Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Web-App-Sec
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Free Outsourcing Software Security Webcast

from [Mark Curphey] Network Security [Permanent Link]
Subject: Free Outsourcing Software Security Webcast
Date: Tue, 9 Nov 2004 13:10:32 -0500 
Shameless self-promotion ;-)

http://www.foundstone.com/resources/webcasts.htm
 
Title: Trust but Verify: How to Manage Risk in Outsourced Applications
Date: November 18th
Time: 8:00 EST 
Speakers: Mark Curphey of Foundstone and Jack Danahy of Ounce Labs 

Organizations are outsourcing application development more than ever before,
with $48 billion in projects annually expected by 2007. Very few of those
projects have adequately managed the security risks involved in developing
critical applications out-of-house, largely because they lack the ability to
measure the results effectively. The right planning, tools, and contract
requirements, combined with reliable metrics on which to base acceptance
criteria, can reduce those risks dramatically. 
 
This presentation will describe suggested methods for developing an
outsourcer report card to: 
 
1) Ensure proper security programs are in place
2) Most effectively analyze outsourced applications
3) Use that data to measure the security state of the delivered code
4) Develop baseline metrics to use as security acceptance criteria

Kind regards,

Mark
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • Free Outsourcing Software Security Webcast, Mark Curphey <=
Previous by Date:  RE: Looking for a Web Application Vulnerable to XSS Cookie Grab, Michael Silk
Next by Date:  Announce: OWASP Sydney first meeting - 18th November 2004, Andrew van der Stock
Previous by Thread:  secure development process, Gunnar Peterson
Next by Thread:  Announce: OWASP Sydney first meeting - 18th November 2004, Andrew van der Stock
Indexes:  [Date] [Thread] [Top] [All Lists]