This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Podcast News"

From OWASP
Jump to: navigation, search
m (OWASP Podcast Roundtable)
m (OWASP Podcast Roundtable)
 
(24 intermediate revisions by 3 users not shown)
Line 1: Line 1:
'''[[Podcast_News|OWASP Podcast News]]'''
+
'''[[Podcast_News|OWASP Podcast News]]'''  
  
OWASP NEWS October 2009<br/>
+
OWASP NEWS 2010<br>  
  
==OWASP Podcast Roundtable ==
+
== OWASP Podcast Roundtable ==
  
'''Next Recording : October 22, 2009'''
+
'''Next Recording&nbsp;: Week of August 30, 2010. Day and Time TBD'''
  
The entire October 22 roundtable will focus on "Overcoming Objections to an Application Security Program"
+
Suggested Topics:
<br/>
 
http://jeremiahgrossman.blogspot.com/2009/08/overcoming-objections-to-application.html
 
  
<ul>
+
# Is application security "a science" or a "hobby"?
<li>"There have been no security problems in the past, nor is there any evidence we’ll be attacked in the future."/li>
+
# Do script kiddies, Ninjas, 3l1t3z, etc make a mockery of a serious business?
<li>"Security is an IT problem. They have firewalls, patch & configuration management systems, and SSL currently in place protecting us."/li>
+
# Is AppSec becoming a commodity service, what disciplines require skill and experience?
<li>"We need new features first and there is no discretionary budget left to allocate towards security."/li>
+
# ?
<li>"Hackers can't break in because our Web application can't be accessed externally."/li>
+
# ?
<li>"We outsource our software development and the vendor is responsible for making sure the code is secure."/li>
+
# ?
<li>"We use penetration-testing services. We fix or accept the risk of any issues found, which keeps us safe."/li>
 
<li>"We passed our most recent compliance audit and not required to do anything more."/li>
 
<li>"We trust our developers and they already know how to develop secure code after completing the training course."/li>
 
<li>"We already have scanning tools. Doing more will slow down the development process, inhibit innovation, and add large unnecessary costs."</li>
 
</ul>
 

Latest revision as of 16:59, 26 August 2010

OWASP Podcast News

OWASP NEWS 2010

OWASP Podcast Roundtable

Next Recording : Week of August 30, 2010. Day and Time TBD

Suggested Topics:

  1. Is application security "a science" or a "hobby"?
  2. Do script kiddies, Ninjas, 3l1t3z, etc make a mockery of a serious business?
  3. Is AppSec becoming a commodity service, what disciplines require skill and experience?
  4.  ?
  5.  ?
  6.  ?
Retrieved from "https://wiki.owasp.org/index.php?title=Podcast_News&oldid=88023"