AppSec Brazil 2011, an event sponsored by Elipse Software in Porto Alegre, discussed best practices and solutions to prevent Internet attacks
Figure 1. Meeting organized by OWASP has brought together the top experts in the industry
On days 4-7 October, the city of Porto Alegre hosted AppSec Brazil 2011, a meeting of Latin American leaders in the field of Information Security, sponsored by the Brazilian company Elipse Software. Organized by OWASP, an international community bringing together leading experts on the subject, the event attracted about 250 people, including professionals, and teachers and students at the Pontifical Catholic University of Rio Grande do Sul (PUCRS).
Throughout the four-day meeting, participants were able to attend a series of trainings and conferences with big names in the industry.Chris Evans, leader of the team responsible for developing security systems for Google Chrome, and Bryan Sullivan, senior security researcher at Adobe Systems, with passages by HP and Microsoft, were among the speakers.
With a degree in Computer Science from PUCRS in 1997, and now working as Senior Manager of Product Security Group at Symantec, a company acknowledged worldwide for helping customers protect their data and systems, Cassio Goldschmidt was one of those responsible for organizing the AppSec Brazil. Committee member of OWASP world, Goldschmidt said he had been impressed by the large number of students enrolled in courses offered in this edition, which was the third one being promoted in Brazil.
"This edition was sensational. The total amount of people enrolled in Brazil for AppSec 2011 was not only higher than the total enrolled in the two previous editions held in the country (the first in the Chamber of Deputies, in Brasilia, and the second at CPqD in Campinas), but also than the total amount of people enrolled in courses offered in some meetings in the United States and Europe. This only comes to prove the increased interest on the part of the Brazilian and Latin American markets to acquire more knowledge about security systems", he said.
Asked about the importance of Elipse's participation in this event, Goldschmidt responded directly and succinctly.
"Certainly, Elipse Software is above the curve when compared to other companies because they have noticed that hacker attacks are not restricted to banks and security firms, but also to automation companies."
Dinis Cruz, senior security engineer at Security Innovation, a company based in London, says that, unlike Elipse, most companies worry about hiring a professional in cybersecurity only after being attacked. This culture, he said, still prevails in Brazil and abroad, but that has slowly been changing thanks to the support of organizations such as OWASP.
"We need to make all companies see that having a team of security professionals is as important as having a team of programmers. A professional that is able to list the vulnerabilities of your application or system, and from that list, say what action should be taken to avoid creating any problems before they happen", he advises.
This cultural change is also being gradually adopted by the Brazilian federal government. Legislative Analyst at the Center for Computing Science of the House of Representatives, Lucas Ferreira de Carvalho reveals that actions are being taken towards not only strengthening national security, but also encouraging the creation of knowledge to create solutions and services to be shared with the market.
"Currently, the government is setting up a Cyber Defense Centre, an organization that will act in the national army. Although it may seem an initiative with a more military bias, this project will cause companies and universities involved in it to develop products and services that, once created, can be marketed. That’s the idea, to make the creation of the Defense Center stimulate the development of technologies and services with the most diverse application areas", said the analyst.
"It has to work. Nowadays, you cannot live without it", he added, pointing to the importance of Brazil have defense mechanisms against Internet attacks.
For more information about AppSec Brazil 2011, visit the website.