Thursday, March 15, 2012

AppSecDC 2012

WASHINGTON, D.C. March 16, 2012—AppSec DC 2012 (, the East Coast's premier information security conference, has added a full roster of training seminars to its four-day schedule of discussions and events. The seminars will be a mixture of one- and two-day sessions organized by OWASP in order to serve both its membership and the broader technology community. As a special offering, OWASP has aligned with (ISC)², the world’s largest information security professional body and administrators of the CSSLP®, on a free seminar for all AppSec DC attendees.

"OWASP seeks to be proactive, rather than reactive," said Mark Bristow, AppSec DC Organizer. "With these training sessions, we hope to empower everyone in the enterprise and in the public sector with the most current best practices in web and information security."  

AppSec's DC's training seminars will be held on April 2-3 before the plenary sessions. Information on OWASP's free seminar with (ISC)² for all AppSec DC attendees is as follows:

Certified Secure Software Lifecycle Professional (CSSLP) Clinic (*)
 - Tuesday, April 3, 1-5 PM

WHY YOU SHOULD REGISTER: Educate yourself in Secure Software Design and Development, two of the seven domains found in the CSSLP certification, held by over 1,000 secure software professionals worldwide and recently labeled the “Holy Grail” of secure software development certifications by analyst David Foote. This session will provide an in-depth education of these two tough domains of the CSSLP and will cover the skills and knowledge needed to design and develop secure code. In the Secure Software Design domain, attendees will learn the fundamentals of design principles, when applied, will save costly rework. The Secure Software Development domain will discuss the OWASP Top 10 threats and how to mitigate them effectively.

The CSSLP contains seven domains focusing on the fundamental topics needed to develop secure software. CSSLPs are professionals who have validated their competency in incorporating security into each phase of the software lifecycle.

(*) Please note that all attendees of the free seminar must pre-register at the AppSec site:

Other training sessions include:

•   Building Secure Android Apps
•   The Art of Exploiting Injection Flaws
•   Assessing and Exploiting Web Applications with Samurai-WTF
•   Secure Web Application Development Training
•   Source Code Analysis – Discovering Vulnerabilities in Web 2.0, HTML5, RIA
•   Practical Threat Modeling
•   Mobile Hacking and Securing
•   WebAppSec: Developing Secure Web Applications
•   Virtual Patching Workshop
•   Complete list of seminars: and additional information at

OWASP strives to provide world-class training for a variety of skill levels and interests at its conferences. From the novice to the expert, developers to managers, there is a training course for you. Classes will begin at 9 AM each day and run until 5 PM. Please check each course for required materials and whether a course is one or two days.

OWASP AppSec DC attracts a worldwide audience. Executives from Fortune 500 firms along with technical thought leaders such as security architects and lead developers will be traveling to hear the cutting-edge ideas presented by Information Security’s top talent.

Along with training seminars, AppSec DC 2012 has also lined up a robust list of speakers, including representatives from Homeland Security, and thought-leaders such as Dan Geer, Creator of the Index of Cyber Security (2011) and the Cyber Security Decision Market (2011), among other accomplishments. Past conferences have drawn more than 700 technologists from Government, Financial Services, Media, Pharmaceuticals, Healthcare, Technology, and many other verticals.  A full schedule can be found at

Sponsored by Aspect Security, Securicon, MANDIANT, Trustwave SpiderLabs, Secure Ideas, and nVisium Security, AppSec DC is hosted by the Washington, D.C. chapter of Open Web & Application Security Project (OWASP), a 501c3 Not-For-Profit, is an open-source application security project made up of corporations, educational organizations, and individuals from around the world. Providing free, vendor-neutral, practical, cost-effective application security guidelines, the organization has become the de facto standards body for application security over the past decade. 

To attend OWASP AppSec DC 2012, visit: or register at To become a member of OWASP or a sponsor of AppSec DC 2012, kindly drop us a note at:  

About OWASP:
The Open Web & Application Security Project (OWASP) is a worldwide free and open community focused on improving the security of application software. Our mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks. Everyone is free to participate in OWASP and all of our materials are available under a free and open software license. The OWASP Foundation is a 501c3 not-for-profit charitable organization that ensures the ongoing availability and support for our work from Individuals, Organization Supporters & Accredited University Supporters. For more information, please visit:


Bill Lessard
914.476.6089 - office
914.330.3501 - cell


Post a Comment

Subscribe to Post Comments [Atom]

<< Home