OWASP AppSec India Conference 2008 AppSec For Managers

Summary
Most of the current effort in Application Security is directed towards securing applications after deployment to production. In an ideal environment however, security is at the forefront of daily operations, saving an organization time and money. This course aims to make this a reality by teaching executives and information security managers their important role in Application Security, giving them a general understanding of the threat landscape, and outlining the controls they may use to start or enhance their current Application Security Program. A major case study and various demonstration based components are used to guide students in understanding their role and how they can improve their organization's overall security posture.

Course Overview
Part 1 : Application Security - The Threat Landscape Part 2 : Application Security - Architecture & Security Principles Part 3 : Secure SDLC

Students who take this course will be able to
* Understand the threat landscape in application security * Acquire the toolset required for securing and assessing their applications * Learn aspects of Secure SDLC * Be able to articulate a plan to start an Application Security Program * Learn metrics to aid in assessing organization's application security posture * Be able to confidently promote application security throughout the organization

Who Should Attend
* CISO's and CSO's   * Information security managers * Introduction to concepts of Application Security * Designated security experts * Anyone with a desire to understand application security

About Instructor
Jason is a Senior Application Security Engineer at Aspect Security during which time he has performed code reviews, penetration testing and training at a variety of financial, commercial, and government institutions. He is a certified GIAC Secure Software Programmer in Java and before joining Aspect, he was a Java Software Developer and a Java course instructor for Johns Hopkins University. He is currently working on the OWASP UI Verification Project and along with Arshan Dabirsiaghi, he is a core developer of the OWASP AntiSamy Project. Jason received his Post-Master's in Computer Science with a concentration in Information Security from Johns Hopkins University and both his Master's and B.S in Computer Science from Cornell University.