Whew, what a week. After a few days in Bumblefuck, WI I drove to Minneapolis yesterday for Cf.Objective() where I gave my talk this morning. Had a pretty packed room, I'd guess 40+ folks were there. I'm glad its over and I am on my way to NYC for a fun weekend and a chance to play with my new toy, a Canon Powershot SD800 IS camera. w00t!
Want the presentation? Email me and I can send you a PDF. When I get back from NYC that is. 80+ hour weeks suck... I'm going to be drinking many Manhattans in Manhattan this weekend.
Showing posts with label Cf.Objective(). Show all posts
Showing posts with label Cf.Objective(). Show all posts
Friday, May 04, 2007
Wednesday, May 02, 2007
Cf.Objective() Preview Talk
My preview talk for Cf.Objective(), Security and the SDLC: Threat Modeling, i online at Charlie Areharts User Group TV. Check it out here.
Wednesday, April 25, 2007
Preview of my Cf.Objective() Talk
Thanks to Charlie Arehart and the guys behind Cf.Objective(), I'll be presenting a 30 minute mini-talk on Friday entitled "Security and the SDLC: Threat Modeling". This will be the first online user group presentation I'll be doing and I'm pretty excited!
"In this 30 minute preview of his CFObjective seminar, Dean will examine how threat modeling can be used as a baseline activity to ensure the security of web applications. Threat modeling is a structured approach for identifying, evaluating and mitigating risks to system security. By modeling a system as an attacker would, development organizations can prioritize the usage of a development/security budget, manage risks to system security and find vulnerabilities earlier than technical testing or code reviews. Applied early in the development lifecycle, threat modeling can be used to drive further secure SDLC activities, such as code reviews and penetration testing to ensure the security of your software throughout its lifetime."
While this is billed as a preview of my Cf.Objective() talk, its more of a parallel track. In this talk I'll be hitting on one of the three high ROI activities that can be added to the SDLC in order to begin addressing the problem of software insecurity. Of course at Cf.Objective() I'll be spending more time on the baseline activities, including code reviews and penetration testing, and how they fit into the overall development lifecycle.
I hope people will RSVP for this online meet-up and then come see me in Minneapolis next week!
"In this 30 minute preview of his CFObjective seminar, Dean will examine how threat modeling can be used as a baseline activity to ensure the security of web applications. Threat modeling is a structured approach for identifying, evaluating and mitigating risks to system security. By modeling a system as an attacker would, development organizations can prioritize the usage of a development/security budget, manage risks to system security and find vulnerabilities earlier than technical testing or code reviews. Applied early in the development lifecycle, threat modeling can be used to drive further secure SDLC activities, such as code reviews and penetration testing to ensure the security of your software throughout its lifetime."
While this is billed as a preview of my Cf.Objective() talk, its more of a parallel track. In this talk I'll be hitting on one of the three high ROI activities that can be added to the SDLC in order to begin addressing the problem of software insecurity. Of course at Cf.Objective() I'll be spending more time on the baseline activities, including code reviews and penetration testing, and how they fit into the overall development lifecycle.
I hope people will RSVP for this online meet-up and then come see me in Minneapolis next week!
Subscribe to:
Posts (Atom)