SecureState Blog

Read SecureState's award winning blog.

SecureState is proud to sponsor the Cleveland chapter of OWASP and we are bringing back the quarterly meetings by bringing in some of the top speakers in the application security community.  This quarter we have web application security ninja Kevin Johnson that will be speaking.  The title of his talk is “Ninja Developers: Application Security Testing and Your SDLC”.


Talk Abstract

The security of enterprise software is one of the key risks organizations can start to control today.  As new applications are developed and legacy software is updated, incorporating a measure of security testing can be one of the most critical ways to positively impact an organizations security posture.  To properly validate the security of enterprise applications a 3rd party penetration test or assessment may be enlisted – but the cost of testing each application quickly makes this impractical.  This situation presents a challenging problem.  In this presentation, penetration testing ninja Kevin Johnson of Secure Ideas will explain how your development staff can incorporate techniques distilled from years of experience into your organizatio’s development and release methodology.  Whether you’re using Agile, RUP or Google programming, these tips and tricks will enable your developers to produce higher quality, more secure code right from the start.  Kevin will reveal some of the secrets of the masters learned from experience and industry leadership over the past decade – and show you how you can insert security into your software development lifecycle with minimal disruption and maximum effectiveness.


Speaker Bio

Kevin Johnson is a security consultant and founder of Secure Ideas. Kevin came to security from a development and system administration background. He has many years of experience performing security services for fortune 100 companies, and in his spare time he contributes to a large number of open source security projects. Kevi’s involvement in open-source projects is spread across a number of projects and efforts. He is the founder of many different projects and has worked on others. He founded BASE, which is a Web front-end for Snort analysis. He also founded and continues to lead the SamuraiWTF live DVD. This is a live environment focused on Web penetration testing. He also founded Yokoso and Laudanum, which are focused on exploit delivery. Kevin is a certified instructor for SANS and the author of Security 542: Web Application Penetration Testing and Ethical Hacking. He also presents at industry events, including DEFCON and ShmooCon, and for various organizations, like Infragard, ISACA, ISSA, and the University of Florida.

As always, the Cleveland OWASP Chapter meetings are FREE and lunch is included!  However, you need to RSVP soon as seats are filling fast.  Please RSVP to Sabrina Powers via email:  Our meeting this month will be hosted at SecureState headquarters:

When: Tuesday, March 22nd Noon – 2pm
Where: SecureState, 23340 Miles Road, Cleveland, OH 44128
Lunch is provided.  Free and open to the public but you must RSVP!

Also be sure to sign up on the official OWASP Cleveland Chapter mailing list for future meeting announcements!