Friday, October 28, 2016

AppSec California; Sun, Sand, Security


     

We are excited to invite you to join us on the beach for the 4th Annual AppSec California.

What: A unique Southern California OWASP event on the beach dedicated to raising the bar in application security
When: January 23-25, 2017
Where: On the beach at the Annenberg Beach House, 415 Pacific Coast Hwy, Santa Monica, CA 90402

AppSec California combines a dynamic mix of training and education delivered by some of the industry’s top experts in secure application development and web application security.

Information security professionals, developers, and QA and testing professionals from around the world will gather at the Annenberg Beach House where they will participate in full-day trainings, enjoy invigorating and inspiring talks, engage in thought-provoking conversations, and make new friends.

Call for Papers is Open!


Would you like to present at AppSec California? We know you have great things to share, and the AppSec Cali Call for Papers team would love to hear from you. OWASP AppSec conferences are true security conferences, with expected talks and presentations all around (web) application security. Non-technical talks are welcome too.

Interested in Sponsoring AppSec California?


AppSec California may be the best opportunity you will ever have to meet hundreds of key decision makers in IT & Information Security. Join us January 24-25, 2017 to get new leads to help you generate new business.

First Keynote Speaker Announced: RSA CTO Zulfikar "Zully" Ramzan


Dr. Zulfikar Ramzan serves as the Chief Technology Officer of RSA. In this role, he is responsible for leading the development of the company's technology strategy and bringing to market the innovations that help protect RSA customers from the growing number of advanced threats.

Early Bird Pricing Ends October 31


Registration for the 2 Day Conference (Jan 24 and 25) is only $200, and 2 Day Conference + Training is only $600. These prices only last until the end of October.

We'll be sharing more details and announcement in the coming weeks. For more real time updates, follow us on twitter.

Thanks, and we look forward to seeing you in January!

Caleb Queern and the AppSec California Planning Team

Wednesday, October 26, 2016

AppSecEu 2017 Call for Presentations and Training Now Open

The call for presentations and training are now open for AppSecEu 2017, which will take place in Belfast from May 8th to 12th 2017. OWASP's Global AppSec events serve a diverse audience of security professionals at all stages of their careers. We seek interesting perspectives and training to drive visibility and evolution in the safety and security of the world’s software.

Our topics of interest for talks include, but are not limited to the following:
  • Novel web vulnerabilities and countermeasures
  • New technologies, paradigms, tools
  • OWASP tools or projects in practice
  • Secure development: frameworks, best practices, secure coding, methods, processes, SDLC
  • Browser security
  • Mobile security and security for the mobile web
  • Cloud security
  • REST/SOAP security
  • Security of frameworks
  • Large-scale security assessments of web applications and services
  • Privacy risks in the web and the cloud
  • Management topics in Application Security: Business Risks, Awareness Programs, Project Management, Managing SDLC
OWASP Trainings should be practical in nature--hands-on class will receive stronger consideration.  Topics of interest for include but are not limited to:
  • Secure development: frameworks, best practices, secure coding, methods, processes, SDLC
  • Vulnerability analysis: code review, pentest, static analysis
  • Threat modelling
  • Mobile security
  • Cloud security
  • Browser security
  • HTML5 security
  • OWASP tools or projects in practice
  • New technologies, paradigms, tools
  • Privacy in web apps, Web services (REST, XML) and data storage
  • Operations and software security
  • Management topics in Application Security: Business Risks, Outsourcing/Offshoring, Awareness Programs, Project Management, Managing SDLC
While we understand that your submission might be a work in progress, we strongly encourage that all submissions be as thorough as possible to allow us to make the best decision.  The program committee will review your submission based on a descriptive abstract of your intended presentation. Feel free to attach a preliminary version of your presentation if available, or any other supporting materials.  Please review your proposal thoroughly as accepted abstracts and bios submitted will be published 1:1 on our site. If your presentation is accepted for inclusion in the conference program, you are free to submit a white paper describing your work, to be added to the website.                                                                                   
To ensure the best talks available are presented at AppSec Europe we are incorporating blind reading as part of our process. This means that names and job titles will be removed when the paper's abstract is being reviewed. Submissions for training will not be read blind.  All speakers will be given access to speaker mentorship, we especially encourage first time speakers to take advantage of this service.
Marketing and sales pitches will not be accepted in the talks or trainings.

Submit a Presentation
  • Submission deadline: January 9th, 2017
  • Notification of acceptance: February 6th, 2017
  • Conference days: May 11th – 12th 2017

Submit a Training
  • Deadline for proposals:  January 2, 2017
  • Notification to training providers: January 23, 2017
  • Training: May 8, 9, 10


Tuesday, October 25, 2016

Waratek Supports the OWASP Foundation as a Premier Corporate Member

Bel Air, MD – October 25, 2016 – The Open Web Application Security Project (OWASP), a worldwide not-for-profit charitable organization focused on improving the security of software, is pleased to welcome Waratek, a pioneer in the next generation application security solutions known as Runtime Application Self-Protection (RASP), as a Premier Corporate Member of OWASP.   

OWASP is an open community of over 46,000 participants dedicated to enabling organizations to conceive, develop, acquire, operate, and maintain applications that can be trusted. All of the OWASP tools, documents, forums, and chapters are free and open to anyone interested in improving application security.  OWASP does not endorse or recommend commercial products or services. Instead, we allow our community to remain vendor neutral with the collective wisdom of the best individual minds in application security worldwide.

Waratek, winner of the 2015 RSA Innovation Sandbox Award, is based on the belief that traditional security approaches are not enough to protect applications and customer data from today’s threats. Waratek’s solutions are based on virtualizing the runtime to provide protection against known and unknown vulnerabilities in current and legacy software.

“At a time when malicious attacks are intensifying and organizations increasingly rely on applications with known and vulnerabilities to fulfill their missions, OWASP is a vital part of defending the integrity of businesses and institutions,”  commented Waratek CEO Brian Maccaba. “We need strong DevOps and AppSec communities to ensure the safety and security of commerce.  We’re proud to help OWASP fulfill that role.”

Waratek’s support of OWASP included sponsorship of our recent OWASP AppSec USA 2016 Conference that took place in Washington,DC.  In a few weeks, all of the conference talks will be available for free on the conference site.

“OWASP receives one-third of its funding from Corporate Members and we are thrilled to have Waratek, Inc. as a Premier Corporate member,” stated Kelly Santalucia, Membership & Business Liaison of the OWASP Foundation. “Waratek’s contributions toward our AppSec USA 2016 event demonstrated strong support for our global initiatives, and we are hopeful that others will follow their lead in giving back to the community.”

About OWASP
The Open Web Application Security Project (OWASP) is dedicated to making application
security visible by empowering individuals and organizations to make informed decisions
about true software security risks. As a 501(c)(3) not-for-profit worldwide charitable  organization, OWASP does not endorse or recommend commercial products or services. Instead, we allow our community to remain vendor-neutral with the collective
wisdom of the best individual minds in software security worldwide.

For more information, visit: www.owasp.org or follow us at: @owasp.

About Waratek

Waratek is a pioneer in the next generation of application security solutions known as Runtime Application Self-Protection or RASP.  Based on virtualization, Waratek’s solution is highly accurate, easy to install, simple to operate and does not slow application performance – while providing protection against known and unknown vulnerabilities in current and legacy software.

Waratek is based in Atlanta, Georgia and Dublin, Ireland.  For more information visit www.waratek.com or follow us @Waratek.