Skip Main Navigation
Page Content
This event has ended

Save This Event

Event Saved

VanSecSIG, (ISC)² and ISSA May Meeting

Vancouver SecSIG, (ISC)² Vancouver Chapter, and ISSA Vancouver Chapter

Friday, 12 May 2017 from 2:00 PM to 4:00 PM (PDT)

VanSecSIG, (ISC)² and ISSA May Meeting

Registration Information

Type Remaining End Quantity
Limited Seating RSVP 23 Registrations Ended Free  

Event Details

May 2017 Education Session

Presented by Vancouver Security SIG, (ISC)² Vancouver Chapter, and ISSA Vancouver Chapter

Friday May 12th from 2:00 PM to 4:00 PM (PDT)

Featured Presentation Topic: Security Testing for DevOps

Speaker: Yang Yu (Ping Identity)

Security testing could mean many different things. In this presentation, it’s mainly referring to security functional testing, a type of software testing whose main goal is to make sure security controls in an application are working as expected. For example, if account locking is used to prevent brute­ force attacks, there should be corresponding tests to verify that account locking is working properly.

Sounds simple? But surprisingly, the development processes of many applications don’t include this type of testing. They use static analysis tool to scan the source code, they use dynamic analysis tool to scan the application, but they don’t cover this basic hygiene!

To develop effective security tests, it’s important to have a good understanding of the real threats to the application and let the threats drive the creation of the tests.

In the DevOps world, security functional testing is a perfect security control to integrate with the pipeline and to promote collaboration between Dev and Security.

After attending this presentation attendees should be able to understand:

● The importance of automated security functional testing
● How to use threat modeling to drive the testing
● How to integrate the testing into CI/CD pipeline
● The pitfalls that you need to watch out for


Biography:

Yang Yu is a developer turned security engineer at Ping Identity. He is experienced in securing on­ premise and SaaS applications, running a secure SDLC program, and performing information security risk assessments. His current interest is in integrating security with DevOps.

 

 

There are limited seats at this venue so you must RSVP to attend. If the session is fully booked you will only be offered an option to register for the waitlist. If you need to cancel your registration please contact the organizer or cancel via Eventbrite so that someone else can take your spot.

Have questions about VanSecSIG, (ISC)² and ISSA May Meeting? Contact Vancouver SecSIG, (ISC)² Vancouver Chapter, and ISSA Vancouver Chapter

When & Where


KPMG - KCampus, 4th floor
777 Dunsmuir Street
Vancouver, BC V7Y 1K3
Canada

Friday, 12 May 2017 from 2:00 PM to 4:00 PM (PDT)


  Add to my calendar

Organizer

Vancouver SecSIG, (ISC)² Vancouver Chapter, and ISSA Vancouver Chapter

The Vancouver Security Special Interest Group (SecSIG) and the (ISC)² Vancouver Chapter are unincorporated groups of professionals who work together to promote and support the information security profession.  We operate purely on a volunteer basis, and do not charge membership or event fees.  We hold joint meetings together with the ISSA Vancouver Chapter, as part of bringing the information security community in Vancouver together.

  Contact the Organizer

Interested in hosting your own event?

Join millions of people on Eventbrite.

Please log in or sign up

In order to purchase these tickets in installments, you'll need an Eventbrite account. Log in or sign up for a free account to continue.