AppSecUSA 2015 Blog (18)

News about OWASP’s Application Security USA 2015 (AppSecUSA)

OWASP Organizer Tells Obama How To Secure The Internet

Written by

In an open letter to President Obama, a member of the Open Web Application Security Project tells why pending legislation on threat-intel sharing doesn’t go far enough.

Dear President Obama,

Modern business has reached a point today that attackers can trigger serious security incidents and data breaches with minimal technical sophistication. Industry deploys countless security solutions but, application security liabilities at the root of the problem reside with the standards, frameworks and languages developers use to build complex software.

To read more the entire letter from Jim Manico go to Dark Reading.

4 Reasons To Attend OWASP’s Application Security Conference

Written by

Here are 4 reasons why AppSecUSA is the premier conference for CISO’s, developers, and security experts to discuss new approaches to secure web applications – September 22-25, 2015 in downtown San Francisco.

  1. TAKE A SELFIE WITH FACEBOOK’s NEW CSO, the Chief Cybersecurity Official at DHS, Microsoft’s MVP for Developer Security, and so many other web security visionaries from Cisco, Whitehat, RiskIQ, Salesforce, Docker, Adobe, Coinbase, Netflix, Thoughtworks, Linkedin, Fortify, HP, Checkmarx, Akamai, Denim Group, Yahoo, Aspect Security, Intuit, NCC Group, Prevoty, and more. Check out this list of speakers. What other conference offers selfies with Alex Stamos?
  2. GO OUT TO SEA WITH THE WORLD’S TOP CISO’S on our 2-hour dinner boat cruise around San Francisco Bay. Cruise is *included* in your conference ticket price. Check out these pictures of the ship – and don’t fear even if you’ve been seasick, this boat is so large that you won’t feel a thing. What other conference has a boat tour?
  1. GET A JOB IN SECURITY at the Career Fair – rub shoulders with recruiters and hiring managers from Netflix, Twitter, Airbnb, Palantir, Linkedin, Netsuite, Tableau, Macy’s, General Electric, Autodesk, 23andMe, MobileIron, and more. What other conference has all the best employers under one roof?
  1. GET ENLIGHTENED BY LIGHTNING TRAININGS with 1-hour sessions on immediately applicable security topics such as:
  • Getting Started with ModSecurity WAF
  • Security Testing for Enterprise Messaging Applications
  • The Bug Hunters Methodology
  • Protecting your Web Application with Content Security Policy

Check out this list of lightning trainings. What other conference is enlightening and lightning.

That’s my four reasons why AppSecUSA is the premier application security conference. Are you sold yet? I’m looking forward to seeing you September 22nd to 25th in San Francisco at OWASP AppSecUSA!

Hurry! Attendee space in the Hyatt Regency Hotel conference center is limited. Buy your ticket now before we sell out.

To see the original article go to LinkedIn Pulse.

OWASP Announces Final Agenda and Lightning Trainings for AppSec USA 2015 Conference

Written by


The Open Web Application Security Project (OWASP), the worldwide nonprofit organization focused on improving the security of software, today announced the final agenda for this year’s AppSec USA along with the addition of new Lightning Trainings that will enable attendees to learn about the latest in Web application security during short, daily sessions. The four-day conference in San Francisco will be the home to the world’s leading security experts in Web applications from Sept. 22-25 and will focus on new research on devops, cloud and application security.

See the conference agenda for more information.

Lightning Trainings Selected

Written by

Lightning trainings are one hour open source and free training sessions that run alongside the conference talks on Thursday, Sept 24 and Friday, Sept 25. Lightning trainings are included with general conference admission. The goal of lightening trainings is to teach the students a new skill within the one hour through hands-on exercises. The student should be able to setup any lab requirements ahead of the class using virtualbox (free download).

Lightning trainings have been selected and are now posted! You can find them all on the schedule.

3 Things To Know About OWASP AppSec USA 2015

Written by

Our nonprofit community with 200 chapters in more than 100 countries globally is deeply invested in enabling everyone to make informed security decisions by elevating the focus on software security. This mission is embodied in our largest outreach efforts—AppSec conferences—that disseminate security knowledge through technical talks, panels, hands-on training sessions, keynotes and more. With recent government breaches and the continued concern around user security and privacy, this years AppSec USA comes at the perfect time to address the most salient security issues today.  Here are a few things to expect at this year’s AppSec USA in San Francisco, Sept. 22-25.

Hands on Training

There is a massive shortfall in the industry for quality security engineers. Learn application security fundamentals from the best of the best to secure your organization through hands on training opportunities.

The trainings range from advanced android and iOS hands-on exploitation to a malware crash course that includes hands-on malware dissection, software debugging, malware analysis and more. In a time where security professionals are increasingly needed in the effort against cyber threats, everyone from developers to incident responders need to stay up-to-date on the latest threats and the best practices and tools needed to keep systems safe.

Listen, Learn, Discuss

Learn, listen and discuss about pertinent, cutting edge security topics like how to address cloud security for your applications, how to handle security at scale and about real-time event detection and response. Experts from security companies like WhiteHat,  iSec Partners and Denim Group; technology providers such as Docker and Akami; and enterprise security teams like Netflix, Salesforce and LinkedIn will all cover a variety of security topics and enable discussions to address security experts’ burning questions. Additionally, learn about the state of security, its most pressing issues and what it will take to secure them from keynote speakers like Facebook  CISO Alex Stamos, Microsoft MVP Troy Hunt, Chief Cybersecurity Official of DHS Dr. Phyllis Schneck and more.

Build Your Network, Find the Right Talent

A crucial aspect to any conference, network and connect with the brightest security minds in the world at the most concentrated event for application security. Discuss the leading topics with people from all parts of the security process including software developers, information security professionals, incident responders, computer security researchers, and corporate investigators.

Hiring? Job searching? AppSec USA also provides the opportunity to network with a wide range of security professionals and find your next gig or next great hire at our career fair. Some of the hottest companies will be participating including Netflix, Twitter, Airbnb, Palantir, LinkedIn, NetSuite, MobileIron, and Tableau.

Don’t miss out on the opportunity to connect and participate in what easily is the most important topic in tech today, security.

OWASP AppSecUSA – the largest application security conference in the world.Don’t miss out!

To see the original article go to LinkedIn Pulse.

DHS Chief Cybersecurity Officer To Be Keynote Speaker

Written by

Screen Shot 2015-07-30 at 11.52.07 AM

The Open Web Application Security Project (OWASP), the worldwide nonprofit organization focused on improving the security of software, today announced deputy under secretary for cybersecurity for the National Protection and Programs Directorate (NPPD), the chief cybersecurity official for the U.S. Department of Homeland Security (DHS), Phyllis Schneck as the third keynote for AppSec USA 2015. The four-day security conference in San Francisco focuses on new research in application, DevOps and cloud security that will be the home for the world’s leading experts in Web applications from Sept. 22-25. Schneck will speak on the security landscape facing Web applications today as well as what both businesses and the government are planning and doing to keep their assets safe.

Learn more by reading the press release.

Facebook CSO, and Microsoft MVP To Be Keynote Speakers

Written by

Screen Shot 2015-07-30 at 11.50.19 AM

[UPDATE] Alex Stamos is now the CSO of Facebook, formerly the CISO of Yahoo. This blog article is updated but the linked press release below reflects his former title.

The Open Web Application Security Project (OWASP), the worldwide nonprofit organization focused on improving the security of software, today announced Facebook CSO Alex Stamos and Microsoft MVP Troy Hunt as the first two keynotes for AppSec USA 2015. The four-day security conference in San Francisco on Sept. 22-25, 2015 is where experts gather to discuss new research in application, DevOps and cloud security.

Check the press release to learn more.