This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Los Angeles/2010 Meetings/October 20

Revision as of 21:37, 31 May 2011 by Sarah Baso (talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Topic: Identity Management: Federation and Authorization

Speaker: Todd Calvert

Todd Calvert is currently the Western Region Business Development / Sales Director for Arcot Systems, based in Sunnyvale, California, where he has been with the company over two years. Prior to Arcot, he has been involved with various industries involving enterprise SW for application management, modeling & statistical analysis, and optimization for companies such as Compuware, KLA-Tencor, Nikon Inc., and Wind River. He graduated UC Santa Barbara in 1991 with a B.S. in Mathematical Sciences degree, and has spent much of his time to delivering educational & technical seminars and math tutoring on the side.

Topic: Sharks and Security

Speaker: Mano Paul

Mano Paul

Shark Researcher turned Security Guru!
Manoranjan (Mano) Paul (CSSLP, CISSP, AMBCI, MCSD, MCAD, CompTIA Network+, ECSA) is the Founder and CEO at SecuRisk Solutions and Express Certifications. Based out of Austin, Texas in the USA, SecuRisk Solutions specializes in three areas of information security solutions - Product Development, Consulting and Awareness, Training & Education while Express Certifications focuses on professional certifications like the CISSP, SSCP, CSSLP and the BCI certificate.

Before SecuRisk Solutions and Express Certifications, Mano played several roles from software developer, quality assurance tester, logistics manager, technical architect, IT strategist and Security Engineer/Program Manager/Strategist at Dell Inc. His information security experience includes designing and developing software security programs from Compliance-to-Coding, application security risk management, security strategy & management, and conducting security awareness training and education.

Mano started his career as a shark researcher in the Bimini Biological Field Station, Bahamas. His educational pursuit took him to the University of Oklahoma where he received his Business Administration degree in Management Information Systems (MIS) with various accolades and the coveted 4.0 GPA. He was a member of the OWASP Global Education Committee and actively participates in OWASP speaking, training and leadership events. He is also the appointed Software Assurance Advisor for (ISC)2, representing and advising the organization on software assurance strategy, training, education and certification. He has also served as an appointed faculty member and industry representative of the Capitol of Texas Information System Security Association (ISSA) chapter.

Mano has been featured in various domestic and international security conferences and is an invited speaker and panelist, delivering talks and keynotes in conferences such as the OWASP, CSI, Burton Group Catalyst, TRISC and SC World Congress conferences. He is the author of the Official (ISC)2 Guide to the Certified Secure Software Lifecycle Professional (CSSLPCM), contributing author for the Information Security Management Handbook, writes periodically for the Certification Magazine and has contributed to several security topics for the Microsoft Solutions Developer Network (MSDN).

Mano is married to Sangeetha Johnson whom he calls the “most wonderful and sacrificial person in this world” and their greatest fulfillment comes from spending time with their son – Reuben A Paul (RAP).

Abstract: Sharks and Security

Do you know what makes a shark a shark and a hacker a hacker? Which is the most dangerous shark and how does that fit the profile of a dangerous hacker? What does the tiger shark have to do with garbage collection? Is there any connection between the locomotion in sharks and reverse engineering? and more…

There are sharks at sea and there are sharks on land! Many are prevalent in the information security space. In this talk, Mano Paul, a shark biologist are researcher from the Bahamas turned security professional takes you through the similarities and differences that exists between sharks that are after our digital assets and the relatively less dangerous and beautiful creation that swims the ocean currents. The talk with the demo of a Trojan called SharkBait has take aways for the all kinds of audiences, whether they are management, technical or operational in scope.

Come for a fun-filled, highly interactive, and interesting presentation and leave with a new sense of appreciation on how to look at sharks and hackers and what you can do so that you or your organizations don't become shark bait.


Arcot Systems Inc is the largest cloud based authentication company in the world and also a leader in online security products including 3-D Secure (aka Verified-by-Visa / MasterCard SecureCode), Strong Authentication, Risk Assessment, Secure Document Delivery, Tokenization and Secure Digital Signing.Our Strength is in a token-less 2 Factor Authentication Methodology /Adaptive Authentication/Secure Digital Signing/3-D Secure/Tokenization to reduce PCI-DSS Audit cost.

ArcotID, 100% software based smart card, is the core constituent of this solution. ArcotID provides strong protection of digital IDs for multi-factor authentication, digital signatures and encryption. ArcotID uses Arcot's patented 'Cryptographic Camouflage' technology.

WebFort is Versatile Authentication Server (VAS) that supports ArcotID authentication in addition to One-Time-Password (OTP), Question-and-Answer and Password authentications