Denim Group has been acquired by Coalfire. Learn More>>

Virtual Application Security Track at TRISC


There isn’t a formal application security track at TRISC (yet!), so I thought I would put together a list of the application security-focused talks.

Please be sure to check out John Dickson’s talk Tuesday at 1:45 in the Amphitheatre titled “The Permanent Campaign: Driving a Secure Software Initiative” and also check out my talk on “Securing SharePoint” Tuesday at 3:15 in Ballroom B.


  • 1:00: Ballroom A: Rohyt Belani – Phishing 2.0, Ballroom B: David Lissberger – Hacking Through a Firewall
  • 2:00: Ballroom B: Josh Sokol – Using Proxies to Secure Applications and More
  • 3:15: Ballroom B: Robert Hansen & Rob MacDougal – Assessing Your Web App Manually Without Hacking It


  • 8:30: Keynote: Johnny Long
  • 12:45: Ballroom A: Trey Ford – Top Website Vulnerabilities: Trends, Business Effects, How To Fight Them, Ballroom B: Mano Paul – Web 0wn3d (OWASP Top 10) In Depth & Demonstrated
  • 1:45: Amphitheater: John Dickson – The Permanent Campaign: Driving a Secure Software Initiative in the Enterprise, Ballroom B: Matt Tesauro – OWASP Live CD: An Open Environment for Web Application Security
  • 3:15: Ballroom B: Dan Cornell – Securing SharePoint
  • 4:15: Ballroom A: Joseph Krull – PCI Compliance – Convert Drudgery Into a Powerful Security Framework, Ballroom B: Erhan Kartaltepe & Ravi Ganesan – A New Standard for Establishing Trust in Cross Domain XHR

As I have mentioned before, OWASP members get a $100 discount on TRISC 2009 attendance.  Seeing as how OWASP membership now costs $50 that is a great deal.  Bailout!  Contact me for more specific info.  For OWASP San Antonio we will be treating TRISC as our March meeting (regular meetings to resume in April).

TRISC website:
OWASP Membership Website:

dan _at_

About Dan Cornell

Dan Cornell Web Resolution

A globally recognized application security expert, Dan Cornell holds over 15 years of experience architecting, developing and securing web-based software systems. As the Chief Technology Officer and a Principal at Denim Group, Ltd., he leads the technology team to help Fortune 500 companies and government organizations integrate security throughout the development process. He is also the original creator of ThreadFix, Denim Group's industry leading application vulnerability management platform.
More Posts by Dan Cornell

Leave a Reply

Your email address will not be published. Required fields are marked *