Pilot Cambridge WebAppSec Mini Conference 2012

The Department of Computing & Technology, Anglia Ruskin University and OWASP (Open Web Application Security Project) would like to invite you to attend a free mini conference on Web Application Security in Cambridge on Tuesday 28th February 2012 4 – 8pm, entitled

Building in Security for Application Development

Tuesday 28 February 2012

Hosted by the Department of Computing &amp; Technology, Anglia Ruskin University and OWASP (Open Web Application Security Project)

The Department of Computing & Technology at Anglia Ruskin University in partnership with OWASP is looking to establish a joint professional networking group and local chapter in the Cambridge/East Anglia region concentrating on aspects of computing and application security as a key part of both organisations drive to promote the importance of including security withoin application development.

In addition, the establishment of a local Information Security Student Society affilated to OWASP isa primary aim as well.

Guest speakers: Dennis Groves: Dennis is the co-founder of OWASP. He is a well known thought leader in application security who's work focuses on multidisciplinary approaches to information security risk management. He holds an MSc in Information Security from the University of Royal Holloway. He is currently an expert for the UK mirror of ISO subcommittee 27, WG4.

Fabio Cerullo: Fabio is currently working as an Information Security Specialist at AIB Bank (Dublin, Ireland). His tasks include performing risk analysis, assessing the security of web applications developed internally or purchased from third parties, define policies and standards on secure coding, as well as providing training on web application security to developers, auditors, executives and security professionals. As a member of the OWASP organization, Fabio is part of Global Education Committee whose mission is to provide training and educational services to businesses, governments and educational institutions on application security, he also coordinates international conferences around this topic, and since early 2010 has been appointed chairman of OWASP Chapter in Ireland. He has been granted the CISSP certificate by (ISC) 2 back in 2006.

Colin Watson: Colin is the Technical Director for Watson Hall Ltd, an application security consultancy providing services such as application defence, web application risk management, secure software development lifecycle, online and web project security &amp; privacy policies, He writes a less-technical blog aimed at website designers, developers and owners called Web Security, Usability and Design and tweet occasionally as Clerkendweller. Colin also serves as a Global Industry Committee Member for the OWASP Foundation.

Tackling today's security challenges now far exceeds the "we've got a firewall connected to the Internet so we're covered" fallacy. Increasingly the most critical areas of vulnerability and weakness have become the web application server and client. Protecting corporate and personal data has never been more crucial with the increasing trend towards mandatory public disclosure of 'lost' data and the ever increasing loss of reputation, regulatory penalties and litigation from victims.

Developing secure code is the most effective method of securing an organisations web applications which results in a more stable and robust application and assists in protecting an organisations brand. However the ability to develop this code takes additional skill and know-how which traditionally has not commonly formed part of many computer science curricula and most organizations have not focused on instituting a culture that includes application security as a core part of their software development training

OWASP (Open Web Application Security Project is a 501(c)(3) not-for-profit worldwide charitable organization focused on improving the security of application software. Their mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks.  A selection of OWASP's latest project and methodologies are being presented during the sessions.

The Department of Computing &amp; Technology at Anglia Ruskin University is enhancing its curricula and capabilities in information security following its successful BSc(Hons) Information Security and Forensic Computing pathway. Establishing a joint professional networking group with OWASP concentrating on aspects of computing and application security is a key part of this enhancement. A key aim the department is working towards is developing a MSc Information Security specialising in Application Security and as part of this activity looking to develop a local Information Security Student Society.

Agenda 

4.30pm - 5.00pm Welcome and introductions, Adrian Winckles, Senior Lecturer, Information Security &amp; Forensic Computing. 5.00pm - 5.30pm Dennis Groves, Introduction to OWASP and Application Security 02 Project Framework 5.30pm - 6.30pm Fabio Cerullo, Open Software Assurance Maturity Model and Enterprise Security API 6.30pm - 7.00pm Colin Watson, AppSensor Project - Intrusion Detection 7.00pm - 8.00pm Informal drinks and networking  

 Registration Register for this event online.

Loation The conference will be held in the Lord Ashcroft Building, Room 002 (Breakout Room 006 for networking &amp; refreshments).

Please enter through the Helmore Building and ask at reception.

Anglia Ruskin University Cambridge Campus East Road Cambridge Cambs CB1 1PT

Get further information on travelling to the university. </a>