Adam Muntner is speaking on the topic of Application Security at the Inland Empire ISSA meeting at Cal State Bernadino on Tuesday, August 22. His presentation is scheduled to begin at 11:30 AM.

Click here to open IE ISSA Meeting Information and Directions in a new window

Abstract:
Schrodinger’s Hack - Removing Uncertainty from Application Security
Recognizing the competitive advantage of speed to market, organizations are under pressure to develop and deploy applications as rapidly as possible. According to Gartner Group, 75% of attacks are now focused against the application layer. The combination of rapid development deadlines with the most targeted attack vector often leads to insufficient security analysis, testing, and validation through the entire software development lifecycle. The results are predictable - regulatory compliance headaches, erosion of customer confidence, and ultimately financial loss.

By learning the tools and techniques used by crackers to penetrate applications, participants will learn how to write code resistant against these techniques. Examples covered include SQL injection, LDAP injection, cross site scripting, parameter manipulation, Google hacking, and web services hacking.

About the Speaker:
Mr. Muntner is a Partner of QuietMove, Inc., an information security consultancy specializing in enterprise risk assessment. He has over a decade of combined information technology experience in information security, application development, systems architecture, and security operations management. Before founding QuietMove, Mr. Muntner had managed and performed over 100 risk assessments for government agencies, health care systems, public utilities, and private enterprise. Previously, he was an IBM Penetration Testing Subject Matter Expert and founding member of IBM’s Ethical Hacking Center of Competency. Later, Mr. Muntner was the Information Security Officer for a publicly traded company with offices in 12 countries. Mr. Muntner has been evangelizing web application security since 1998 and speaks regularly at Information Security conferences and for private audiences.

About ISSA
The Information Systems Security Association (ISSA)® is a not-for-profit, international organization of information security professionals and practitioners. It provides educational forums, publications and peer interaction opportunities that enhance the knowledge, skill and professional growth of its members.

With active participation from individuals and chapters all ver the world, the ISSA is the largest international, ot-for-profit association specifically for security professionals. Members include practitioners at all levels of the security field in a broad range of industries, such as communications, education, healthcare, manufacturing, financial and government.

The ISSA international board consists of some of the most influential people in the security industry, with representatives from Dell Computer Corporation, EDS, Forrester Research Inc., Symantec and Washington Mutual. With an international communications network developed throughout the industry, the ISSA is focused on maintaining its position as The Global Voice of Information Security.