Press Releases
SECURITY INNOVATION EXPERT TO LEAD THREE CLASSES AT
SOFTWARE TEST AND PERFORMANCE CONFERENCE
Joe Basirico to Discuss Major Security Vulnerabilities and Strategies for Designing Secure Web Applications
Wilmington, MA - April 8, 2008 -
Security Innovation (www.securityinnovation.com), the authority on
application security and leading independent provider of risk
assessment, risk mitigation and training services, today announced
Technology and Security Services Manager Joe Basirico will be leading
three different technical classes on April 17, 2008 at the upcoming
STPCon Spring Conference in San Mateo, Calif. The three technical
classes entitled: “Secrets Your Applications Hide,” “Secure Software
Testing and Design” and “Security Testing Lessons Learned” will address
the most difficult problems and most common mistakes of Web application
security.
An estimated 75 percent of Web applications are released with security
vulnerabilities, due largely to the absence of security processes in the
development cycle. In order to produce secure Web applications,
reliability and security must be integrated into every aspect of the
software development lifecycle. For this to happen, developers must
understand quality best practices and understand the vulnerabilities
that often plague applications. Basirico will address these issues,
discussing the vulnerabilities and strategies for designing
applications. He will provide expertise on ways in which organizations
can avoid these vulnerabilities through an appropriate emphasis on
security and reliability throughout the development lifecycle.
For a complete description of each class please visit: http://www.stpcon.com/program.htm.
What: “Secrets Your Applications Hide”
When: Thursday, April 17, 2008; 8:45 a.m. – 9:45 a.m. PDT
What: “Secure Software Testing and Design”
When: Thursday, April 17, 2008; 10:30 a.m. – 11:30 a.m. PDT
What: “Security Testing Lessons Learned”
When: Thursday, April 17, 2008; 2:15 p.m. – 3:15 p.m. PDT
About Joe Basirico
Mr. Basirico has spent the majority of his educational and profession
career studying security and developing tools that assist in the
discovery of security vulnerabilities and general application problems.
His primary responsibility at Security Innovation is to deliver the
company’s Security Training Curriculum to software teams in need of
application security expertise. He has trained developers and testers
from numerous world-class organizations such as Microsoft, HP and EMC.
Mr. Basirico manages the support and documentation of Security
Innovation’s revolutionary fault-injection tool Holodeck and works
closely with the development and product management team on strategic
and tactical development. He is the author and content provider of the
company’s “SI Security Report,” a quarterly intelligence report that
provides an in-depth analysis of the techniques and tools that an
attacker could use to compromise enterprises. Basirico has written
numerous security whitepapers that focus on vulnerabilities at the
source code level, including a detailed 20-page “Static Analysis Tools”
report. Basirico holds a B.S degree in Computer Science from Montana
State University.
About Security Innovation
Security Innovation, Inc. is an independent application security firm
that offers education, risk assessment and risk mitigation solutions to
Fortune/Global 500 and enterprise IT organizations. Leading companies
such as Adobe, Cisco, Fidelity, IBM, ING, HP, Microsoft, Visa, SAP,
Symantec, VeriSign and government agencies, rely on Security
Innovation’s expertise to gain confidence in the security of
applications they build and/or acquire, and facilitate the technology,
process and management change necessary to mitigate security risk. The
company is headquartered in Wilmington, Mass., with offices in
Amsterdam, The Netherlands and Seattle, Wash. For more information about
Security Innovation, visit www.securityinnovation.com or call
+1.978.694.1008.
Contacts
Davida Dinerman or Nicole Slein
Schwartz Communications, Inc.
(781) 684-0770
sisecure@schwartz-pr.com
