Los Angeles

Local News
Please follow @appsec2010for the latest updates on AppSec USA 2010 conference.

http://www.AppSecUSA.org

Secure Coding Practices and Procedures, and Threat Modeling at Symantec
Meeting Location The Olympic Collection Banquet & Conference Center 11301 West Olympic Boulevard West Los Angeles, CA 90064 (310) 575-4585 Please RSVP via Eventbrite (http://owaspla.eventbrite.com/)

Description:

Description: Threat Modeling is one of the most important security activities that a development/QA team needs to perform as part of a Security Development Lifecycle. This activity allows the team to build a complete security profile of the system being built. Threat Modeling is not always easy to get going for a team that has little or no security experience. In this presentation we’ll take a look at why Threat Modeling is so important; we’ll explore the process behind it, and how the process is being implemented and followed across Symantec.

Speakers:  '''Mike O. Villegas, CISA, CISSP, GSEC, Director of Information Security, Newegg.com

'''Edward Bonver, CISSP, CSSLP, Principal Software Engineer, Product Security Symantec Corporation

Edward Bonver is a principal software engineer on the product security team, which is part of Symantec Research Labs under the Office of the CTO at Symantec Corporation. In this capacity, Edward is responsible for working with software developers and quality assurance (QA) professionals across Symantec to continuously enhance the company’s software security practices through the adoption of methodologies, procedures and tools for secure coding and security testing. Within Symantec, Edward teaches secure coding and security testing classes for Symantec engineers, and also leads the company’s QA Security Task Force, which he founded. Prior to joining Symantec, Edward held software engineering and QA roles at Digital Equipment Corporation, and small networking companies.

Edward is a Certified Information Systems Security Professional (CISSP), a Certified Secure Software Lifecycle Professional (CSSLP), and is a professional member of the Institute of Electrical and Electronics Engineers (IEEE) and the Association of Computing Machinery (ACM). He holds a masters degree in computer science from California State University, Northridge, and a bachelors degree in computer science from Rochester Institute of Technology. Edward is a Ph.D. student at NOVA Southeastern University.

= Would you like to speak at an OWASP Los Angeles Meeting? =

Call for Papers (CFP) is NOW OPEN. To speak at upcoming OWASP Los Angeles meetings please submit your BIO and talk abstract via email to [mailto:tin.zaw@owasp.org Tin Zaw]. When we accept your talk, it will be required to use the Powerpoint OWASP Template.

= Archives of Previous Meetings =

A list of previous presentations conducted at the Los Angeles Chapter can be found here.

= Los Angeles Chapter =


 * [mailto:tin.zaw@owasp.org Tin Zaw] -- Chapter Leader and Chair
 * [mailto:cassio@owasp.org Cassio Goldschmidt] -- Board Member
 * [mailto:richard.greenberg@owasp.org Richard Greenberg] -- Board Member