San Jose

Next Meeting - Thursday, June 29, 2006
Open to the public, attendance is free

Agenda and Presentations: 6:00pm – 6:30pm     Check-in and reception (food & bev) 6:30pm – 6:40pm     Chapter announcements 6:40pm – 7:30pm     FoRMa for Secure Software Development, Kris Kahn, Seagate Technology 7:35pm – 8:25pm     JavaScript Attacks & Intranet Applications, Jeremiah Grossman, WhiteHat Security 8:30pm – 9:00pm     Open discussion & Networking

Venue: San Jose Hyatt (Airport) 1740 North First Street San Jose, CA 95112

Framework of Risk Management & Analysis (FoRMA) for Secure Software Development Presented by: Kris Kahn, Sr. Governance Analyst, Seagate Technology Abstract: We frequently apply Risk Management concepts in our daily lives, whether it’s driving in the rain on the freeway, or crossing a busy intersection. It comes down to making a choice, taking a calculated risk to reach our objective. We decide quickly, making assumptions about the threats and about our environment. The lessons we learn from our failures help us make wiser decisions next time, if we survive. Using a new Framework of Risk Management & Analysis (FoRMA) for Secure Software Development, we will be able to make better decisions by understanding our threats. FoRMA will help us ensure that we have the appropriate level of protection to maximize our business objectives, increasing quality and minimizing cost.

Bio: Kris Kahn, CISSP-ISSAP,ISSMP, CISA, OPSA, currently a Sr. Governance Analyst at Seagate Technology. Passionate about security for more than 15 years, also worked for companies in the San Francisco Bay Area that include Autodesk, and Best Internet Communications. A CISSP since 2001, his key contributions include firewall architectures, risk management models, security assessment methodologies, and security awareness training. Kris has expertise in offensive, defensive and governance facets of security.

Please RSVP to via email [brian.bertacini@owasp.org] or call 408-979-0571

This event is co-sponsored by AppSec Consulting, Inc. and WhiteHat Security, Inc.