OWASP Los Angeles

TOPIC: Security Architecture - What is it? How to Deploy it
Join us for great networking, dinner and drinks, and see a presentation by President and Founder of iSecurePrivacy, LLC.

ABSTRACT: Security Architecture is a security design that addresses the technology goals, approaches, controls, and potential for the enterprise. It also specifies when and where to apply security controls. This discussion starts from the enterprise perspective using SABSA (Sherwood Applied Business Security Architecture). It then introduces COBIT, from ISACA, which is a framework that focuses on the governance and management of enterprise IT. TOGAF (The Open Group Architecture Framework) aligns security with business needs. Then there is the OWASP SAMM (Software Assurance Maturity Model) that is a framework for helping organizations analyze their current software security practices in the development of new applications. Within these four security architectures, we will also talk about some software secure coding standards such as (PCI Software Security Framework, SEI CERT Coding Standards, NIST SSDF, Microsoft Secure Coding Guidelines , and OWASP Secure Coding Practices). These standards are important, but they need to be based on meeting the business strategic objectives, business model, and business needs. That is what security architectures provide.

Thanks to our Sponsor: Prisma Cloud
The Most Complete Cloud-Native Application Protection Platform (CNAPP). Prisma Cloud secures applications from code to cloud, enabling security and DevOps teams to effectively collaborate to accelerate secure cloud-native application development and deployment.

SPONSORSHIP Opportunities Available
Vendors interested in sponsoring please send an email to [masked]

CODE OF CONDUCT
We hope you enjoy the event, we care deeply about inclusivity and diversity so that OWASP is a comfortable and welcoming community for everyone. Please reach out to one of our chapter leaders if you have any feedback/concerns or would like to speak to us, we take these matters very seriously. You can find out more about our policies here:
https://owasp.org/www-policy/operational/conferences-events.html#conference-and-event-anti-harassment-policy

TOPIC: Anatomy of a Breach: Dissecting Cloud Security

Join us for great networking, dinner and drinks, and see a presentation by John Heenan, Cloud Security Solutions Architect, Palo Alto Networks.

ABSTRACT: Cloud security presents unique challenges. As enterprises continue to move to the cloud, security practitioners face new threats and paradigms. In this session, we’ll forensically reconstruct major cloud-centric breaches and step through them, building an understanding of what happened, how it happened, and developing key takeaways to help secure our own infrastructure, especially in AWS, Azure, and GCP.

SPONSORSHIP Opportunities Available
Vendors interested in sponsoring please send an email to [masked]

CODE OF CONDUCT
We hope you enjoy the event, we care deeply about inclusivity and diversity so that OWASP is a comfortable and welcoming community for everyone. Please reach out to one of our chapter leaders if you have any feedback/concerns or would like to speak to us, we take these matters very seriously. You can find out more about our policies here:
https://owasp.org/www-policy/operational/conferences-events.html#conference-and-event-anti-harassment-policy