|
|
Line 25: |
Line 25: |
| | | |
| ---- | | ---- |
− |
| |
− | == '''Topic: NoSQL Security''' ==
| |
− |
| |
− | '''Speaker: Bryan Sullivan'''
| |
− |
| |
− | [[Image:BryanSullivan.JPG]]
| |
− |
| |
− | Bryan Sullivan is a Senior Security Researcher with Adobe Systems, where he focuses on cloud security issues. Prior to Adobe, he was a program manager on Microsoft's Security Development Lifecycle team, and a development manager at HP, where he helped to design HP's vulnerability scanning tools WebInspect and DevInspect.<br><br>Bryan has spoken at security industry conferences such as Black Hat, RSA Conference, BlueHat and TechEd on topics such as RIA architecture, REST, cryptography, denial-of-service defense, URL rewriting, and applying secure development processes to Agile projects. He was the author of the MSDN Magazine column Security Briefs, and is the coauthor of the books Ajax Security (Addison-Wesley, 2007) and the upcoming Secure Web Applications, A Beginner's Guide (McGraw-Hill, 2011).
| |
− |
| |
− | '''Abstract: NoSQL Security'''<br>
| |
− |
| |
− | NoSQL databases are rapidly gaining popularity, especially for use in distributed, high-availability cloud services. But are we making the same mistakes with NoSQL in the childhood of the cloud that we made with SQL in the childhood of the web? This talk will examine some general security issues that come with emphasizing the Availability aspect of Consistency/Availability/Partition-tolerance, and we'll also look at some specific issues with popular NoSQL databases such as MongoDB and Cassandra.
| |
− |
| |
− | == '''Sponsors:''' ==
| |
− |
| |
− | [[Image:BPS Logo.jpg|http://www.businesspartnersolutions.com/]]
| |
− |
| |
− | <br>BPS has experience with fortune 500, City, and State Government clients. BPS has working technical knowledge in the following areas of security and compliance:
| |
− |
| |
− | Audit trail monitoring and planning<br>Business continuity planning and disaster recovery<br>Configuration management<br>Data classification<br>Incident response planning<br>Policy development<br>Risk analysis and acceptance<br>Forensics<br>Forensic tools and methodology<br>Secure software development lifecycle (SDLC)<br>Vulnerability management and remediation<br>Project management<br><br><br>
| |
− |
| |
− | <br>
| |
| | | |
| ---- | | ---- |
Revision as of 23:54, 19 May 2011
Local News
Sign up for OWASP Los Angeles mailing list, very low volume and spam free.
The AppSec USA 2010 conference received rave reviews. Thanks to all the volunteers and great speakers who helped make it a success!
http://2010.AppSecUSA.org
Check out the videos: http://vimeo.com/user4863863/videos
Next Chapter Meeting: Wednesday, April 27, 2011 7:00 P.M. - 8:30 P.M.
Symantec
900 Corporate Pointe
Culver City, CA 90232
Please RSVP: http://owasp-april2011.eventbrite.com/
Donate Funds to Los Angeles Chapter
<paypal>Los Angeles</paypal>
Would you like to speak at an OWASP Los Angeles Meeting?
Call for Papers (CFP) is NOW OPEN. To speak at upcoming OWASP Los Angeles meetings please submit your BIO and talk abstract via email to Tin Zaw. When we accept your talk, it will be required to use the Powerpoint OWASP Template.
Archives of Previous Meetings
2009 Meetings
2010 Meetings
2011 Meetings
A list of previous presentations conducted at the Los Angeles Chapter can be found here.
Los Angeles Chapter