Name: OWASP LA Monthly In-Person Meeting - JUN 28, 2023
Start: 2023-06-28T17:30:00-07:00
End: 2023-06-28T20:30:00-07:00
Location: Lawrence Harvey Recruitment Los Angeles

**TOPIC**: Security Architecture - What is it? How to Deploy it
Join us for great networking, dinner and drinks, and see a presentation by **Miguel (Mike) O. Villegas**, President and Founder of iSecurePrivacy, LLC.

**ABSTRACT**: Security Architecture is a security design that addresses the technology goals, approaches, controls, and potential for the enterprise. It also specifies when and where to apply security controls. This discussion starts from the enterprise perspective using SABSA (Sherwood Applied Business Security Architecture). It then introduces COBIT, from ISACA, which is a framework that focuses on the governance and management of enterprise IT. TOGAF (The Open Group Architecture Framework) aligns security with business needs. Then there is the OWASP SAMM (Software Assurance Maturity Model) that is a framework for helping organizations analyze their current software security practices in the development of new applications. Within these four security architectures, we will also talk about some software secure coding standards such as (PCI Software Security Framework, SEI CERT Coding Standards, NIST SSDF, Microsoft Secure Coding Guidelines , and OWASP Secure Coding Practices). These standards are important, but they need to be based on meeting the business strategic objectives, business model, and business needs. That is what security architectures provide.

**Thanks to our Sponsor**: *[Prisma Cloud](http://clicks.meetup.com/ls/click?upn=XbaZ37larFA-2FuV5MohrYpTvD1J2bsxCjJbCKpoUGcPX3ewIL6pwqLwS8EmLCqWDu56u15chieLBwkLYUA-2BE3hQ-3D-3DM8gd_WM5sMlpZkKyL6J3f7XI96QGBrITe-2BRJXXCpWUxw24IDDJ89Oqk7zfAbTXIJvn2-2FXExV79iHLnHjn7YCOgznKPut0-2BHcpkVsng4o0CxUdl9nQsnzg-2Bloz0CMWkwupp2HtjKPiDSvQZwdrTjUDs15rvHvPz1z7RVyL9onv1xb5iitljbKVZq2I2awg-2BiKK-2FO4xm-2F7b-2BkA-2BQJJN7g9Um9Q7lgcHxH4jIrpN2r0Jf8HFJ6z-2Bii1KFxC1p3R7-2FnuS7iUxRQ40AE6YZNM5GF1LSuvn7nG8AAHA1oQ3rHNeY-2BIglNtL-2FuHNnA6edfQg33XpsvDs0KVXCvQbFcIwMPKGJhP-2FQjWgzviLb9Sv9L7z8tuMSg141AiTKEIzFxjbFPFonSyu8T-2F0i655p9hGcgw2Nefyt60A3pLHfFSY157LAcY-2F0Ro0LF8dlzXqA3oqIUDHH5JcSXVFZlNK8ap69n5rU-2FnfzOzJ7jr47ZbylzeolniAERlS8PiQaTYAgCaZp4-2Fqt7KV9XadFCkcGd3A86D576KfSsVJ6WkzxblmlesVuPBv6nIB2avLDPLnMiWgBx9gdvvti-2BQ-2Beowt1Vs-2FL3e5C8NqOVOFn12N7HPVmtfoFrZoArgFEhdE8pC-2BOAupVJyUbm9YWZzlFuY-2Fgyrxt6jpL10e-2BtWPNaXFwfsa5HxfUtDuwZUo5Hp-2BiKjCAyITVwkEQOa1)*
*The Most Complete Cloud-Native Application Protection Platform (CNAPP). Prisma Cloud secures applications from code to cloud, enabling security and DevOps teams to effectively collaborate to accelerate secure cloud-native application development and deployment.*

**SPONSOR Opportunities Available**
*Vendors interested in sponsoring send an email to sponsorship.la@owasp.org*

Edmond Momartin

OWASP Los Angeles

OWASP® Foundation 

OWASP - LA

Wallarn

Application Detection and Response for Modern Enterprises

Contrast Security

Helping AppSec Teams Make Security a Priority

Kodem

AppSec made simple pipelineless detection and secret mitigation.

Arnica

Secure open source software without the dev productivity tax

Endor Labs

DefectDojo is the platform and product that enables scalable security

DefectDojo

One platform to connect all edges, everywhere

Cato Networks

Securing the Applications Driving Our World

Checkmax

equips your dev and security teams with tools to build a mature AppSec

Mend io

Technology

Ethical Hacking

Mobile Development

Web Design

Web Security

Software Development

Web Technology

OWASP

Computer Security

Information Technology

Open Source

IT Professionals

Information Security

Web Development

Web Application Security

Application Security

**Miguel (Mike) O. Villegas** is the President and Founder of iSecurePrivacy, LLC. His is currently CISO for TRISTAR Insurance Group, the largest privately owned Third-Party Administrator (TPA) in USA. He is also current CTO for Xahive, a cybersecurity software firm specializing in security awareness training and compliance software.  He was previously SVP for K3DES, LLC., Director of Information Security at Newegg, Inc., and Contributing Writer for SearchSecurity.com -TechTarget with over 150 articles.
 
He has over 35 years of Information Systems Security and IT audit experience. Mike was previously Vice President & Technology Risk Manager for Wells Fargo Services responsible for IT Regulatory Compliance and was also a partner at Arthur Andersen and Ernst & Young for their information systems security and IS audit groups over a span of nine years.
 
Mike was president of the LA ISACA Chapter during 2010\-2012 and president of the SF ISACA Chapter during 2005\-2006\. He was the SF Fall Conference Co\-Chair from 2002–2007 and served two years as Vice President on the Board of Directors for ISACA International\. He is a CISA\, CISSP\, CDPSE\, CEH\, CSX\|F\, CSX\|A\, PCI\-QSA\, and ISO/IEC Lead Implementer\.  As of February 1\, 2023\, he has fifteen \(15\) years experience as a PCI QSA\, PA\-QSA and three \(3\) years experience as a PCI SSF Assessor\.  Mike is Certification Chair for the ISACA LA Chapter and has taught CISA review courses for over 25 years\.

OWASP Los Angeles

OWASP - LA

Wallarn

Contrast Security

Kodem

Arnica

Endor Labs

DefectDojo

Cato Networks

Checkmax

Mend io

OWASP LA Monthly In-Person Meeting - JUN 28, 2023

OWASP Los Angeles

Details

Sponsors

OWASP - LA

Wallarn

Contrast Security

Kodem

Arnica

Endor Labs

DefectDojo

Cato Networks

Checkmax

Mend io

Members are also interested in