OWASP San Antonio: Next Meeting October 21st, 2009

owsap logo

Sponsored by:

dg horz

San Antonio OWASP Chapter: October 21, 2009

Topic: Rolling Out an Enterprise Source Code Review Program

Presenter: Dan Cornell, Principal at Denim Group

Date: October 21, 2009 11:30 a.m. – 1:00 p.m.

Location:

San Antonio Technology Center (Web Room)

3463 Magic Drive

San Antonio, TX 78229


View Larger Map

 

Abstract:

Source code review technology has rapidly advanced over the past several years and offers great promise of helping organizations detect and address software security defects.  However, many organizations stumble as they try to roll out these technologies because they fail to understand the people and process issues that must also be addressed.  This talk will present lessons learned from the creation of several enterprise source code review programs, including: identifying all sources of custom code in an organization including custom extensions to ERP systems and enterprise portals, selecting the first round of applications to scan and successfully interpreting results and driving resolution to identified issues.

 

Presenter Bio:

Dan Cornell has over ten years of experience architecting and developing web-based software systems. As CTO of Denim Group, he leads the organization’s technology team overseeing methodology development and project execution for Denim Group’s customers. He also heads the Denim Group security research team, investigating the application of secure coding and development techniques to the improvement of web-based software development methodologies.

 

Dan Cornell has performed as the CTO of BrandDefense, as founder and Vice President of Engineering for Atension prior to its acquisition by Rare Medium,  Inc. and as the Vice

President, Global Competency Leader for Rare Medium’s Java and Unix Competency Center. Cornell has also developed simulation applications for the Air Force with Southwest

Research Institute.

 

Dan was the founding coordinator and chairman for the Java Users Group of San Antonio (JUGSA) and is currently the chapter leader of the San Antonio chapter of the Open Web Application Security Project (OWASP). He is a recognized expert in the area of web application security for SearchSoftwareQuality.com and the primary author of Sprajax, Denim Group’s open source tool for assessing the security of AJAX-enabled web applications.

 

Sodas and snacks will be provided.  Feel free to bring a brown-bag lunch.

 

Please RSVP: E-mail owasprsvp@denimgroup.com  or call (210) 572-4400.

Posted via email from denimgroup’s posterous

About Dan Cornell

A globally recognized application security expert, Dan Cornell holds over 15 years of experience architecting, developing and securing web-based software systems. As the Chief Technology Officer and a Principal at Denim Group, Ltd., he leads the technology team to help Fortune 500 companies and government organizations integrate security throughout the development process. He is also the original creator of ThreadFix, Denim Group's industry leading application vulnerability management platform.
More Posts by Dan Cornell

Leave a Reply

Your email address will not be published. Required fields are marked *