RSS Feed

Entries in Conference (10)


SOURCE Barcelona: Rails Slides Posted

My presentation slides (Security Goodness with Ruby on Rails) from last week's SOURCE Barcelona Conference are posted here. During the talk I spoke about strategies for both auditing and writing more secure applications with this popular framework. I covered a number of different topics including: best practices, security tools and APIs, and how to identify and address the most common vulnerabilities.

Thanks to Stacy and the SOURCE Barcelona Advisory Board for putting on such a great conference. As always, I felt very comfortable there and had a great time. I highly recommend attending SOURCE next year and enjoying Barcelona as well.


The ISSD Conference 2011

The second International Secure Systems Development Conference (ISSD) is being held next week in London, and GDS are once again very happy to be supporting it as both speakers and conference sponsors. Event details this year are as follows:

The 2nd International Secure Systems Development Conference (ISSD)

18th & 19th May 2011, Hilton London Olympia Hotel

Dealing with Tomorrow's Threats Today - by Designing Security In

Both Matt & Justin are speaking on the opening day - Wed 18 May:

  • 10.30am - Are Agile and Secure Development Mutually Exclusive? - Matt Bartoldus
  • 11.45am - Metrics – knowing before you start – Justin Clarke

If you would like to attend its not too late - contact us (mention this blog post) and we can organize a discount on your tickets.  Hope to see you there!


Slides & Code from OWASP Appsec DC Posted

The slides from the "Unlocking the Toolkit: Attacking Google Web Toolkit" talk I gave at OWASP Appsec DC last week is available for download on the OWASP Appsec DC Wiki Page. Additionally, the source code for the GWTFuzzer proof of concept tool that was demonstrated during the talk as well as updated versions of the GWTEnum and GWTParse tools can be downloaded on github.


Slides from CSI 2010 Posted

The slides from my “Stories From the Front Lines: Deploying an Enterprise Code Scanning Program” talk I presented last week at CSI 2010 are now available for download. For those of you that didn't attend, I spoke about lessons learned, hints and tips we've utilized during a deployment of an enterprise code scanning program at a large financial services institution. If you are in the process or have plans to deploy a code scanner within your organization, please read these slides. There's lots of good information in there that could save you from unexpected SNAFUs.


ISSD Conference 

The very first International Secure Systems Development Conference (ISSD) is being held this week in London, and GDS is very happy to be supporting it from the start as both speakers and conference sponsors. Event details are as follows:

The International Secure Systems Development Conference
London 20-21st May 2010, Westminster Conference Centre
Getting Started in Building Security In

If you are planning on attending, Justin and Matt both speak on Friday (Day 2):

Be sure to stop by the GDS booth, as Justin will be signing and giving away a few free copies of his latest book "SQL Injection Attacks and  Defense".

Page 1 2