Time: October 13, 2009 from 6pm to 8pm
Location: GA Tech - Kraus Bldg - See Description for more info
City/Town: Atlanta
Website or Map: http://www.owasp.org/index.ph…
Event Type: owasp, monthly, meeting
Organized By: Tony UV
Latest Activity: Oct 12, 2009
Export to Outlook or iCal (.ics)
MySpace
Tweet
WHAT:: Security Religions & Risk Windows
WHERE:: TSRB auditorium : Web : Directions : Google-Maps
WHEN:: October 13, 2009 6-8pm
WHO:: Jeremiah Grossman, CTO WhiteHat Security
ABSTRACT:: Information security threats are way up, fraud losses continue to rise, regulatory fines are increasingly common, and budget dollars to solve these myriad problems are in short supply. Hampered by a sluggish economy, organizations simply cannot afford to hire all the talent they need, implement every best-practice, or buy every blinking-light widget on the market. Sacrifices are unavoidable, and still risk must be managed. Each organization must decide for itself the level of risk it is willing to accept.
There is a difference between what is possible and what is probable, something we often lose sight of in the world of information security. For example, a vulnerability represents a possible way for an attacker to exploit an asset, but remember not all vulnerabilities are created equal. Obviously, we must also keep in mind that a vulnerability's mere existence does not necessarily mean it will be exploited, or indicate by whom or to what extent. Some vulnerabilities are more difficult to exploit than others and therefore attract different attackers. Autonomous worms & viruses may attack one type of issue, while a sentient targeted attacker may prefer another path. Better understanding of these factors enables us to make informed business decisions about website risk management and what is probable.
In this presentation, Jeremiah Grossman will discuss the two prevailing but opposing security religions - Depth Religion and Breadth Religion. Jeremiah will then review the common misconceptions associated with each religion as it pertains to website security.
RSVP:: http://tr.im/owasp_meeting
COST: No costs, but all donations will be accepted as it helps pay for meeting related materials and provisions. Best way to support the chapter is to become a member
© 2022 Created by Cheyenne Throckmorton. Powered by
RSVP for ATL OWASP October Meeting - Featuring Jeremiah Grossman to add comments!
Join Atlanta User Groups