OWASP Monthly Meeting - May 28, 2014

OWASP Los Angeles Chapter Board WINS Best Chapter Leader!

Join OWASP today and become a member  of our community.

Speaker: Robert Zigweid

Topic: Cloud Security Through Threat Modeling

One of the most effective tools developers can implement in their security development lifecycle programs is threat modeling. Robert will discuss how effective threat modeling techniques enable developers to uncover security vulnerabilities before code is even written. Together they will reveal how threat modeling also applies to cloud environments. Whether building a hybrid model, purely commodity cloud, or Virtual Private Cloud (VPC) environment, threat modeling helps identify the attack surface area and likely threat vectors. Finally, they will explain to attendees that threat modeling allows developers and operations personnel to address vulnerabilities as enterprises migrate to the cloud. 

Robert Zigweid

As an IOActive Director of Services, Robert Zigweid is responsible to both perform and ensure quality on engagements, working with clients to discover and solve network and application problems that threaten their business goals and assets. Mr. Zigweid is an accomplished developer and application tester, with advanced skills in the creation and analysis of systems architecture and threat modeling. 

In addition to his direct efforts on penetration tests, security reviews, and network and application audits, Mr. Zigweid frequently contributes to the advancement of more stable, secure systems through his research and development. His research and the resultant presentations at top industry conferences furthers the formal understanding of application and network security for audiences at varying levels of technical fluency.

Mr. Zigweid also helped develop IOActive's secure coding and Software Development Lifecycle training courses, sharing his deep understanding of industry best practices and guidelines to help our clients develop applications capable of resisting both internal and external threats.

Thanks to our Sponsor:

IOActive is the only security consultancy with a global presence and deep expertise that spans hardware, software, and wetware. We secure the Global 1000 in all facets of their enterprise and product portfolios in an era when vulnerabilities are mounting and threats evolve daily. Our team of internationally recognized experts partner with you to solve your toughest security challenges. Core competencies include penetration testing, reverse engineering, code review, social engineering, and hardware security assessments. With expertise far beyond off-the-shelf tools, IOActive conducts in-depth analysis of information systems, software/hardware architecture, and source code using leading information risk management security frameworks and carefully focused threat models. 

Join or login to comment.

  • Brad B.

    very great presentation

    May 29

  • Terence D.

    Great meeting with Robert Zigweid at the present. He talked about Threat Modeling in system development. His advice and insight seemed to be very practical. Robert let us interrupt at any time with questions. He handled all the questions well and then got right back on course with the presentation. There were a few Power Point glitches; however, we could talk us through the ideas even if Power Point was uncooperative. I liked the way he keep the whole presentation at a conversational level. He made it very easy for us to participate with questions. I learned a great deal and it was easy to follow his key points. All and all a great presentation.

    May 28

  • Chris C.

    Extremely informative and useful

    May 28

  • Richard G.

    Today the board released the OWASP Foundation worldwide annual report http://wiki.owasp.org/images/8/...­

    May 6

Our Sponsors


    Authentic8 puts you back in control.

  • Guidance Software

    Recognized worldwide as the industry leader in endpoint investigation

  • Check Point

    The worldwide leader in securing the Internet

  • WinMagic

    Makes it easy to secure data!

  • Whitehat Security

    End-to-end solutions for Web security.

  • ioActive

    IOActive security consultancy with global presence and deep expertise

  • Contrast Security

    Secure Apps at their Source.

  • Qualys

    QualysGuard Web Application Scanning (WAS)

  • Click below:


  • Cigital, Inc

    The world’s largest consulting firm specializing in software security

  • Trend Micro

    A global leader in security software

  • Checkmarx

    Ensures your application remains hacker-proof.

  • SecureAuth

    SecureAuth is a technology leader in enterprise identity governance.

  • Symantec Corporation

    Provide security, storage and systems management solutions

  • BeyondTrust

    The global leader in privileged identity and threat management solutions

  • Security Innovation

    The Application Security Company

  • Palo Alto Networks

    Their Next-Generation Firewall enables applications

  • Arxan Technologies

    Sharing thought leadership & best practices on mobile apps security

  • Bay Dynamics

    IT Analytics

  • Venafi

    Inventor and market leader: Enterprise Key & Certificate Management

  • Trustwave

    Simple solutions to your complex security and compliance challenges

  • Phone Factor

    Multi-factor authentication to protect against today's threats

  • GreenSQL

    Database Security and Compliance for EVERY organisation.

People in this
Meetup are also in:

Create a Meetup Group and meet new people

Get started Learn more

I started the group because there wasn't any other type of group like this. I've met some great folks in the group who have become close friends and have also met some amazing business owners.

Bill, started New York City Gay Craft Beer Lovers

Start your Meetup today

Act now and get 50% off.
Until February 1.

Sign up

Meetup members, Log in

By clicking "Sign up" or "Sign up using Facebook", you confirm that you accept our Terms of Service & Privacy Policy