So you may have been wondering if I disappeared from the face of the planet for a while, or where I have been - well, I am still here and I have been extremely busy! Lots of things to share, both in development and application security. So I will jump right in!
At the beginning of the year I came up with a couple of goals that I wanted to achieve this year. The first of which was to speak at come conferences. I spoke at the Front Range OWASP Conference (FROC) at Auraria on June 2nd. It was a great experience, despite the technical difficulties incurred midway through my demo and now I am hooked.
I presented on using the OWASP Enterprise Security API to solve REAL WORLD security problems. The presentation was very well received and I got some great feedback from those in attendance. My presentation slides and video are available on the OWASP FROC Site and I encourage anyone to take a look at the slides and video and let me know what you think.
In addition, just this week I was at The Uberconf where I had the opportunity to co-present with Ken Sipe on both Security Code Review and the ESAPI. Needless to say I am pleasantly exhausted from the 4-day onslaught of talks and workshops that was UberConf.
The second goal I set was to start a book - and I will be using my blog as a venue to test run some ideas that I have for the book. It will be on Application Security - specifically aimed at software developers. It may or may not feature the ESAPI, but you can be assured I will be using the ESAPI in examples code samples.
I am hoping to speak at AppSecUS 2010 in September, will be attending DefCon in LV for the first time - hanging with the DC303 Crew, and am submitting to do an ESAPI BootCamp at AppSec DC and AppSec Brasil.
So as you can tell, it has been very busy.
I will begin a new series to test-run for the book called Secure Development Recipes (working title) sometime in the next week or two, so look for those here.
More to come soon! Time now for some sleep!