As may of you know, OWASP is a great resource. And once again OWASP is coming through with some great, free content to help us learn more about Application Security. So if you live in the Mpls/St. Paul area, or are going to be in town, consider checking out this conference. The highlight of the show is that Bruce Schneier will be speaking along with Kuai Hinojosa, Seth Peter, and Pravir Chandra
Earlier this week I found out that I have been nominated for an Adobe Community Achievement Awards (formerly CFEmmy). This is very exciting form me. Not only does it mean that at least one person has liked my blog, but it also means that I have accomplished a personal goal.
When I first started blogging, one of my goals was to be nominated for a CFEmmy. It certainly was not the primary goal. I would have started blogging anyway. But I wanted to produce something of quality that is helpful to others. I hope I have accomplished that.
If, like me, you were unable to attend the Open Web Application Security Project (OWASP) AppSec Conference in Krakow, Poland last month, you can now view the videos from the conference online.
Last year, after attending cf.Objective(), I became really excited about blogging and learning more, and presenting something at cf.Objective() 2009 because a personal goal. I even added it to my list of goals for 2009 on my annual review at work. Now it looks like I will achieve that goal. Sweet.
I had a great time last Wednesday speaking at the Minnesota Government Information Technology Symposium in St. Paul. I'm really glad they gave me the opportunity to speak about Application Security. I was very pleased with the turn out. I believe I had about 70-75 people in attendance.
My presentation ran about 2 hours. We covered a wide range of basic security topics:
- Assets, vulnerabilities, threats, and counter measures
- SQL Injection
- Cross-Site Scripting(XSS)
- Request Forgeries
- Password Security
For those that missed it, I am attaching my slides to this post.
I want to thank the organizers of the event for putting this on and allowing me to speak. I got a lot out of the symposium and enjoyed most of the presentations I attended. It also helped open my eyes, more, to a problem that I think is being overlooked in much of web development world. Accessibility. You can expect some more blog posts from me in the future about accessibility.
This Wednesday (12/17/2008), I will be speaking at the Minnesota Government Information Technology Symposium in St. Paul, MN.
From their website:
"As the premier IT event for Minnesota's public sector, the IT Symposium typically draws over 1,300 people! With its variety of content and sessions, the event is for anyone involved with or interested in information technology from ALL units of government and education..."
Tomorrow, October 21st, 2008, is the OWASP & FLOSS Application Security Mini-Conference 2008.
The Open Web Application Security Project (OWASP) is a worldwide free and open community focused on improving the security of application software. - OWASP Website
I have not yet looked at my feeds for the day yet, but I am going to guess that mine will be one of several reviews of the bFlex/BFusion training that took place in Bloomington, IN over the last couple days (Sept 6-7 2008).
For a while before we left for the LONG drive to Indiana (it took us 12 hours), I was beginning to wonder if it was worth it. 12 Hours is a long time, gas is expensive, hotels are expensive, had to take two days off of work just from driving, etc. Well, let me tell you, it was worth it. I had a blast, I learned a ton and I met some fantastic people. Also, I rode with 4 other people, so the gas and hotel were not that bad.