Web Admin Blog

Real Web Admins. Real World Experience.

Entries Tagged ‘team’

Building an In-House Application Security Assessment Team

This presentation was by Keith Turpin from The Boeing Company.   About three years ago, all of Boeing’s assessments were coming from outsourced service providers.  They realized that they were unable to have control over the people and process and had difficulties integrating the controls into the SDLC and decided to bring these functions in house.  […]

Tiger Team – AppSec Projects – OWASP AppSec NYC 2008

This presentation was by Chris Nickerson, founder of Lares Consulting, and the goal was to talk about the use of layered attacks. General types of threats includes social engineering/human (corporate/personal manipulation, bogus e-mails, physical intrusion, media dropping, phone calls, conversation, role playing), electronic (application and business logic attacks, software vulnerability exploitation, …), physical (break-in, theft, […]