Web Admin Blog

Real Web Admins. Real World Experience.

Entries Tagged ‘source’

Enterprise Risk Management for the Masses

A couple of years ago I decided, along with support from my management, that Enterprise Risk Management would become a focal point for my Information Security Program.  I was convinced that framing vulnerabilities in the form of risks was essential to giving management visibility into issues they currently didn’t know existed and to give our […]

Building a Source Code Analysis Tool for Security Consultants – OWASP AppSec NYC 2008

This presentation was by Dinis Cruz, and OWASP board member and he works for Ounce Labs, a producer of a source code analysis tool, but he said he was not speaking on behalf of either.  The presentation was entitled “Building a Tool for Security Consultants: A Story of a Customized Source Code Scanner”.  Everything was […]

Mastering PCI Section 6.6 – OWASP AppSec NYC 2008

This presentation is by Jacob West in the Security Research Group and Taylor McKinsley in Product Marketing from Fortify software.  I’d like to note that Fortify is a developer of a source code analysis tool and so this presentation may have a bias towards source code analysis tools. 56% of organizations fail PCI section 6.  […]