Sdlc Panel Appsecdc presented at OWASP Appsec 2009

by Dan Dan cornell (Denim Group), Keith Turpin (Boeing), Michael Craigue (DELL), Dennis Hurst (hewlett packard ), Joey Peloquin (FishNet Security),

Tags: Panel


Summary : A discussion of Software Development Life Cycle implementations by industry leading experts.

This panel will be moderated by Pravir Chandra, Leader of the OpenSAMM project.

Dan Dan cornell: Dan Cornell has over twelve years of experience architecting, developing and securing web-based software systems. As a Principal of Denim Group, he leads the organization's technology team overseeing methodology development and project execution for Denim Group's customers. He also heads the Denim Group application security research team, investigating the application of secure coding and development techniques to the improvement of web based software development methodologies. In addition, Dan Cornell performed as the CTO of BrandDefense, architecting and developing their cutting-edge intellectual property protection technologies. Over a one year period of development he brought their web-based intellectual property protection technologies through three major versions, surpassing the applications of well funded and entrenched competitors. Previously he was the Vice President, Global Competency Leader for Rare Medium's Java and Unix competency center, based in San Antonio, Texas with development centers in New York, San Francisco, Atlanta and Sydney, Australia. He directed the development of best practices and policy for the cornerstone of Rare Medium's technical development arm, specializing in server-side Java application development. Prior to its acquisition by Rare Medium, Cornell was a founder and Vice President of Engineering for Atension, Inc. where he led the technical development team and served as the architect for the company's internal engineering practices. In March 1999, Texas Monthly magazine named Cornell and his partners, Sheridan Chambers and Tyson Weihs, to its list of 30 "Multimedia Whizzes Under Thirty" doing business in Texas.

Dennis Hurst: Dennis Hurst is a Senior Security Engineer for HP Software, and heads a team of web application security experts. Prior to HP, Dennis was a Developer Security Evangelist for S.P.I. Dynamics, Inc., acquired by HP in August 2007. Dennis is an expert in system design, implementation and maintenance of complex multi-vendor, multi-platform computer applications and networks. He was the lead developer of SPI Dynamics’ flagship web application vulnerability assessment product, WebInspect™, and now works with other development organizations evangelizing the need to integrate security into the Software Development Lifecycle (SDLC). Dennis is a founding member of the Cloud Security Alliance, and recently co-wrote the application security section of the “Security Guidance for Critical Areas of Focus in Cloud Computing.”