• Presentations
• Articles

Presentations

Application Security: Static Analysis, Dynamic Analysis and How to Use Them Together - Recent Object-Oriented Trends (ROOTs Conference), Bergen Kongressenter, Norway, April 29, 2008

Securing the SDLC: A Case Study (PDF format) - Texas Regional Infrastructure Security Conference (TRISC), San Antonio, April 22, 2008

Static Analysis Techniques for Testing Application Security (PDF format) - OWASP, Austin, March 25, 2008

Static Analysis Techniques for Testing Application Security (PDF format) - OWASP, San Antonio, January 31, 2008

Threat Modeling for the Masses: Threat Modeling Applied (WMV format) - Part 2 of Webinar Series, November 27th, 2007

Threat Modeling for the Masses: Basic Threat Modeling (WMV format) - Part 1 of Webinar Series, November 13th, 2007

Top Two Application Security Scanner Companies Get Acquired: The Fallout and Industry Reaction (WMV format) - Webinar, September 5th, 2007

Web 2.0 and AJAX Security - OWASP, Montgomery, Alabama, August 21st, 2007

Agile and Secure: Can We Be Both (PDF format) - Association of Information Technology Professionals (AITP), San Antonio, August 15th, 2007

Cross Site Request Forgery (CSRF) (PDF format) - OWASP, Austin, July 31st, 2007

Agile and Secure: Can We Be Both? (PDF format) - OWASP, Chicago, June 20th, 2007

Threat Modeling: A Secure Development Tool for Security Professionals (PDF format) - ISSA, San Diego, June 20th, 2007

Agile and Secure: Can We Be Both? (PDF format) - Java Users Group, Chicago, June 19th, 2007

Agile and Secure: Can We Be Both? (PDF format) - SASPIN, San Antonio, June 13th, 2007

Web 2.0 Security (PDF format) - OWASP, Houston, Texas, June 5, 2007

OWASP Top Ten: Evolution from 2004 to 2007 (PDF format) - Internal Denim Group Briefing

Web 2.0 Security (PDF format) - Web Services Security Conference, Baltimore, Maryland, May 9th, 2007

Web Application Remediation (PDF format) - OWASP San Antonio, March 28th, 2007

Web 2.0 Security (PDF format) - AJAXWorld 2007, New York City, NY, March 21st, 2007

Threat Modeling (PDF format) - OWASP, Austin, Texas, October 31st, 2006

Using Sprajax to Test AJAX Security (PDF format)- OWASP AppSec 2006, Seattle, WA, October 16th, 2006

Agile and Secure: Can We Be Both? (PDF format) - OWASP AppSec 2006, Seattle, WA, October 16th, 2006

Introduction to Web Application Security (PDF format) - Microsoft CSP Roundtable - Houston, Texas, September 13th, 2006

AJAX Security - Here We Go Again (PDF format) - OWASP Austin, Texas, August 29th, 2006

Turning the Battleship - How to Build Secure Software in Large Organizations (PDF format) - ISACA North Dallas, May 11th, 2006

The Second Most Secure Database (PDF format) - ISACA North Dallas, May 11th, 2006

AJAX Security: Here We Go Again (introduces Sprajax, AJAX security assessment tool) (PDF format) - OWASP San Antonio, April 19th, 2006

Business Intelligence: Real ROI Using the Microsoft Business Intelligence Platform (PDF format) - Microsoft Houston Office, Houston, Texas, April 6th, 2006

Building Solutions with SharePoint Technologies (PDF format) - Technology Advocates of San Antonio, March 15th, 2006

An Introduction to Application Security in ASP.NET Environments (PDF format) - Houston .NET User Group, February 23rd, 2006

The Second Most Secure Database (PDF format) - OWASP San Antonio, February 16th, 2006

Data Strategies for Growing Companies: Moving Beyond Access and Excel (PDF format) - Seminar: Data Strategies for Growning Companies, Double Tree Hotel, San Antonio, Texas, November 30th, 2005

Introduction to Application Security (PDF format) - Double Tree Hotel, San Antonio, Texas, November 11th, 2005

Building Solutions with SharePoint Technologies (PDF format) - Sharepoint Seminar, November 4th, 2005
Watch Video

How to Build a Trusted Application (PDF format) - Dallas ISSA, October 20th, 2005

Introduction to Application Security (PDF format) - River Oaks Country Club, Houston, Texas, October 19th, 2005

Building Solutions with SharePoint Technologies (PDF format) - Sharepoint Seminar, August 31st, 2005

Threat Modeling - Categorizing the Nature and Severity of Application Vulnerabilities (PDF format) - OWASP San Antonio, August 18, 2005

Threat Modeling - Categorizing the Nature and Severity of Application Vulnerabilities (PDF format) - Alamo ISSA, August 16th, 2005

An Introduction to Application Security in J2EE Environments (PDF format) - Dallas Java Metroplex Users Group, March 9th, 2005

Application Security and the SDLC (PDF format) - San Antonio Software Process Improvement Network (SA-SPIN) September 8th, 2004

Custom Application Security (PDF format) - ISACA Houston, July 2004

Application Security and the SDLC (PDF format) - San Antonio Software Process Improvement Network (SA-SPIN) June 9th, 2004