What:
Ashwani Kaul, Vice President, Professional Services and Education for Ounce Labs, will present a session titled 'Accountability in Outsourcing' at the eighth semi-annual Software Assurance Forum sponsored by the Department of Homeland Security Office of Cybersecurity and Communications National Cyber Security Division, Department of Defense Office of the Assistant Secretary of Defense, Identity and Information Assurance and the Department of Commerce National Institute for Standards and Technology Information Technology Laboratory.
Overview:
Although outsourcing application development can provide cost savings, organizations need to consider the additional risks associated with this process. The rise in third-party, offshore development has raised significant questions regarding the security of applications that are being developed offshore and subsequently deployed into a production environment with minimal, or no security testing.
In this session, Mr. Kaul discusses ways to incorporate software assurance into outsourcing contracts, while also requiring a measurable, objective review of the offshore developed applications to reduce liability; support compliance efforts; ensure data integrity; and increase availability and stability of applications. Participants will learn how to develop an outsourcer report card to:
- Most effectively analyze outsourced applications;
- Measure the security of delivered code; and
- Develop baseline metrics to use as security acceptance criteria.
Where:
The conference is being held on May 6-8 at the Sheraton Premiere at Tysons Corner in Vienna, VA
When:
Mr. Kaul will present on Wednesday, May 7th at 3:30 p.m.
Speaker:
Ashwani is the head of Ounce Labs' professional services and education groups and brings a strong technology background in software development and information security, with expertise in the areas of information security, application security, risk management and regulatory compliance. He also has expertise in software development of large, secure, scalable and distributed systems in the Internet/e-Commerce and Client-Server environments.
Prior to joining Ounce Labs, Ashwani was responsible for managing the security practice for CA Inc. for the eastern United States and CA's top global customers. Prior to CA, Ashwani was responsible for developing the application security and HIPAA compliance practices for Ernst and Young LLP and providing trusted advisory services to C-level management at various Fortune 100 companies.
About Ounce Labs, Inc.
Ounce Labs' industry-leading source code analysis solutions enable organizations to analyze their applications to identify, prioritize and eliminate software security vulnerabilities. Ounce delivers the accuracy, immediate time-to-value, and automated workflow that large enterprises demand while helping organizations such as EDS, IBM, Intel, Lockheed Martin, MFS, the U.S. Government Accountability Office, Unisys and VeriSign, to strengthen application security and protect confidential information. Ounce also helps organizations to verify compliance with internal policies and industry mandates including PCI DSS, FISMA, HIPAA and others. For more information, please visit www.ouncelabs.com.
# # #
Ounce Labs is a registered trademark of Ounce Labs, Inc. in the United States and other countries. Other product or service names mentioned herein are the trademarks of their respective owners.
