Saturday, July 12, 2008

It's All About the Lifecycle

Happy Saturday everybody. We're closing up on Black Hat, and I wanted to share something I found that should interest you if you live in the world of web application security.

Dennis Hurst - a colleague of mine over at SPI Dynamics (now HP) - has started a conference which follows BlackHat called "LifeCycle Security". Application Security is a problem that everyone faces today - and I think we need to start thinking about it more than just tactical solutions. We're all so focused on PCI and compliance in general, and all the silly tactical things that go around with it that we're often missing the forest for the trees.

I'd like to take a moment to applaud Dennis's efforts in creating awareness around the Web App SDLC, and the fact that we really need to think "bigger picture". I encourage you (if you're still allowed to travel due to the economic "toughness" out there) to extend your stay long enough to come out and check the conference out. I think it'll be well-worth your time, and you can bring back some take-aways which managers like to have their employees come back with. This conference Dennis is hosting will definitely be less about hacking web apps, and more about how to think long-term when securing them.

More details, and registration here:

No comments: