[SASAG] Fwd: [Owasp-seattle] Next OWASP Seattle Meeting - 4/28 @ 6:30PM

Bill Levering idbill at planx.com
Wed Apr 22 14:10:44 PDT 2009

For those who don't know OWASP - the free and open application  
security community:


Begin forwarded message:

> Hi,
> 	So, after a lengthy delay we have lined up some speakers, reserved  
> the room and set the date for the next OWASP Seattle chapter  
> meeting.  As always there will be food, grog (e.g. beer, pop and  
> water) here is the pertinent information:
> Date: 4/28/2009 (that is next Tuesday)
> Time: 6:30PM ish
> Location: Las Margaritas in Bellevue (437 108th Ave NW Bellevue, WA  
> 98004)
> 	If you could please RSVP to me so I can know roughly how many  
> people are going to show I would greatly appreciate it.
> 	Last but not least here is the speaker line-up:
> <speakers>
> Securing our Legacy
> Responding to the call to provide practical security assurance
> Scott Stender
> Partner, iSEC Partners,  Inc.
> Every few months witnesses the release of a much-hailed report from  
> an industry organization, think tank, or government agency calling  
> for the software that runs our critical infrastructure to be  
> secured.   Making the call is easy, acting on it is only slightly  
> harder, but succeeding at it is incredibly difficult.
> Of all of the tasks that must be undertaken to truly meet the call,  
> the single biggest challenge I have seen companies face is  
> delivering security assurance on legacy code.  This talk will  
> explore the challenge of providing security assurance for these old,  
> little-loved, but heroic systems that power our lives.   More  
> importantly, It will include guidance for software development  
> managers and engineers seeking to gain insight into the operation of  
> their legacy systems, mechanisms by which important security  
> assertions can be gathered, and practical methods for carrying out  
> penetration tests and code reviews with the aim of providing a high  
> degree of security assurance.
> Scott Stender is a co-founder and Partner of iSEC Partners, a  
> strategic digital security organization. Scott brings with him  
> several years of experience in large-scale software development and  
> security consulting, having worked at  @stake and Microsoft in  
> previous lives.
> In his research, Scott focuses on secure software engineering  
> methodology and analysis of core technologies. Scott has been  
> published in publications such as IEEE Security & Privacy, and has  
> presented at Microsoft Blue Hat and at Black Hat conferences on  
> several occasions. Scott holds a BS in Computer Engineering from the  
> University of Notre Dame.
> Application Issues with encryption of PANs.
> Ashok Misra
> Sr. Manager Paymens & Security, Real Networks
> There are unique application issues related to the storage and  
> processing of credit card numbers for ecommerce transaction  
> processing. This talk focuses on issues with the various  
> cryptographic primitives used for PANs.
> Ashok Misra is an Ecommerce professional with more than 10 years  
> experience delivering results for leading ecommerce merchants.
> He is currently Sr. Manager Payments & Security in the Media  
> Applications Platform Development Division for e-Commerce products  
> for Real Networks, Inc in Seattle, Washington. He brings an  
> unusually comprehensive insight into security and payments processing.
> Ashok is responsible for the Billing for Real’s Consumer Divisions.  
> He takes a leadership role in identifying new opportunities in the  
> consumer payments domain. He has extensive hands on experience in  
> merchant integration with several leading payment providers.
> Prior to working with Real Networks he built backend components for  
> ecommerce for Amazon.com.
> He has comprehensive domain knowledge in consumer payments over the  
> internet with Credit Cards, EU Direct Debit , Real time Bank  
> Transfers , Redirect Payment Instruments, Fraud Detection and PCI  
> Compliance.
> </speakers>
> I hope to see y'all there and if you could let me know you are  
> coming that would be cool :).
> Thanks,
> Mike de Libero & Scott Stende
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sasag.org/pipermail/members/attachments/20090422/8c632254/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 195 bytes
Desc: This is a digitally signed message part
URL: <http://lists.sasag.org/pipermail/members/attachments/20090422/8c632254/attachment.bin>

More information about the Members mailing list