West Coast Security Forum: Identity Management Theme

Last year I spoke at the West Coast Security Forum and awarded the Best Presenter Award.  I was happy to be invited back and speak at this West Coast Security Forum, on Threat Modeling: Improving the Application Lifecycle on November 14, 2005 in Vancouver BC.  http://www.wcsf.com  Personally, this is one of my favorite Security topics as this reinforces the issue that Security is a process and not a product.  Threat modeling ties nicely into the Applicaiton Lifecylce and effectively using tools to assist with Security and pinpoint areas that requires Code Security Review.  Without a methodology in place, code security reviews would be extremely diffcult to do when you have ten thousands line of codes.  You require a process that will highlight the areas in your applicaiton that requires a Code Security Review.

This year the theme will be on Identity Management which is quickly becoming a major concern in the IT industry.  A good look at Microsoft approach to Identity Management can be found on my colleague--Ryan Storgaard--blog.  http://blogs.msdn.com/stoey/archive/2005/07/08/436934.aspx

Hope to see everyone at this year West Coast Security Forum.  Please drop by the Microsoft exhibitor booth and say hello.