Menu:

Continental Breakfast: Assorted Danish, Assorted Mini Muffins, Assorted Mini Bagels and Cream cheese/Butter Assorted Juices - Orange, Cranberry, Grapefruit Coffee and Tea Water and Iced Tea

Luncheon Buffet: Tossed Salad with House Dressing Buffet Selection: Broiled Scallops, Beef Bourguignnone with Rice, Vegetable Lasagna Buttered Parsley Potatoes, Broccoli, Glazed Carrots, Rolls and Butter Mixed Sweet Tray Coffee, Tea and Iced Tea Sodas
 

Price:                                             

Members $35
Non-Members $60
Late Registrants Additional $20
(Member Prices are for all ISACA and ISSA members and members of the local chapters of the IIA, AGA, and CFE)

REGISTER HERE AND PAY AT MEETING

REGISTER AND PREPAY WITH A CREDIT CARD. (Google Checkout)

Discussion: "Don't Write Your Own Security Code - the OWASP Enterprise Security API" - Application security is arguably the most difficult IT challenge facing organizations today. There are over 600 different categories of vulnerabilities to avoid and they are all tricky. Most of these problems are related to the design, implementation, and use of a relatively small set of security controls. To solve this problem for developers, Jeff created the OWASP ESAPI project - a clean intuitive toolbox of the core security building blocks that every web developer needs. In this talk, Jeff will show you how to create an ESAPI for your organization that will solve the OWASP Top Ten vulnerabilities, increase assurance, and dramatically cut costs all at the same time. The ESAPI is a free and open collection of all the security methods that a developer needs to build a secure web application. You can just use the interfaces and build your own implementation using your company's infrastructure. Or, you can use the reference implementation as a starting point. In concept, the API is language independent.

Speaker Profile: Jeff Williams is the founder and CEO of Aspect Security <http://www.aspectsecurity.com/> , specializing in application security services. Jeff also serves as the volunteer Chair of the Open Web Application Security Project (OWASP <http://www.owasp.org/> ). Jeff has made extensive contributions to the application security community through OWASP, including the Top Ten, WebGoat, Secure Software Contract
Annex, Application Security Desk Reference, Enterprise Security API <http://www.owasp.org/index.php/ESAPI> , and the local chapters program. Jeff holds advanced degrees in psychology, computer science, and human factors, and graduated cum laude from Georgetown Law.

Reservations: For reservations, please submit via the web site http://www.isaca-cmc.org/ or call Pat Hamilton at (301) 592-5042 by NOON on Friday, October 3rd. If there is no answer, please leave a voice mail message when prompted. If you wish to have the reservation confirmed be sure to leave a return phone number. You will automatically receive a confirmation if you registered via the web site. We will attempt to accommodate walk-ins, but please secure your seat with a timely reservation and avoid the late fees.

Cancellation Policy:
A registrant is responsible for the full cost of a meeting if reservations are not cancelled by noon on the Friday prior to the Chapter Meeting. Substitutions are acceptable. Please email Pat Hamilton at meetings@isaca-cmc.org to cancel a reservation.