Re: Application Security Training and awareness

[Gary Dobbins <dobbins () ND EDU>]

We were in the process of licensing WebInspect, and a member of their sales-tech team came in and did a couple-hour 
seminar on web vulns.  The audience - once they picked their jaws up from the floor - were very aware now of what could 
be done to apps they would have otherwise presumed fortified.

Perhaps you could leverage a vendor in this way.  To them it's almost a canned presentation, to your audience it may be 
astonishing.



> -----Original Message-----
> From: The EDUCAUSE Security Constituent Group Listserv
> [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Anand S Malwade
> Sent: Monday, August 03, 2009 5:01 PM
> To: SECURITY () LISTSERV EDUCAUSE EDU
> Subject: [SECURITY] Application Security Training and awareness
>
> Hello All,
>
> I am currently leading a Information Security training and awareness initiative
> and was wondering if any of you have or had technical presentations developed
> specifically to target the IT developer community about application security? I
> am planning to include some material from OWASP website.
>
> Thanks,
> Anand
>
>
>
> Anand Malwade
> Information Security Officer,
> Seton Hall University,
> anand.malwade () shu edu
> 973 275 2209