—< NORTHEAST OHIO INFORMATION SECURITY FORUM MEETING
—< Wednesday March 19, 2014
—< 6:30 PM – 8:00 PM
—< Pizza and social start 6:00 PM
—< Location: Freedom Square III at 4511 Rockside Rd.,
off Rockside Road, Independence, Ohio
—< Open to everyone and free as always
The Northeast Ohio Information Security Forum will hold our monthly
meeting at the above date and time.
Notice this is in a new location!!!!
We are in the amphitheater of Freedom Square III at 4511 Rockside Rd., off Rockside Road, Independence, Ohio. This is not the old building we were in. This is a new building, and is across Rockside Road from the old location.
Map to the Location
Security Omnipresence: Infiltrating Every Level of a Mature Agile Development Lifecycle
by Márion Z. Nepomuceno and Kris French
It's easy for a security professional to feel like he's alone,
especially when there are already mature processes in place
designed to function without him. And if he does finally break
into the development lifecycle, he certainly can't be everywhere
at once. Or can he? We'll show you how we infiltrated the
development lifecycle, spread the message of security, and
recruited shadowy agents of change to achieve security omnipresence.
Marion Nepomuceno is a security engineer at Hyland Software
in charge of developing training materials, and working closely
with the nearly 200-person development staff on improving their
secure coding skills and the security of the product. Marion has
given several presentations and classes to audiences of varying sizes
on the topic of security concepts and the SDL. He headed up the project
to re-fit Microsoft's SDL processes to work within Hyland which houses
several different waterfall-based and agile processes. This project has enjoyed
significant success that has drawn the attention of the local security community.
Kris French is a security tester at Hyland Software, and single-handedly created
the security program for the QA department. Kris is in charge of creating
training materials, creating and leading classes for his security-focused
internal education track, managing the QA security champions group, and
collaborating with development to aid in the creation of an overall
security direction for the company. Kris is also an active member in his
local security community and frequent contributor to the proceedings of
the OWASP Cleveland chapter. Together, Marion and Kris have orchestrated
the company-wide adoption of security practices and continue to do so.
They are currently working on refining these methods so that they can
be more easily implemented elsewhere. Because of these efforts,
Hyland is now a noted member of the local security community, becoming
host and sponsor of the OWASP Cleveland meetings.
Don’t forget to come early, starting at 6:00 PM, for pizza and pop.
Another great meeting from NEO Info Sec Forum – we hope to see you there!
– NEOISF Board –