AUG 27

Holistic Operational Security Bringing Application, Server and Network Security Together



Seminar/trade show (noCPF)




  27 Aug 2014 through 27 Aug 2014


  ONLINE, United States

Website URL:

Sponsoring organization:



  Engineering & Technology > Computer/Informatics, Engineering & Technology > Computer/Informatics

Event description:

Overview: This presentation will be An examination of a modern rails application reviewing application security best practices going through specific rails controls for the application, best practices in deploying and how to integrate application controls, local host and network firewall controls into a self-monitoring, alerting and automated security system. all techniques and tools reviewed are open source and not only freely available but strongly encouraged to use. a short list of technologies that will be reviewed include: rails, nginx, naxsi, rack-attack, brakeman, syslog, fail2ban, ossec and more.. Why should you Attend: Do you have applications on the internet? Have you security the application in addition to the server and network it runs on? Do all components talk together to provide security for the application and your data? This presentation will examine a Ruby on Rails application with integrated security controls and show how to integrate into a holistic operational security system that protects against and responds to threats to the system. Areas Covered in the Session: Application security best practices Server / network security best practices Integrating server / network and application security into holistic security system Who Will Benefit: Application Designers Application Programmers Security Engineers System Administrators Minimal IT/Security management Speaker Profile: David Zendzian has always enjoyed finding, understanding and sharing new things in the natural, mechanical and technical worlds. After attended the college of charleston for computer science, David co-founded the first isp in Charleston in 1994 (a world of difference) and in 1997 created, the first wireless isp in the carolinas. since then David has kept active in technology as a debian developer and participated in several opensource projects (, f.i.r.e and others). He is also the co-founder of bsidescharleston(.com), a community-driven security conference for and by information security community members and is a founder and managing partner with ZZ Servers, a managed IT & Security firm with multi data-centers and offering HIPAA and fully PCI level 1 validated services for small (shared PCI services) to large (dedicated PCI) customers. David was a prior speaker at geekend on application security, and has also presented about ssl talk with brighttalk and did a short firetalk at shmoocon last year .

Posting date:

06 August 2014
731 views | Be the first to rate this event


Not-featured (How do I make my event featured?)