Workshop - Holistic Info-Sec for Web Developers


After a successful and productive day at New Zealand’s largest hacker conference, this training is now available for all organisations requiring it.

Dec 9, 2015 09:00 AM — 17:30 PM
Wellington, New Zealand

The content is aimed at software engineers to teach them how to think holistically about security. The theme that runs through the training and the book is pulling the security focus that’s usually left until the end of the project or “go live” right into each Sprint. Baking security into the product from the cheapest possible place. Thus saving large amounts of money due to re-work and business asset loss. Kim will be teaching attendees a very simple threat modelling process initially blue printed by one of the best security experts the world has known, Bruce Schneier, then how to apply that process to a 10,000′ view and lower for a collection of areas: Physical, People, Cloud, VPS, Network and Web Applications within each Sprint.

A hands on training. Emulating the Scrum process and augmenting with the processes and practices as the day progresses. For each of the above areas mentioned, we will be creating Product Backlog Items and a Product Owner facilitating the ordering of them. Attendees will be able to take these learnings and apply them within their own Scrum Teams.

Kim Carter
Kim Carter
Technologist / Engineer, Information Security Professional

Technologist / Engineer, Information Security Professional, Entrepreneur and the founder of BinaryMist Ltd and PurpleTeam-Labs. Ex OWASP NZ Chapter Leader of eight years. Certified Scrum Master. Facilitator, mentor and motivator of cross functional, self managing teams. With a solid 20 years of commercial industry experience across many domains.