Presentations

Enterprise Security API (ESAPI) Java (PDF Format) - San Antonio Java User Group, June 3, 2010

Vulnerability Management in an Application Security World (PDF Format) - FROC 2010, June 2, 2010

The Permanent Campaign: Driving a Secure Software Initiative in the Enterprise (PDF Format) - FROC 2010, June 2, 2010

Vulnerability Management in an Application Security World (PDF Format) - OWASP AppSec DC, November 12, 2009

Vulnerability Management in an Application Security World (PDF Format) - OWASP Austin, October 27, 2009

Rolling Out an Enterprise Source Code Review Program (PDF Format) - OWASP San Antonio, October 21, 2009

The Permanent Campaign - Driving Software Security Initiatives in the Enterprise (PDF Format) - ISSA Denver, October 21, 2009

Jump-Start Your Application Security Knowledge: For the Network Security Guy Who Knows Nothing about Applications (PDF Format) - Webinar, October 19, 2009

Securing and Modernizing Applications for Texas State Agencies (PDF Format) - DIR Roundtable in Austin, August 26, 2009

Social Networks & Security: What Your Teenager Likely Won't Tell You (PDF Format) - CSO Roundtable, August 21, 2009

Application Assessment Techniques (PDF Format) - OWASP Northern Virginia, August 6, 2009

Vulnerability Management in an Application Security World (PDF Format) - OWASP DC, August 5, 2009

Building an Organizational Application Security Competency (PDF Format) - RSA Conference in San Francisco, April 24, 2009

What You Don't Know Can Hurt You: Security Professionals and Custom Apps (PDF Format) - RSA Conference in San Francisco, April 24, 2009

Securing SharePoint (PDF Format) - TASSCC Technology Education Conference in Austin, March 26, 2009

Securing Sharepoint (PDF Format) - Texas Regional Infrastructure Security Conference (TRISC) in Austin, March 24, 2009

The Permanent Campaign: Driving a Secure Software Initiative in the Enterprise (PDF Format) - Texas Regional Infrastructure Security Conference (TRISC) in Austin, March 24, 2009

Vulnerability Management in an Application Security World (PDF Format) - OWASP Minneapolis, March 16, 2009

Vulnerability Management in an Application Security World (PDF Format) - SnowFROC, March 5, 2009

Vulnerability Management in an Application Security World (PDF Format) - OWASP Dallas, February 25, 2009

Vulnerability Management in an Application Security World (PDF Format) - OWASP San Antonio, January 29, 2009

Static Analysis Techniques for Testing Application Security (PDF Format) - Houston TechFest, January 24, 2009

Black Box versus White Box: Different App Testing Strategies (PDF Format) - ISSA Minnesota, January 20, 2009

Static Analysis Techniques for Testing Application Security (PDF Format) - OWASP Boulder, August 21, 2008

Static Analysis Techniques for Testing Application Security (PDF Format) - OWASP Denver, August 20, 2008

Augmenting Dynamic Application Security Testing with Static Analysis (PDF Format) - IBM Rational Software Development Conference, June 4, 2008

Application Security: Static Analysis, Dynamic Analysis and How to Use Them Together (PDF Format) - Recent Object-Oriented Trends (ROOTs Conference), Bergen Kongressenter, Norway, April 29, 2008

Securing the SDLC: A Case Study (PDF format) - Texas Regional Infrastructure Security Conference (TRISC), San Antonio, April 22, 2008

Static Analysis Techniques for Testing Application Security (PDF format) - OWASP, Austin, March 25, 2008

Static Analysis Techniques for Testing Application Security (PDF format) - OWASP, San Antonio, January 31, 2008

Threat Modeling for the Masses: Threat Modeling Applied (WMV format) - Part 2 of Webinar Series, November 27th, 2007

Threat Modeling for the Masses: Basic Threat Modeling (WMV format) - Part 1 of Webinar Series, November 13th, 2007

Top Two Application Security Scanner Companies Get Acquired: The Fallout and Industry Reaction (WMV format) - Webinar, September 5th, 2007

Web 2.0 and AJAX Security - OWASP, Montgomery, Alabama, August 21st, 2007

Agile and Secure: Can We Be Both (PDF format) - Association of Information Technology Professionals (AITP), San Antonio, August 15th, 2007

Cross Site Request Forgery (CSRF) (PDF format) - OWASP, Austin, July 31st, 2007

Agile and Secure: Can We Be Both? (PDF format) - OWASP, Chicago, June 20th, 2007

Threat Modeling: A Secure Development Tool for Security Professionals (PDF format) - ISSA, San Diego, June 20th, 2007

Agile and Secure: Can We Be Both? (PDF format) - Java Users Group, Chicago, June 19th, 2007

Agile and Secure: Can We Be Both? (PDF format) - SASPIN, San Antonio, June 13th, 2007

Web 2.0 Security (PDF format) - OWASP, Houston, Texas, June 5, 2007

OWASP Top Ten: Evolution from 2004 to 2007 (PDF format) - Internal Denim Group Briefing

Web 2.0 Security (PDF format) - Web Services Security Conference, Baltimore, Maryland, May 9th, 2007

Web Application Remediation (PDF format) - OWASP San Antonio, March 28th, 2007

Web 2.0 Security (PDF format) - AJAXWorld 2007, New York City, NY, March 21st, 2007

Threat Modeling (PDF format) - OWASP, Austin, Texas, October 31st, 2006

Using Sprajax to Test AJAX Security (PDF format)- OWASP AppSec 2006, Seattle, WA, October 16th, 2006

Agile and Secure: Can We Be Both? (PDF format) - OWASP AppSec 2006, Seattle, WA, October 16th, 2006

Introduction to Web Application Security (PDF format) - Microsoft CSP Roundtable - Houston, Texas, September 13th, 2006

AJAX Security - Here We Go Again (PDF format) - OWASP Austin, Texas, August 29th, 2006

Turning the Battleship - How to Build Secure Software in Large Organizations (PDF format) - ISACA North Dallas, May 11th, 2006

The Second Most Secure Database (PDF format) - ISACA North Dallas, May 11th, 2006

AJAX Security: Here We Go Again (introduces Sprajax, AJAX security assessment tool) (PDF format) - OWASP San Antonio, April 19th, 2006

Business Intelligence: Real ROI Using the Microsoft Business Intelligence Platform (PDF format) - Microsoft Houston Office, Houston, Texas, April 6th, 2006

Building Solutions with SharePoint Technologies (PDF format) - Technology Advocates of San Antonio, March 15th, 2006

An Introduction to Application Security in ASP.NET Environments (PDF format) - Houston .NET User Group, February 23rd, 2006

The Second Most Secure Database (PDF format) - OWASP San Antonio, February 16th, 2006

Data Strategies for Growing Companies: Moving Beyond Access and Excel (PDF format) - Seminar: Data Strategies for Growning Companies, Double Tree Hotel, San Antonio, Texas, November 30th, 2005

Introduction to Application Security (PDF format) - Double Tree Hotel, San Antonio, Texas, November 11th, 2005

Building Solutions with SharePoint Technologies (PDF format) - Sharepoint Seminar, November 4th, 2005
Watch Video

How to Build a Trusted Application (PDF format) - Dallas ISSA, October 20th, 2005

Introduction to Application Security (PDF format) - River Oaks Country Club, Houston, Texas, October 19th, 2005

Building Solutions with SharePoint Technologies (PDF format) - Sharepoint Seminar, August 31st, 2005

Threat Modeling - Categorizing the Nature and Severity of Application Vulnerabilities (PDF format) - OWASP San Antonio, August 18, 2005

Threat Modeling - Categorizing the Nature and Severity of Application Vulnerabilities (PDF format) - Alamo ISSA, August 16th, 2005

An Introduction to Application Security in J2EE Environments (PDF format) - Dallas Java Metroplex Users Group, March 9th, 2005

Application Security and the SDLC (PDF format) - San Antonio Software Process Improvement Network (SA-SPIN) September 8th, 2004

Custom Application Security (PDF format) - ISACA Houston, July 2004

Application Security and the SDLC (PDF format) - San Antonio Software Process Improvement Network (SA-SPIN) June 9th, 2004