San Francisco, California
London, United Kingdom
OWASP MSP Presents
Date: Monday, July 16th, 2012
5:30 PM Room opens for networking and CPE signup
6:15 PM Welcome: OWASP chapter update
6:30 PM Josh More
7:45 PM Wrap-up
Thank You Cargill for sponsoring our meeting location
Talk Title: LEAN SECURITY
Abstract: For years, we've been told the key to security is technology. We purchase and deploy technology to create layers behind layers, making our walls taller and taller to keep the bad guys out. Sadly, it's not working.
What does work is combining lessons learned in other industries to the security world. By examining best practices within Lean Manufacturing, Agile Development and Rugged DevOps, this presentation delivers ways you can be successful in security, not by purchasing technology, but by:
- Effectively using what you have and what you can get for free
- Re-allocating security budget from the point of diminishing return
- Identifying and maximizing learning opportunities
- Engaging in small, inexpensive test projects
- Choosing custom and rational metrics to measure what matters
- Replacing defective systems with ones that grow with you
- Turning security from a catch-up game into one of strategic and competitive advantage.
Success in security depends on the right mix of people, technology and process. Without all three, you are doomed to failure.
*You must be registered for the event to attend.
Please contact Lorna at firstname.lastname@example.org or 651-338-0243 if you would like to sponsor a meeting or meeting location for an upcoming OWASP MSP meeting.
When & Where
The Open Web Application Security Project (OWASP) is an open community dedicated to enabling organizations to conceive, develop, acquire, operate, and maintain applications that can be trusted. All of the OWASP tools, documents, forums, and chapters are free and open to anyone interested in improving application security. We advocate approaching application security as a people, process, and technology problem because the most effective approaches to application security include improvements in all of these areas. The OWASP Minneapolis-St. Paul chapter was host to OWASP AppSec USA 2011 at the Minneapolis Convention Center September 20-23, 2011. Get the presentation material at http://www.appsecusa.org/.