Workshop - Holistic Info-Sec for Web Developers - Intense


Four hours of intense hands-on threat modelling, attack and defence strategy training for Web Developers wishing to understand their attackers better, stay ahead of them and create cost effective defence strategies.

Nov 16, 2016 09:00 AM — 13:00 PM
Wellington, New Zealand

The content is aimed at software engineers to teach them how to think holistically about security. The theme that runs through the training, and the book, is pulling the security focus that’s usually left until the end of the project or “go live” right into each Sprint. Baking security into the product from the cheapest possible place. Thus saving large amounts of money due to re-work and business asset loss. Kim will be teaching attendees a very simple threat modelling process initially blue printed by one of the best security experts the world has known, Bruce Schneier, then how to apply that process to a 10,000′ view and lower for a collection of areas:

Within each Sprint.

A hands on training, taking the attackers perspective and extracting a set of development related processes and practises that can be augmented with your Scrum Teams existing processes and practices, creating minimum disruption and maximum cost effective security. Attendees will be able to take these learnings and apply them within their own Scrum Teams.

Kim Carter
Kim Carter
Technologist / Engineer, Information Security Professional

Technologist / Engineer, Information Security Professional, Entrepreneur and the founder of BinaryMist Ltd and PurpleTeam-Labs. Ex OWASP NZ Chapter Leader of eight years. Certified Scrum Master. Facilitator, mentor and motivator of cross functional, self managing teams. With a solid 20 years of commercial industry experience across many domains.