|
February Monthly Meeting
Adding Security to Your Company's SDLC
Abstract:
There are multiple documents, methodologies and schools of thought for adding security activities to the various steps of the SDLC. In this presentation we will review several of the more popular methodologies and discuss advantages / disadvantages of each. We will also discuss common challenges and resistance when trying to add security to an entrenched development process.
Speaker:
Jerry Hoff, WhiteHat Security
Speaker Bio:
Jerry Hoff is vice president of the Static Code Analysis division at WhiteHat Security. In this role, he oversees the development of WhiteHats cloud-based static application security testing (SAST) service. Prior to WhiteHat, Mr. Hoff was co-founder and managing partner ofInfrared Security, a leading application security professional services firm. Mr. Hoff is an experienced application security consultant with years of professional development and training delivery. He is also the lead of the OWASP AppSec Tutorial Series.
Date:
February 9
Time:
12:00 p.m. - 1:30 p.m.
COST (including presentation and buffet lunch):
- ISSA/OC Members who RSVP and Pay Online: $15
- $20 for non-members of ISSA
If any member would like to bring a guest please email their Name, Company and Email Address to pauljkennedyoc@gmail.com
PAYMENT: Cash or check at the door, no credit cards accepted.
Location:
Dave & Busters - 71 Fortune Dr. Irvine, CA 92618-2917
Registration Link:
Click Here
Cloud Security Training
Cloud Computing Security Knowledge- Basic (31 January 2010)
The Cloud Computing Security Knowledge- Basic class provides students a comprehensive one day review of cloud security fundamentals and prepares them to take the Cloud Security Alliance CCSK certification exam. Starting with a detailed description of cloud computing, the course covers all major domains in the latest Guidance document from the Cloud Security Alliance, and the recommendations from the European Network and Information Security Agency (ENISA). This class is geared towards security professionals, but is also useful for anyone looking to expand their knowledge of cloud security. (We recommend attendees have at least a basic understanding of security fundamentals, such as firewalls, secure development, encryption, and identity management).
Price includes test token to take the CCSK exam.
http://irvineccsk-basic.eventbrite.com/
Cloud Computing Security Knowledge- Plus (31 Jan - 01 Feb 2012)
The CCSK- Plus class builds upon the CCSK Basic class with expanded material and extensive hands-on activities with a second day of training. Students will learn to apply their knowledge as they perform a series of exercises as they complete a scenario bringing a fictional organization securely into the cloud.
This second day of training includes additional lecture, although students will spend most of their time assessing, building, and securing a cloud infrastructure during the exercises. A notebook computer with wireless capability is required for the second day of class.
Price includes test token to take the CCSK exam.
Note: The 1st day of the Plus class is conducted in conjunction with the Basic class.
http://irvineccsk-plus.eventbrite.com/
FY12 ISSA OC Board
Candidates:
- President - Powell Hamilton
- Vice President / Program Director - Paul Kennedy
- Membership Director - Shong Chong
- Treasurer - Jeff Messer, Darlene Dean
- Secretary/Recorder - Virginia-Maria Weldon
If you are an ISSA OC member or you know an ISSA member who you would like to nominate, please email nominate@issa-oc.org
|
|
Members can join us
