Enterprise Application Security - GE's approach to solving root cause and establishing a Center of Excellence

From OWASP
Revision as of 21:51, 19 August 2009 by Mark.bristow (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

The presentation

Owasp logo normal.jpg
Leader of GE Corporate cross-business, company-wide Application Security Program, Darren Challey, will share how, with the help of Softtek, GE has established a holistic application security program that seeks to detect, correct and prevent security defects throughout the application lifecycle. The program's "Center of Excellence", focused on finding defects early and fixing the root cause, has assessed several thousand applications across different GE business units, observing significant improvements in application security over the past years.

The speaker

Darren Challey currently holds the position of GE Application Security Leader. He leads and maintains a cross-business, company-wide "AppSec Working Group" and is in charge of establishing policies, procedures and best practices, providing guidance, services and tools. Prior to his current role, Darren has occupied several positions at different GE businesses, including: IT Controller at GE Corporate; IT Sarbanes-Oxley Leader, Six Sigma Black Belt and Web Master & Program Manager at GE Commercial Finance; and Electrical, Mechanical & Nuclear Engineer at GE Energy. After earning his BS degree in Mechanical Engineering from Union College, Darren received a Masters in Engineering, Computer Systems at Rensselaer Polytechnic Institute. Mr. Challey is a Certified Information Systems Auditor (CISA) as well as a Certified Information Systems Security Professional (CISSP).