October 6th in NY @ Pace University 12-3pm One Pace Plaza, Multi-Purpose Room New York, NY 10038
On the agenda will be project updates underway locally and around the world from the active chapter leaders and guest speakers
Secure Web Development Teaching Modules - Li-Chiou Chen - Pace University
Abstract -This talk will introduce SWEET (Secure WEb dEvelopment Teaching), a set of portable teaching modules in secure web development. The purpose of the SWEET project is to enhance the learning experience of computing students through portable teaching modules and environment in secure web development. Each SWEET teaching module or tutorial includes concepts in a nutshell along with structured laboratory exercises that illustrate these concepts. SWEET laboratory exercises are built upon a pre-configured VMware virtual machine running Ubuntu Linux. The virtual machine is pre-installed with open source web applications and web security tools, including OWASP’s WebGoat and ZAP.
Database Security, Risk, and Compliance In the Cloud - Rich Tsai - Application Security, Inc.
Abstract -In their research document “The Cloud Wars: $100+ billion at Stake,”[i] Merrill Lynch predicted the cloud computing market will reach $160 billion in revenue this year. Some say that the unprecedented hype surrounding this new paradigm stems from the disruptive departure cloud computing represents from traditional computing and operational processes. Cloud computing offers important on-demand computing benefits including pay-as-you-go and self-service where capacity is elastic and applications are deployed without regard to underlying architecture. Discussed during this presentation will be measures to ensure security is properly executed, control over data access in place, compliance is minded, and expectations are appropriately set.
When Databases Attack - Scott Sutherland - NetSPI
Abstract -It is well understood that high value databases support critical applications and store sensitive information, but they can also be used to escalate privileges in Windows environments and propagate botnets across the internet. This presentation will provide developers and system administrators with a better understanding of how those attacks are conducted.
RSVP Requested: https://www.owasp.org/index.php/NYNJMetro