Date: Monday, July 26th, 2010
Time: 11:30am to 1:00pm
Topic: Measuring and Communicating Risk with FAIR
Format: Speaker
Speaker: Kevin Riggins
Measuring and Communicating Risk with FAIR:
Measuring and communicating risk is a challenging task. Having a repeatable, well understood method of measuring risk that is based on a common taxonomy is very important. Factor Analysis of Information Risk provides both a framework for defining and understanding risk and a basic method of analyzing and communicating that risk.
Speaker Bio
Kevin Riggins, CISSP has over 22 years of experience in information technology and has focused on Information Security since 1999. He has been a Certified Information Systems Security Professional since 2004 and currently works for a Fortune 500 financial service company where he leads a team of information security analysts responsible for internal consulting, risk assessments and vendor security reviews. He writes about various information security topics on his blog, Infosec Ramblings ( http://www.infosecramblings.com), has been published in (IN)Secure magazine, and is a frequent speaker at conference and industry association meetings. He has served as the technical editor for Syngress on several books; CISSP Study Guide, CompTIA Linux+ Certification Study Guide (2009 Exam), and Eleventh Hour Linux+.
If you are not a member of ISSA and would like to visit to see what we are all about, please go here to register as a guest.
Location: Buccaneer Computer Systems
Date: Monday, May 24th, 2010
Time: 11:30am to 1:00pm
Topic: Protecting Your Applications from Backdoors
Format: Speaker
Speaker: Clint Pollock
Protecting Your Applications from Backdoors:
How to Secure Your Business Critical Applications from Time Bombs, Backdoors & Data
With the increasing practice of outsourcing and using 3rd party libraries, it is nearly impossible for an enterprise to identify the pedigree and security of the software running its business critical applications. As a result backdoors and malicious code are increasingly becoming the prevalent attack vector used by hackers.
Whether you manage internal development activities, work with third party developers or are developing a COTS application for enterprise, your mandate is clear- safeguard your code and make applications security a priority for internal and external development teams.
In this session we will cover;
- Prevalence of backdoors and malicious code in third party attacks
- Definitions and classifications of backdoors and their impact on your applications
- Methods to identify, track and remediate these vulnerabilities
Speaker Bio
Clint Pollock is a Senior Solutions Architect at Veracode. Since 1997, he has also created security solutions for large-scale enterprise environments on behalf of CREDANT Technologies and Netegrity. In his current role, Clint helps globally distributed organizations evaluate, track, and mitigate their application security risk. Clint’s greatest strengths are his enthusiasm, experience and determination to help customers succeed in maintaining secure, compliant systems, and avoid the consequences and bad headlines that come with application security breaches. Clint resides in Chicago, IL.
If you are not a member of ISSA and would like to visit to see what we are all about, please go here to register as a guest.
Location: Buccaneer Computer Systems
0 Response to “Next Meeting: July 26th – Measuring and Communicating Risk with FAIR”