Export to

• Google Calendar
• iCalendar file
• hCalendar markup
  <div class="vevent h-event"> <h1 class="summary p-name">OWASP: AppSec Testing Beyond Pen Test</h1> <div class='date'><time class="dtstart dt-start" title="2018-01-23T18:00:00" datetime="2018-01-23T18:00:00">Tuesday, January 23, 2018 from 6</time>–<time class="dtend dt-end" title="2018-01-23T20:00:00" datetime="2018-01-23T20:00:00">8pm</time></div> <div class="location vcard p-location h-card"> <a class="url" href='http://calagator.org/venues/202394847'><span class='fn org p-name'>Jama Software (New Office)</span></a> <div class="adr p-adr h-adr"> <div class="street-address p-street-address">135 SW Taylor Suite 200</div> <span class="locality p-locality">Portland</span> , <span class="region p-region">Oregon</span> <span class="postal-code p-postal-code">97204</span> <div class="country-name p-country-name">United States</div> (<a href='https://maps.google.com/maps?q=135%20SW%20Taylor%20Suite%20200,%20Portland%20Oregon%2097204%20United%20States'>map</a>) </div> </div> <div class="description p-description"> <p><b>Abstract:</b> Most web application security testing efforts are concentrated around penetration testing which is an art based on a hacker’s psyche, thought process, and determination to exploit vulnerabilities. But, does it yield a high level of confidence and sense of security in a developer’s mind? The answer is a “maybe” especially when the bad guy is obsessed with figuring out new exploits to hack your application. The web application developers have to think about intrinsic security - that is, building security throughout the SDLC. We build applications based upon well-formed customer requirements. Why should we not, then, build our applications based upon the fundamental principles of security and then harden security from the hacker’s perspective?</p> <p><b>Bio:</b> Principal consultant at Gupta Consulting LLC., Bhushan Gupta is passionate about development methods and tools that yield more secure web applications especially in the agile software development environment. As a researcher he has keen interest in understanding and applying fundamental principles and known methodologies to develop dependable and secure software solutions. His interests extend to Social Engineering and Attack Surface Analysis. Bhushan worked at Hewlett-Packard for 13 years in various roles including software quality lead, engineer, software process architect, and software productivity manager. He then developed a strong interest in web application security while working as a quality engineer for Nike Inc. Bhushan has been studying various facets of web application security and promoting how to apply common sense approach to build secure solutions. He is a certified Six Sigma Black Belt (HP and ASQ) and an adjunct faculty member at the Oregon Institute of Technology in Software Engineering. To learn more about Bhushan’s contributions to SDLC, visit <a href="http://www.bgupta.com">www.bgupta.com</a></p> </div> <h3>Links</h3> <ul> <li><a class="url u-url" href="https://www.owasp.org/index.php/Portland">Website</a></li> </ul> </div>