San Francisco, California
London, United Kingdom
OWASP MSP Presents
How I Learned to Stop Worrying and Teach Developers
Date: Monday, October 7, 2013
5:30 PM Room opens for networking
6:15 PM Welcome: OWASP chapter update
6:30 PM Perry Hemmingsen
7:45 PM Wrap-up
Thank You Cargill for sponsoring our meeting location
Talk Title: How I Learned to Stop Worrying and Teach Developers
Can you speak developer? In this talk, we will discuss building a security awareness program as it relates to your most tech-savvy users–software engineers. In this day-and-age of sharing and online openness, we’ll talk about strategies to keep your secrets confidential, while at the same time allowing your developers access to the information they need to get their job done. Understanding the pressures and day-to-day responsibilities a developer experiences goes a long way in understanding how to best approach security. Awareness is only one step in writing secure code, but it is often the biggest challenge you need to face in establishing a successful application security program. Whether you are building the program from the ground-up, or tweaking current processes to make the program run a bit smoother, having the development team working with you is essential in making sure your entire application environment is secure. Arming your developers with the knowledge and awareness they need means less headaches for you when it comes time for the dreaded code review.
is a Senior Security Analyst at a major health care/health insurance provider, focusing primarily on application security as it relates to web applications, mobile devices and service-oriented architecture. From time to time, he also works on projects surrounding data encryption, internal vulnerability assessment, web and mobile HIPAA and PCI compliance, and third-party software acquisitions. Within the last two years, he has successfully developed brand new procedures around web and mobile application security, including implementing tools for static analysis. Perry has also developed curriculum and implemented in-house security training, educating software developers on appropriate security topics and techniques for identification and mitigation within their own code
*You must be registered for the event to attend.
Please contact Alex at firstname.lastname@example.org or 651-587-4572 if you would like to sponsor a meeting or meeting location for an upcoming OWASP MSP meeting.
When & Where
The Open Web Application Security Project (OWASP) is an open community dedicated to enabling organizations to conceive, develop, acquire, operate, and maintain applications that can be trusted. All of the OWASP tools, documents, forums, and chapters are free and open to anyone interested in improving application security. We advocate approaching application security as a people, process, and technology problem because the most effective approaches to application security include improvements in all of these areas. The OWASP Minneapolis-St. Paul chapter was host to OWASP AppSec USA 2011 at the Minneapolis Convention Center September 20-23, 2011. Get the presentation material at http://www.appsecusa.org/.