The confirmation e-mail will contain a GoToWebinar Link - you MUST register there too. You can register day-of but it works better if you register with GoToWebinar right away. We are not able to control the additional registration in GoToWebinar at this time. Thank you for your understanding.
- 1:00 -1:10 Announcements
- 1:10-2:00 Using the browsers built-in firewall: Content Security Policy (CSP)
Speaker: Jeremy Druin
Principal Security Architect, Owner of Ellipsis Information Security. OSCP, GISF, GSEC, GCIH-GOLD, GWAPT-GOLD, GPEN-GOLD, GMOB, GXPN-GOLD, Sec+
Jeremy works as the Principal Security Architect for UPS where he created the application security, bug bounty and penetration testing programs. Jeremy is also the owner of Ellipsis Information Security where he provides security testing services and teaches secure application development and penetration testing courses.
As a Director of Education for the Kentucky ISSA chapter, Jeremy presents on various information security topics along with operating the "webpwnized" YouTube video channel. Additionally, Jeremy develops the open-source OWASP Mutillidae II training environment.
Jeremy has a Bachelors in Computer Science from Indiana University, a Graduate Certificate in Cybersecurity and Masters in Computer Science from the University of Louisville and is a GIAC-certified Web Application, Mobile and Network Security Penetration Tester.
Abstract: Content Security Policy (CSP) is a feature of modern browsers that allows developers to approve code and features allowed to run on the web page. CSP is powerful but there are caveats. This presentation covers CSP strengths and limitations along with practical experience in implementing CSP for applications.
Are non-members and guests welcome at meetings and events?
Yes, we welcome individuals at large from the security community to join us for any of our events. We simply ask that, after experiencing the value of our community at two events, individuals consider joining ISSA for the additional benefits that membership provides.
Why do we have to register to attend meetings and events?
Besides assisting the board with planning logistics for our events, registering for meetings and events, provides you with self-service documentation you can print out to support your CPE credits if you are audited.
***Information/image release. By registering for this event, I agree that:
I am allowing my contact information included in the registration to be shared with MN ISSA and I may be contacted by MN ISSA
I grant MN ISSA and/or ISSA International the right to use any candid photos or videos taken during the event in future marketing and communication efforts, to include, but not limited to, websites, brochures, advertisements, magazines, newspapers, newsletters, emails, videos and web conferences.
If this is a joint chapter meeting with another local security organization -or- a sponsor-driven event, my basic information (name, email) will be shared with the other organization.