

Who Should Attend

  • CISO's and CSO's
  • Information security managers
  • Designated security experts
  • Anyone with a desire to understand application security

About Instructor

Nish Bhalla

Nishchal Bhalla is the founder of Security Compass, an Application Security Consulting and Training company. He has over 13 years industry experience.

Nish has co-authored, contributed & edited many security books including - Buffer Overflow Attacks & Hacking Exposed - Web Applications, IInd Edition.

He has spoken & taught at many conferences including Blackhat, ShmooCon and RSA.

Retrieved from "https://wiki.owasp.org/index.php?title=OWASP_AppSec_India_Conference_2008_AppSec_For_Managers&oldid=33200"