BEGIN:VCALENDAR PRODID;X-RICAL-TZSOURCE=TZINFO:-//Calagator//EN CALSCALE:GREGORIAN X-WR-CALNAME:Calagator METHOD:PUBLISH VERSION:2.0 BEGIN:VTIMEZONE TZID;X-RICAL-TZSOURCE=TZINFO:America/Los_Angeles BEGIN:DAYLIGHT DTSTART:20190310T020000 RDATE:20190310T020000 TZOFFSETFROM:-0800 TZOFFSETTO:-0700 TZNAME:PDT END:DAYLIGHT END:VTIMEZONE BEGIN:VEVENT CREATED;VALUE=DATE-TIME:20190603T162138Z DTEND;TZID=America/Los_Angeles;VALUE=DATE-TIME:20190619T200000 DTSTART;TZID=America/Los_Angeles;VALUE=DATE-TIME:20190619T180000 DTSTAMP;VALUE=DATE-TIME:20190603T162138Z LAST-MODIFIED;VALUE=DATE-TIME:20190603T162138Z UID:http://calagator.org/events/1250475700 DESCRIPTION:Web Application Security spreads over the application functio nality\, the platform it is running on\, the development and deployment environment\, third-party applications used\, and last but not least\, t he open source code it utilizes. The requirements breadth is mind-boggli ng. You ignore any of these aspects and you become vulnerable. \;\n&# 13\;\nThis talk will discuss a structured approach to establish essentia l security requirements based on the CIA triad. The discussion will then expand over how these requirements manifest in the industry standards such as PCI\, Government agencies\, and globally. It will also delve int o third party and open source code scenarios. The audience will take ho me a checklist of different aspects of security requirements to consider when building a Web application. \;\n \;\nBio: Bhushan Gupta\, G upta Consulting\, LLC. \;\n \;\nProven champion for quality and we ll-versed with software quality engineering\, and an AppSec researcher\, Bhushan is the principal consultant at Gupta Consulting\, LLC. A Certif ied Six Sigma Black Belt (ASQ)\, he possesses deep and broad experience in solving complex problems\, change management\, and coaching and mento ring. As a member of Open Web Application Security Project (OWASP)\, he is dedicated to driving the AppSec to higher levels via integration of s ecurity into Agile software development life cycle. His research areas a re: elicitation of security requirements\, comprehensive testing approac hes beyond penetration testing\, application of test tools and use of AI (Machine Learning) in secure web application development. \;\n \; \nBhushan has a MS in Computer Science (1985) from New Mexico Tech and h as worked at Hewlett-Packard and Nike Inc. in various roles. He was a fa culty member at the Oregon Institute of Technology\, Software Engineerin g department\, from 1985 to 1995 and is currently an Adjunct Faculty mem ber.\n\nTags: AppSec\, owasp\, security\n\nImported from: http://calagat or.org/events/1250475700 URL:https://www.meetup.com/OWASP-Portland-Chapter/events/261650911/ SUMMARY:Portland OWASP - Security Requirement Elicitation with Bhushan Gu pta LOCATION:CloudBolt Software: 531 SE 14th Ave Suite 106\, Portland OR 9721 4 US SEQUENCE:1 END:VEVENT END:VCALENDAR