Upcoming Events – November 15 

Use this link to register

This month’s discussion will be an interactive conversation about the current best practices in application security, including three major types of application security activities: penetration testing, code review, and architecture/design review. We’ll talk to attendees about which of these activities they typically perform as part of their SDLC, the strengths and weaknesses of each activity, and how all three fit into the overall security strategy of the organization. Bring your own questions about application security, whether they are about in-house development or third-party software–and we will also have some questions for the audience about the level of security that is being built into their SDLC.

The discussion will be led by Daniel Ramsbrock, who has been in the security field for over 10 years, with most of that time focused on application security. After three years at CapTech Ventures, he spent two years as a full-time consultant with Cigital, where he performed a variety of security activities, including code review/remediation, application penetration testing, and secure architecture reviews. Since 2014, he has been doing independent application security consulting through his Glen Allen-based company, Enigma Technologies, where he works with Cigital and several other partner firms on a variety of projects.

Chapter Overview

The Central Virginia Chapter of ISSA was founded in 2006 and is part of the national Information Systems Security Association (ISSA) (http://www.issa.org). The ISSA has more than 13,000 individual members and more than 100 chapters around the world. ISSA is the largest international, not-for-profit association for information security professionals. It provides educational forums, information resources and peer interaction opportunities to enhance the knowledge, skill and professional growth of its members. ISSA works closely with other industry organizations such as (ISC)2, ASIS, and ISACA.

The Central Virginia ISSA offers annual CISSP training from experienced and practicing Information Security Experts.

We also conduct monthly meetings on a wide variety of Information Security Topics provided by some of the most knowledgeable security professionals in the field.  Our monthly meetings at Mekong.  These meetings provide Continuing Education Credits for CISSPs and are open to ISSA Members and Non-Members.