This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Pilot Cambridge WebAppSec Mini Conference 2012
The Department of Computing & Technology, Anglia Ruskin University and OWASP (Open Web Application Security Project) are jointly hosting a free mini conference on Web Application Security in Cambridge on Tuesday 28th February 2012 4 – 8pm, entitled
Building in Security for Application Development
Tuesday 28 February 2012
Hosted by the Department of Computing & Technology, Anglia Ruskin University and OWASP (Open Web Application Security Project)
The Department of Computing & Technology at Anglia Ruskin University in partnership with OWASP are ateempting to establish a joint professional networking group and local chapter in the Cambridge/East Anglia region concentrating on aspects of computing and application security as a key part of both organisations drive to promote the importance of including security withoin application development. Anyone wishing to help establish a group or become invloved, please let us know.
In addition, the establishment of a local Information Security Student Society affilated to OWASP is another activity we are keen to promote.
Guest speakers:
Dennis Groves: Dennis is the co-founder of OWASP. He is a well known thought leader in application security who's work focuses on multidisciplinary approaches to information security risk management. He holds an MSc in Information Security from the University of Royal Holloway. He is currently an expert for the UK mirror of ISO subcommittee 27, WG4.
Fabio Cerullo: Fabio is currently working as an Information Security Specialist at AIB Bank (Dublin, Ireland). His tasks include performing risk analysis, assessing the security of web applications developed internally or purchased from third parties, define policies and standards on secure coding, as well as providing training on web application security to developers, auditors, executives and security professionals. As a member of the OWASP organization, Fabio is part of Global Education Committee whose mission is to provide training and educational services to businesses, governments and educational institutions on application security, he also coordinates international conferences around this topic, and since early 2010 has been appointed chairman of OWASP Chapter in Ireland. He has been granted the CISSP certificate by (ISC) 2 back in 2006.
Colin Watson: Colin is the Technical Director for Watson Hall Ltd, an application security consultancy providing services such as application defence, web application risk management, secure software development lifecycle, online and web project security & privacy policies, He writes a less-technical blog aimed at website designers, developers and owners called Web Security, Usability and Design and tweet occasionally as Clerkendweller. Colin also serves as a Global Industry Committee Member for the OWASP Foundation.
Background
<
Tackling today's security challenges now far exceeds the "we've got a firewall connected to the Internet so we're covered" fallacy. Increasingly the most critical areas of vulnerability and weakness have become the web application server and client. Protecting corporate and personal data has never been more crucial with the increasing trend towards mandatory public disclosure of 'lost' data and the ever increasing loss of reputation, regulatory penalties and litigation from victims.
Developing secure code is the most effective method of securing an organisations web applications which results in a more stable and robust application and assists in protecting an organisations brand. However the ability to develop this code takes additional skill and know-how which traditionally has not commonly formed part of many computer science curricula and most organizations have not focused on instituting a culture that includes application security as a core part of their software development training
The Department of Computing & Technology at Anglia Ruskin University is enhancing its curricula and capabilities in information security following its successful BSc(Hons) Information Security and Forensic Computing pathway. Establishing a joint professional networking group with OWASP concentrating on aspects of computing and application security is a key part of this enhancement. A key aim the department is working towards is developing a MSc Information Security specialising in Application Security and as part of this activity looking to develop a local Information Security Student Society.
</div>
Agenda
- 4.30pm - 5.00pm Welcome and introductions, Adrian Winckles, Senior Lecturer, Information Security & Forensic Computing.
- 5.00pm - 5.30pm Dennis Groves, Introduction to OWASP and Application Security 02 Project Framework
- 5.30pm - 6.30pm Fabio Cerullo, Open Software Assurance Maturity Model and Enterprise Security API
- 6.30pm - 7.00pm Colin Watson, AppSensor Project - Intrusion Detection
- 7.00pm - 8.00pm Informal drinks and networking
Registration
<a href="http://www.surveymonkey.com/s/QL3NYH3" target="_blank" title="Registration Page - opens in new browser window">Register for this event online</a>.
</div>
Location
The conference will be held in the Lord Ashcroft Building, Room 002 (Breakout Room 006 for networking & refreshments).
Please enter through the Helmore Building and ask at reception.
Anglia Ruskin University
Cambridge Campus
East Road
Cambridge
Cambs
CB1 1PT
Get further information on <a href="/ruskin/en/home/your_university/anglia_ruskin_campuses/cambridge_campus/find_cambridge.html" title="Travelling to the Cambridge Campus">travelling to the university. </a>