I’m happy to announce that we will be hosting our next OWASP Dublin https://www.owasp.org/index.php/Ireland-Dublin chapter event in the T-Cube Dublin office on March 13 2014.
Rahim Jina of BCC Risk Advisory and Stephen Scott of Espion will both be presenting.
There will be networking afterwards, with beer and pizza thanks to Espion (http://www.espiongroup.com/)
Talk 1: Building a shield of security - Vulnerability Management by the numbers and dumb robots!
Rahim Jina - BCC Risk Advisory
Rahim has been an active member of OWASP since 2008 and has contributed to many projects such as the OWASP Security Code Review Guide and is an ex-board member of the Irish Chapter. Previously Rahim was a senior security consultant at a “big 4” professional services firm and more recently, the head of security for Fonality Inc, a VoIP service provider based in Los Angeles. Rahim is currently a director for BCC Risk Advisory (bccriskadvisory.com), based in Dublin, Ireland. He is also responsible for the security architecture of the edgescan.comvulnerability management solution.
This presentation discusses how builders, breakers and defenders should look at vulnerability management when attempting to keep hackers at bay. We discuss the most common vulnerabilities which are not detected by security tools nor automation but nevertheless are common and can be used to commit real fraud resulting in financial loss. We will see that Web Application Firewalls are ineffective against such attacks and why the only practical solution is to apply a layered approach across all aspects of the SDLC.
Talk 2: "PCI's Changing Environment - What You Need to Know & Why You Need To Know It".
Stephen Scott - Senior Consultant and PCI QSA in Espion's Information Government practice
Stephen Scott, Consultancy Team lead in Espion, is an experienced information security, risk and compliance consultant whose experience spans across many different areas including, PCI DSS, information security, risk management, group internal audit, IT service management and regulatory compliance. Stephen has extensive experience with information security, internal control testing, compliance programmes, information risk management, and process improvement. Stephen has worked across a wide range of industry verticals, including financial, industrial and insurance.
PCI DSS – The Payment Card Industry Data Security Standard sets common requirements for securing payment card information (credit, debit, some gift cards), and lays out a range of controls relating to auditing, scanning and assessment.
This presentation discusses the ever evolving PCI environment, specifically focusing on the changes in the recent release of version 3 of the PCI DSS standard. Stephen will start off by giving a brief background to PCI, including motivators for merchant and service providers to adhere to the standard. In addition to this, the presentation will highlight what security considerations are relevant to application and information security practitioners.
When and where?
The meeting will be held in T-Cube on Castle St, Dublin 2 on 13 March. Registration is at 18:30 and the talks will start at 19:00.
How do I register for the meeting?
You can sign up on this page.
We hope to see you there,
The OWASP Dublin team