Defensive Application Security Program (1 of 1 day)

Presented at AppSec USA 2017, Sept. 20, 2017, 9 a.m. (480 minutes)

Developing the Defensive Application Security Program Creating your Websites and Web Applications inventory Defining proper Software Security controls by Application Risk Quick Test and Quick Wins with OWASP ZAP Selecting and using proper Static Analysis tools Finding insecure libraries using OWASP Dependency Check Virtual Patching of legacy applications with Mod_Security Applying Secure-Headers automatically Detecting malicious behavior with OWASP AppSensor Developing and presenting the Security Dashboard   The intended audience is very broad from developers to managers, beginners to advanced users.   The length is one-day. The students will receive the class syllabus and book.   This course is a summarized version of a six-month class taught in 3 courses of our University.   The trainer is a PhD student in Cyber-Security and professor at IFC (Catarinense Federal Institute), (ISC)2's Certified Secure Software Lifecycle Professional (CSSLP), ISSECO® Certified Professional for Secure Software Engineering (CPSSE), ISO/IEC 27002 Foundation Certified, ISEB/ISTQB Certified Professional e ITIL F. Worked as Security Consultant and implementing OWASP best practices for securing software in companies like DELL, EDS (HP) and Elavon/US Bank. Published articles at international conferences and presented at OWASP AppSec Latam, FLISOL and RoadSec between others.

Presenters:

• Rafael Brinhosa - Professor - Catarinense Federal Institute
  Rafael is a PhD student in Cyber-Security and professor at IFC (Catarinense Federal Institute), (ISC)2's Certified Secure Software Lifecycle Professional (CSSLP), ISSECO® Certified Professional for Secure Software Engineering (CPSSE), ISO/IEC 27002 Foundation Certified, ISEB/ISTQB Certified Professional e ITIL F. Worked as Security Consultant and implementing OWASP best practices for securing software in companies like DELL, EDS (HP) and Elavon/US Bank. Published articles at international conferences and presented at OWASP AppSec Latam, FLISOL and RoadSec between others. Rafael is currently a PhD student in Cyber-security at Federal University of Santa Catarina. He holds a bachelor degree in Information Systems from Federal University of Santa Catarina, a masters degree in Computer Science from Federal University of Santa Catarina and a Strategic Management (MBA) as enhancement course from the Federal University of Paraná.

Links:

• https://appsecusa2017.sched.com/event/B2VT/defensive-application-security-program-1-of-1-day

Similar Presentations:

• AppSec USA 2013 / Project Talk: The OWASP Education Projects
• AppSec USA 2013 / 2013 AppSec Guide and CISO Survey: Making OWASP Visible to CISOs
• LocoMocoSec 2019 / Building Secure API's and Web Applications: Secure Coding with Aloha Training