Calagator

Support Calagator on Patreon

Get Involved: Blog | Forum | Code
Something not right? File an issue

Change 58894

Time

Attribute with previous and current values

Change #58894

2021-04-09

21:05:18

create Calagator::Event 1250477666 Application Security -- The Framework, Processes and Tools to Secure Your Apps Roll back

description	nil	→	RSVP: https://www.meetup.com/OWASP-Portland-Chapter/events/277480846/ Excerpt: Traditionally, breaches that make the news are about stealing data and that data being resold for financial gains. Think Target, Ashley Madison, Marriott and so many more. Recently a spotlight was put on supply chain security via the SolarWinds breach and how that affected many companies. The adversaries were able to inject malicious code into applications that have a lot or rights and are widely deployed in many organizations, small and large alike. We will discuss the framework, your SDLC (SDL, SSDLC, etc.) – Secure Development Lifecycle – to lay out how you are going to develop and secure your applications. Customers care about this. Once you have your SDLC, you need to define your processes, select your tools, integrate them into your SDLC and finally automate those tools. This is not a short process and often multiple iterations are necessary to get to a good place. The goal of this presentation is to make you aware of a variety of tools that are out there, the various steps along the way of your SDLC you need to take and how to complete each of these steps. BIO: Derek Hill has over 25 years of experience in Information Security and Information Technology. He is currently the Director of AppSec engineering at ForgeRock, an Identity and Access management company, based in Vancouver, WA. He is responsible for implementing and improving the company’s product security on a continual basis. He works closely with software engineers and security engineers in multiple countries to ensure the ForgeRock products are developed securely and tested in all phases of the development lifecycle. In addition to his full time job, Derek is also a SANS community instructor teaching Security Leadership and CISSP prep courses. Prior to his current position, Derek held Information Security, IT management and technical roles at both large and small companies. In each role, he consistently focused on managing high-performing teams, delivering efficient solutions and providing excellent services to a variety of stakeholders, maximizing uptime and security. Derek also has significant experience in cloud technologies, responsible for moving, securing and maintaining them in various cloud environments through their lifecycle.
end_time	nil	→	2021-05-19 13:00:00 -0700
id	nil	→	1250477666
start_time	nil	→	2021-05-19 12:00:00 -0700
title	nil	→	Application Security -- The Framework, Processes and Tools to Secure Your Apps
venue_id	nil	→	202396695

calagator.org 1.1.0