Jon and I had a great day at OWASP AppSec. For a couple of NYC newbs, we’re getting around really well! Starting at 7:30a, we hopped on the subway for the trip to the Park Central Hotel. OWASP is taking very good care of its attendees and we got in and settled easily.

The management training was very informative and challenged how I think about security. Coming from a small SaaS firm, I was in the minority as the training was geared heavily to large organizations. This was excellent because I learned from hardened policies established by industry leading companies. I took a lot away from the group discussions because many large firms had representatives, but I also felt I was able to provide some insightful “grassroots” knowledge and approaches that working with a small organization affords. The training also provided a nice primer on attack styles, best practices to secure them, statistics on vulnerability and business effects, and how to “sell” security. Looking very forward to putting together lessons I learned to enhance how we approach current and future security opportunities.

Jon seems to really dig his defensive training, we’ve been chatting and trading ideas back and forth all night. It will be interesting to see what the second day of his course brings.

Personally, we’ve been having a great time experiencing NYC in our off-time. Had lunch at the Carnegie Deli then took a stroll to Times Square. Got our real NYC pizza fix at Arturo’s for dinner tonight, then strolled around for a couple hours just seeing what there is to see. NYC easily makes you feel very, very small!

Cheers from Chinatown.