OWASP OC Chapter Meeting

Irvine, California
Friday, January 28, 2011
OWASP OC Chapter Meeting
Friday, January 28, 2011 1:00 PM - 5:30 PM (Pacific Time)

HireRight Office
5151 California Ave
Irvine, California 92617
United States

Map and Directions
More information: http://www.owasp.org/index.php/Orange_County


5151 California Ave

Irvine, California 92617

United States.

Speakers include:

Samy Kamkar

Online Privacy and the Evercookie


Samy Kamkar has lectured on computer security issues in over a dozen countries, and his work has been featured on the front page of the New York Times. As a grey-hat hacker, he makes and breaks computer security for tech companies. In addition to his independent security research, he co-founded Fonality, an IP PBX company.

Jim Manico

Back to Basics: Defensive Coding Principles for Web Development 101

The application security community is in deep need of prescriptive solutions for developers. This talk will review the world of Web Application Security from a "builder" point of view, focusing on critical controls that all developers must master if they wish to build low risk web applications today.


Jim Manico is the chair of the OWASP Connections committee where he focuses on producing and hosting the OWASP Podcast. Jim also is a co-manager of the OWASP ESAPI Open Source project. Professionally, Jim is an independent application security architect specializing in the construction of low-risk web applications. Jim is also an application security educator and assessment specialist.

Edward Bonver Talk Title:

Threat Modeling at Symantec


Threat Modeling is one of the most important security activities that a development/QA team needs to perform as part of a Security Development Lifecycle. This activity allows the team to build a complete security profile of the system being built. Threat Modeling is not always easy to get going for a team that has little or no security experience. In this presentation we’ll take a look at why Threat Modeling is so important; we’ll explore the process behind it, and how the process is being implemented and followed across Symantec.


Edward Bonver is a principal software engineer on the product security team under the Office of the CTO at Symantec Corporation. In this capacity, Edward is responsible for working with software developers and quality assurance (QA) professionals across Symantec to continuously enhance the company’s software security practices through the adoption of methodologies, procedures and tools for secure coding and security testing. Within Symantec, Edward teaches secure coding and security testing classes for Symantec engineers, and also leads the company’s QA Security Task Force, which he founded. Prior to joining Symantec, Edward held software engineering and QA roles at Digital Equipment Corporation, Nbase and Zuma Networks.

Edward is a Certified Information Systems Security Professional (CISSP) and a Certified Secure Software Lifecycle Professional (CSSLP). He holds a master’s degree in computer science from California State University, Northridge, and a bachelor’s degree in computer science from Rochester Institute of Technology. Edward is a Ph.D. student at NOVA Southeastern University.


Contact Information

© 2019
Quick, easy and affordable online event registration and event management software for all event sizes.