Events  Deals  Jobs  NFT NYC 2024 
    Sign in  
 
 
With Tony UcedaVlez (Founder/CEO, VerSprite) & Archie Agarwal (Founder/CEO, CISSP).
Wed, Oct 10, 2018 @ 05:30 PM   FREE   S&P Global HQ, 55 Water St
 
     
 
 
              

      
 
Sign up for our awesome New York
Tech Events weekly email newsletter.
   
LOCATION
EVENT DETAILS

This session will bring together experts from the SDLC to discuss, debate & agree on how to make a better widget.

Agenda
- Networking
- Threat Modeling
- OWASP Top 10 2017

Research: Are-You-Trading-Stocks Securely
https://ioactive.com/wp-content/uploads/2018/08/Are-You-Trading-Stocks-Securely-Exposing-Security-Flaws-in-Trading-Technologies.pdf

Speaker #1
===============
Tony UcedaVlez is the founder & CEO of VerSprite - a global security consulting firm based in Atlanta, GA. He is also the author of Wiley's Risk Centric Threat Modeling, a book endorsed by the late Cyber Security Coordinator for the White House, Howard Schmidt. The book has been used in universities & enterprises world wide as a means to apply a risk centric approach to application threat modeling. Tony has spoken at numerous OWASP, ISACA, ASIS, ISC2, ISSA, BSides conferences across four continents on the topics of cloud security, risk management, threat modeling, secure-SDLC implementation. He also has provided global training to both development groups & company executives who need to understand the impact of security programs to products & business services. Tony's 25 years of IT/IS experience began with hands-on operations in the areas of system administration, network engineering, software development. Tony serves as interim CISO for various startups & global, mid-size organization & is responsible for the overall build out of these security programs.

Cooking w/ PASTA

*A Practical Walk Thru of Risk Centric Threat Modeling*

Protect what matters & learn how to incorporate a broad range of security practices within a risk centric approach to threat modeling. DAST, SAST, pen testing, threat intelligence harvesting, security hardening, architecture reviews & more have a place within a risk centric threat modeling approach. Well walk through steps of the PASTA methodology as applied to a e-commerce web application in order to exemplify the approach, its benefits, & how to best apply within your security programs & during your respective S-SDLC approach.

====================

Speaker #2
Archie Agarwal, CISSP Founder, CEO, & Chief Technical Architect

With more than 20 years of real-world experience in threat & risk analysis, Archie has been instrumental in successfully implementing secure software development processes at a number of Fortune 1000 companies to minimize their exposure to cyber threats & mitigate risks. Prior to founding ThreatModeler, he was the Director of Education Services at WhiteHat Security.

ThreatModeler Session Abstract:

Agenda:

Introduction to Threat Modeling
Exercise - Threat Modeling AppSec & Cloud Architectures
Working Session with ThreatModeler
Threat Modeling Driven DevSecOps

Goals:

Learn how to drive security by design
Understand roles & responsibilities in a Threat Modeling process
Get Hands-on experience operationalizing threat modeling

Attendees:

InfoSec + Red Teamers
AWS Cloud Architects/DevOps
Application Architects
Cloud Testers/Application Testers
Compliance, Privacy, Data Governance

If your company would like to be a sponsor for this meeting please contact us at (212) 220-3963

 
 
 
 
© 2024 GarysGuide      About    Feedback    Press    Terms