Webmaster
Tricks of the Trade: Web Application Security
SQL injection, buffer overflows, cross-site scripting…You have heard about these types of attacks before. In this session, you will learn and practice finding and exploiting vulnerabilities in a sample web application that closely resembles those containing your personal information, credit card numbers and even medical history. Please bring a laptop and LAN cable to this […]
PCI and Beyond
The Payment Card Industry Data Security Standard (PCI DSS) was established in response to several high profile incidents in which banks discovered that they paid a high price for other people’s security. In the first session, we will review success factors for PCI Assessments. The second session will discuss PCI and cloud computing. The final […]
Security Metrics and Identity & Access Management
It is hard for security practitioners and decision makers to know what level of protection they are getting from their investments in security, especially when they have invested in a number of technologies and processes which interact and combine together. It is even harder to estimate how well these investments can be expected to protect […]
Shifts in the CISO’s Domain – Authenticity, Admissibility and the Future of Forensics
What is changing in how Forensics and eDiscovery is managed? If all data is mutable, how do you know what is authentic? Are CISO’s taking control of search, recovery and discovery of enterprise information so to assure defensibility? What changes in technology and what legal and regulatory implications that are making this happen? The first session will cover emerging technologies, […]
Resilience and Availability
These are two of the most important words in the Business Continuity language. They both get a lot of “lip service” but how do our Plans actually stack up in real life? Our first speaker will discuss how you critically examine your plan for “Black Swans”, those incompletely addressed aspects of your plan which can […]