[SC-L] win win for owasp and television spots
Boberski, Michael [USA]
boberski_michael at bah.com
Fri Jan 22 09:41:24 EST 2010
My #1 rule is to avoid jargon and to speak in as conversational a way as possible, targeting (and retargeting as the conversation progresses) the level of detail/abstraction to the targeted audience, whether it's one person or a bunch. Start broad, then narrow it down, change direction as the flow of the conversation dictates.
E.g.,
Is your application "this" secure (hand gesture) or "T--H--I--S" secure (bigger hand gesture)? This is what application security is all about. Application security can perhaps be thought of in terms of buying, building, and breaking software.........BLAH BLAH..........[buy=OWASP legal project's contract annex, build=OWASP ESAPI, break=OWASP ASVS]......[awareness=OWASP Top 10].......[injecting security into development cycles=OWASP SAMM]...... To explain further, to put all of this together.......While most people are familiar with passwords, and people like to say "firewall!", authentication, encryption and digital signatures, and logging are only the beginning, in terms of application security. Additional technical security controls are necessary to write applications that can (or should) be trusted by the customer not to spill data regardless of environment, from private networks to clouds, given modern-day threats.........BLAH BLAH..........China! Google! .........BLAH BLAH..........
FWIW,
Best,
Mike B.
-----Original Message-----
From: sc-l-bounces at securecoding.org [mailto:sc-l-bounces at securecoding.org] On Behalf Of Matt Parsons
Sent: Friday, January 22, 2010 5:40 AM
To: 'Secure Code Mailing List'
Subject: Re: [SC-L] win win for owasp and television spots
Ladies and Gentlemen,
I am starting to get approached by a few television stations to talk about application security. I would like to promote Owasp in these talks. What
would be the best way to do it professionally and competently?
See below news story.
Thanks,
Matt
http://www.the33tv.com/news/kdaf-password-security-jim,0,3650695.story
Matt Parsons, MSM, CISSP
315-559-3588 Blackberry
817-294-3789 Home office
mailto:mparsons1980 at gmail.com
http://www.parsonsisconsulting.com
http://www.o2-ounceopen.com/o2-power-users/
http://www.linkedin.com/in/parsonsconsulting
http://parsonsisconsulting.blogspot.com/
_______________________________________________
Secure Coding mailing list (SC-L) SC-L at securecoding.org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
as a free, non-commercial service to the software security community.
_______________________________________________
More information about the SC-L
mailing list