tssci security

Desert Code Camp

For those living in Phoenix, Desert Code Camp is upon us. All morning and afternoon on Saturday, September 15 will be full of sessions that are all about code. My friend Adam Muntner (founder of QuietMove and contributor to Security Catalyst) will be presenting three sessions on information security. They are:

Achieving PCI Compliance Payment Card Industry Data Security Standards, also knowns as PCI DSS, are a set of regulations governing how payment card data can be stored, processed, and transmitted. The presenter will share his experiences in helping organizations ranging from small ecommerce development shops to the Fortune 1000 to achieve and maintain PCI compliance.

Security in the Software Development Lifecycle Adam Muntner will share his experiences about how organizations can integrate application security into all phases of the Software Development Life Cycle, from the creation of functional specifications all the way through development, deployment, maintenance, and updates. He will explain how to "bake security in" rather than "ice it on."

Web Application Hacking - Attack and Defense Recognizing the competitive advantage of speed to market, organizations are under pressure to develop and deploy applications as rapidly as possible. According to Gartner Group, 75% of attacks are now focused against the application layer. The combination of rapid development deadlines with the most targeted attack vector often leads to insufficient security analysis, testing, and validation through the entire software development lifecycle. The results are predictable - regulatory compliance headaches, erosion of customer confidence, and ultimately financial loss.

By learning about the tools and techniques used by crackers to penetrate applications, participants will learn how to defend against application-layer attacks.

There will also be a track presented by Lisa Kachold on Securing E-Commerce Information (no abstract at this time).

Posted by Marcin on Monday, August 13, 2007 in Conferences and Security.

blog comments powered by Disqus
blog comments powered by Disqus