April 18, 2013 Event

Application Security
Please save the date for the upcoming Cloud Security Alliance – New York Metro Chapter Meeting on Thursday, April 18. The CSA NYM will be discussing various aspects of application security in the cloud.

Topic
When adopting or developing applications for the cloud, how do you ensure that those applications meet the right security level to match the data that’s moving to the cloud? Join cloud application security experts from the industry to give you some useful information in this area.

When
Thursday, April 18
6:30pm – 9:00pm

Where
Deloitte & Touche LLP
30 Rockefeller Plaza (between 49th & 50th Streets), New York, NY, 10123

Speakers
- Jason Kent (Director) and Jason Falciola (Technical Account Manager), Qualys
- Shyama Rose (Director, Software Security Engineering), CBS

Agenda

6:00pm-6:35pm: Welcome and CSA-NY chapter update & news

6:40pm-7:20pm: 50 Shades of AppSec in the Cloud
Jason Kent, Director, Web Application Security , Qualys
Jason Falciola, Technical Account Manager, Qualys

50 Shades of AppSec in the Cloud is a group of stories from customers that are doing it both right and wrong. See if you can decide where your organization fits. Is your Application Security program doing what you need it to? Special attention will be given to extending successful AppSec programs to cloud environments.

7:20pm-8:00pm: Cloud Application Threat Modeling and Risk Elimination
Shyama Rose, Director, Software Security Engineering, CBS

It is no surprise that corporations frequently rely on applications and data in the cloud without diligently identifying threats and eliminating risks. This presentation will focus on when and how to incorporate diligence into ad-hoc and SDLC development processes including threat modeling, requirements, business requirements and testing. The discussion will include guidance for both the
corporation and vendors participating in threat identification.

8:00pm-8:20pm: Break / Open Networking

8:20pm-9:00pm: Round-table