Information Security

Network Intrusion Prevention vs. Anomaly Detection

Held: Jul 08 2010 12:00 pm

Presenting: Mike Fratto; Network Computing, Editor

Before you can prevent an attack, you have to detect it. Traditional signature based IDS's are prone to false positives and can only detect malicious traffic it has signatures for.

Information Security

When Prevention Fails: The Role of IPS in Incident Response

Held: Jul 08 2010 4:00 pm

Presenting: C. Matthew Curtin, Interhack, Founder

Intrusion prevention technology is understandably focused on using network data to detect and to stop intrusions in progress. When (not if) intrusion prevention systems fail to prevent intrusions, can they provide any value to the management of an incident?

Information Security

Top 10 Risks in Application Security

When: Jun 04 2010 8:00 am

Presenting: Sebastien Giora, French Chapter Leader, OWASP

The OWASP Top Ten provides a powerful awareness document for web application security. The OWASP Top Ten represents a broad consensus about what the most critical web application security flaws are.

Information Security

Software Development Life Cycle: Who's responsible for security?

When: Jun 03 2010 2:00 pm

Presenting: Dow A. Williamson; SCIPP International, Executive Director, CISSP, CSSLP

From "start-up" through "acquisition & development", "implementation", and "operations & maintenance" to "decommissioning", it's far too easy to lay the responsibility for the secure software life cycle at the feet of the application developers.

Information Security

Automated Application Defenses To Thwart Advanced Attackers

When: Jun 03 2010 12:00 pm

Presenting: Michael Coates; Mozilla, Web Security Engineer

Michael has extensive experience in application security, security code review and penetration assessments. He has conducted numerous security assessments for financial, enterprise and cellular customers world-wide.

Information Security

Emergent Standards in Secure Software Development

When: Jun 03 2010 4:00 am

Presenting: Justin Clarke, UK Chapter Leader, OWASP

One of the core difficulties in ensuring your organisation's software development process (whether in-house or outsourced) builds in an appropriate level of security is a lack of research, standards and accepted practice in this area.

More Articles...