IOActive to Present at Seattle OWASP Meeting

IOActive's security consultants, Walter Pearce and Wade Winright, to discuss best practices for securing web applications

Seattle, Wash—April 15, 2010. IOActive, a leading provider of software assurance, compliance, and smart grid security services, today announced that two of its consultants, Walter Pearce and Wade Winright, will present When Tools Are Not Enough: Best Practices for Securing Web Applications at the Seattle OWASP meeting. OWASP is a nonprofit organization focused on improving the security of application software. Its mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks.

With demands of regulatory compliance, many organizations look to scanning tools as a solution to examine their web applications. However, it is unwise to expect scanners alone to determine the impact of web application vulnerabilities. This presentation will discuss best practices for web application security, including when and how to use tools in addition to penetration testing.

WHAT  When Tools Are Not Enough: Best Practices for Securing Web Applications

WHERE  Bellevue Las Margaritas, 437 108th Ave NE, Bellevue, WA 98004

WHEN  April 28, 2010. 6:30 pm

HOW  For more information, visit the OWASP website.

About Walter Pearce
Walter Pearce is a senior security consultant at IOActive, experienced in enterprise-level application assessment and consultation. At IOActive he performs penetration testing, identifies system vulnerabilities, and designs custom security solutions for clients in software development, telecommunication, financial service, and professional service industries. Pearce has performed security assessments and IT security support services for many companies in the Fortune 100 including involvement in the largest existing penetration test of a major educational institution. He regularly leads IOActive training courses on numerous topics that include web application security, secure coding in C# and C++, and threat modeling.

About Wade Winright
Wade Winright is a security consultant at IOActive, experienced in network and web application penetration testing , forensics, and incident response. At IOActive he performs vulnerability and enterprise risk assessments of application, systems, and infrastructure in addition to advanced penetration test engagements for clients that include Fortune 100 companies in software development, telecommunications, financial services, and professional services. Winright is a SANS GIAC Certified Incident Handler with a focus on incident handling and hacker tools/techniques.

About IOActive
Established in 1998, IOActive is an industry leader that offers comprehensive computer security services with specializations in smart grid technologies, software assurance, and compliance. Boasting a well-rounded and diverse clientele, IOActive works with a majority of Global 500 companies including power and utility, hardware, retail, financial, media, router, aerospace, high-tech, and software development organizations. As a home for highly skilled and experienced professionals, IOActive attracts the likes of Dan Kaminsky, Ilja van Sprundel, Mike Davis, and Wes Brown—talented consultants who contribute to the growing body of security knowledge by speaking at such elite conferences as Black Hat, Ruxcon, Defcon, Shakacon, BlueHat, CanSec, and WhatTheHack. For more information, visit www.ioactive.com.

-###-