Open Web Application Security Project (OWASP) - Portland, Oregon Chapter

OWASP PDX

The Open Web Application Security Project (OWASP) is a 501(c)(3) worldwide not-for-profit charitable organization focused on improving the security of software. Our mission is to make software security visible, so that individuals and organizations are able to make informed decisions. OWASP is in a unique position to provide impartial, practical information about AppSec to individuals, corporations, universities, government agencies, and other organizations worldwide. Operating as a community of like-minded professionals, OWASP issues software tools and knowledge-based documentation on application security. This podcast mostly focuses on cybersecurity in the Portland, Oregon chapter. read less
TechnologyTechnology

Episodes

Jeff Williams - We Are in the Stone Age for Application Security
Jun 23 2021
Jeff Williams - We Are in the Stone Age for Application Security
Our special guest today is Jeff Williams, Co-Founder and CTO of Contrast Security. Jeff was one of the pioneering members who formed the Open Web Application Security Project® (OWASP). Not only did he chair it, he also contributed to many successful open source projects, including WebGoat, the OWASP Application Security Verification Standard (ASVS), the OWASP Top Ten and much more.  Without him and others we would not be doing this podcast today. Besides founding Contrast Security in 2014, he started Aspect Security in 2002. Jeff got his law degree at Georgetown University Law Center along with a computer science and psychology degree at the University of Virginia. In the early 1990's, he built high assurance systems for the U.S. Navy and taught the INFOSEC curriculum for the NSA during the good old days of the Orange Book - a trusted computer system evaluation criteria for the U.S. Department of Defense.We want to say thank you to Contrast Security for being one of our sponsors for the inaugural OWASP Pacific Northwest Application Security Conference 2021.Jeff's LinksContrast SecurityLinkedInTwitterSecurity Maganize Article - New NIST Standards on IAST and RASP Deliver State-of-the-Art AppSecWebGoatASVSBlackHat USA - Enterprise Java Rootkits - "Hardly anyone watches the developers"PNWSEChttps://pnwcon.comTwitter: @pnwsecconpnwseccon@gmail.com (contact)Jeff Williams was interviewed by David Quisenberry and John L. Whiteman.Follow us:HomepageTwitterMeetupLinkedInYouTubeSupport the show
Farshad Abasi and Roberto Salgado - Our New Pacific Northwest Application Security Conference (PNWSEC)
May 30 2021
Farshad Abasi and Roberto Salgado - Our New Pacific Northwest Application Security Conference (PNWSEC)
On Saturday, June 19, 2021 something very special is going to happen. For the first time, a perfect trifecta of OWASP chapters in the Pacific Northwest are getting together to host a virtual conference focused on serious application security. It's called the Pacific Northwest Application Security Conference (PNWSEC). The chapters hosting this fine event are from the beautiful, breathtaking Canadian cities of Vancouver and Victoria B.C. and to the south in the States, Portland, Oregon. Our guests today are Farshad Abasi and Roberto Salgado along with our host David Quisenberry, each a leader of the same OWASP chapters respectively.Tickets are going fast so hurry. Also if you want give a talk, including those short lighting ones, or even volunteer, it's still not too late. Go to pnwcon.com for details also check out this podcast's RSS feed for additional information regarding the conference and our guests.PNWSEChttps://pnwcon.comhttps://www.eventbrite.ca/e/first-annual-pacific-northwest-appsec-conference-tickets-155757566073 (buy tickets)@pnwsecconpnwseccon@gmail.com (contact)Vancouver, B.C. OWASP Chapterhttps://owasp.org/www-chapter-vancouver/https://twitter.com/owaspvancouverVictoria, B.C. OWASP Chapterhttps://owasp.org/www-chapter-victoria/https://twitter.com/owaspvictoriaFarshad Abasi (Vancouver, B.C.)https://www.linkedin.com/in/farshadabasi/Forward Security Inc.@farshadabasiRoberto Salgado (Victoria, B.C.)https://www.linkedin.com/in/roberto-salgado/Websec Canada@lightosDavid Quisenberry (Portland, Oregon)https://www.linkedin.com/in/davidmquisenberry/https://zapproved.com/@QuizSecFarshad Abasi and Roberto Salgado are  interviewed by David Quisenberry and John L. Whiteman.Follow us:HomepageTwitterMeetupLinkedInYouTube- Become an OWASP member- Donate to our OWASP PDX chapterSupport the show
Volko Ruhnke, Adam Shostack and Hadas Cassorla - Building Games to Teach Real-World Security
Jan 23 2021
Volko Ruhnke, Adam Shostack and Hadas Cassorla - Building Games to Teach Real-World Security
We have three very special guests today. All come from different backgrounds but share a common interest in gaming - the kind that can be used to teach you things, like how to become better at handling security incidents or winning a historical insurrection. This podcast is sponsored by the We Hack Purple Academy.Volko Ruhnke is a renowned wargame designer and educator. He retired as a career analyst with the CIA and as an instructor for the Sherman Kent School for Intelligence Analysis which is responsible for training people in the intelligence community. While working there he became an acclaimed designer of commercial board games - best known for the COIN Series published by GMT Games.  Adam Shostack is a leading expert on threat modeling, and a consultant, entrepreneur, technologist, author and game designer. He's a member of the BlackHat Review Board, and helped create the CVE and many other things. He currently helps many organizations improve their security via Shostack & Associates, and helps startups become great businesses as an advisor and mentor. While at Microsoft, he drove the Autorun fix into Windows Update, was the lead designer of the SDL Threat Modeling Tool v3 and created the "Elevation of Privilege" game. Adam is the author of Threat Modeling: Designing for Security, and the co-author of The New School of Information Security. Hadas Cassorla is a security leader in the Portland area. She is the manager of security engineering and platform engineering at Simple Finance in Portland. She also does work with Hackback Gaming as an Incident Master (IM) running teams through dynamic role playing in tabletop incident response scenarios. Hadas is a recovering attorney too who took up improv after finishing law school. Volko Ruhnke, Adam Shostack and Hadas Cassorla are interviewed by David Quisenberry and John L. WhitemanLinks from the Show:Zenobia Award (Board Game Design Contest for Underrepresented Groups)HackBack GamingAdam Shostack's Home PageElevation of PrivilegePhilip Sabin - Simulating War: Studying Conflict through Simulation GamesJeremy Holcomb - The White BoxFollow us:HomepageTwitterMeetupLinkedInYouTube- Become an OWASP member- Donate to our Support the show
Caroline Wong - What a Top Chief Strategy Officer Has to Say About Security These Days
Oct 17 2020
Caroline Wong - What a Top Chief Strategy Officer Has to Say About Security These Days
Our very special guest today is Caroline Wong.  She is the Chief Strategy Officer at Cobalt.  As CSO, Caroline leads the Security, Community, and People teams at Cobalt. She brings a proven background in communications, cybersecurity, and experience delivering global programs to the role.Caroline’s close and practical information security knowledge stems from her broad experience as a Cigital consultant, a Symantec product manager, and day-to-day leadership roles at eBay and Zynga. Caroline also hosts the Humans of InfoSec podcast, teaches cybersecurity courses on LinkedIn Learning and has authored the popular textbook Security Metrics, A Beginner's Guide.Caroline holds a bachelor’s degree in electrical engineering and computer sciences from UC Berkeley and a master’s in finance and accounting from Stanford University Graduate School of Business.Some useful links:https://twitter.com/carolinewmwonghttps://twitter.com/humansofinfosehttps://www.linkedin.com/in/carolinewmwong/https://soundcloud.com/humans-of-infosechttps://twitter.com/cobalt_iohttps://resource.cobalt.io/pentesting-in-devops-how-to-guidehttps://www.mheducation.com/highered/product/security-metrics-beginner-s-guide-wong/9780071744003.htmlCaroline Wong is interviewed by Kendra Ash and John L. Whiteman.Follow us:HomepageTwitterMeetupLinkedInYouTube- Become an OWASP member - Donate to our OWASP PDX chapterSupport the show