After two years of operation of specialization certification, called Concentrations, the (ISC)², next year we have agreed with the agency to start giving courses, specifically and in a pioneering way of ISSMP (focused on Security Management) and ISSAP (focused on Security Architecture).

Given the need for expansion of knowledge and expertise of professionals in IT and security we believe that now the right time to launch this initiative, on which, during 2008 we have noticed a growing interest.

More information about this certifiactions is available at (ISC)² website.

Internet Security Auditors & Telindus UTE managed to obtained approval from the Centre for Telecommunicacions i Tecnologies de la Informació (CTTI) for sublots "Services Deployment Plans for Security and Business Continuity" and "Audit Services ICT "in the new 2008 Framework Agreement. This shows the value of the synergy that has been achieved with Telindus and CTTI staff has considered and shows that, along with others in the industry, placing us among the 15 companies in the field of IT Security in Spain.

Given the relevance of the project "Ciutat WiFi" for the city of Sant Feliu de Llobregat, SIC magazine considered interesting to publish an article in which we present the details of the project.

We hope this new service approach, regulated and controlled, is the beginning of wireless access to citizens without the controversy, that other projects have had for the possibilities of free access that they offer and the competitive situation with telcos which does not allow the law and the CMT (Commission of Telecommunications Market).

You can find the article in our downloads zone.

The OWASP Spain chapter participated in the European meeting which was held in Portugal from Novembre 3rd to 6th in the OWASP Summit Portugal 2008,where the leading experts in secure developing gathered to provide training and to present their and OWASP projects.

Vicente Aguilera, gave a seminar entitled "Web Application Assessments: Reconnaissance and Profiling" focused on auditing techniques to teach security professionals and developers.

You can find the presentation in our downloads zone.

For second time in 2008, a new Meeting of the OWASP Spanish Chapter was celebrated with success similar to the last event, with over 140 registered. In this case, Jesus Olmos, Audit team member gave a technical presentation on "Analysis of Eco" for auditing applications.

You can find this presentation in our downdload zone and all session pictures and presentations in OWASP website.

In 2009, the (ISC)² launches a new certification program called CSSLP (Certified Secure Software Lifecycle Professional) and fills a major gap in security, partly covered by the certifications as ECSP of EC-Council (much more technical and focused to specific technologies), as is the management of security in the full lifecycle software development (SDLC).

Internet Security Auditors will organize one of the first offical preparatory courses for CSSLP certification in Europe during the second half of 2009.

More information about CSSLP certification can be found at (ISC)² website.

On October 1st, the first Gimcana WiFi was organized by the city hall of Sant Feliu de Llobregat in order to inaugurate its new wireless access for citizens which is pioneer in Spain.

This WiFi access is the first to allow access to the network through authentication with digital certificates that are initially issued by CATCert (Catalan Certification) and which may extend to the use of electronic ID card and other

You can obtain more information in Sant Feliu City Hall website .

Four years have passed since our partnership with (ISC)² was launched and since then we have gone from just over 50 certified CISSP in Spain to almost 500. The effort we have developed in the promotion and consolidation of this certification as a requirement almost inexcusable for any security professional or related to it, has made that the world reference agency has granted us the qualification of Education Affiliate Partner.

You can see the worlwide list at (ISC)² website.

During the Technical Conference of the UOC, performed at Universitat Oberta de Catalunya facilities, and broadcast by videoconference in Castelldefels and 22@, we had the opportunity to offer a presentation on the OWASP project and broad aspects of security web development under the title "OWASP Project and Secure Development aspects" through the invitation of the UOC Security Team whom we thank the deference.

Within the framework of one of the most important events in the security sector, Securmática 2008, SIC magazine, presented the award to the OWASP Spanish Chapter in recognition of its efforts in spreading security in web development.

Mor information in SIC magazine website and in OWASP Spanish Chapter website.

Between March 27th and 28th in Barcelona, the VI RedIRIS Security Forumwas held on. It was organized jointly by the CESCA (Supercomputing Centre of Catalonia) and RedIRIS/Red.es. You can find more information on the website of RedIRIS.

On this occasion, Vicente Aguilera gave the presentation titled "OWASP and its contribution to the international community. Security in the relations of confidence.".

You can find in our area of downloads.

If something is unclear at this point is that the OWASP Spanish Chapter is one that has more support in Europe. There are currently more than 260 on the OWASP list for discussion and the Meeting was attended by over 140 security professionals in Spain.

The presentations that were offered can be downloaded from the OWASP Spanish chapter.

From Internet Security Auditors, we congratulate all members of the Spanish chapter and we continue to support initiatives like OWASP and the chapter lead by Vicente Aguilera, a partner of our firm.

Thanks to the good relationship that we have several years with the (ISC)², reference agency global security, which provides, inter alia, the CISSP certification (Certified Information Systems Security Professional), will be in Madrid on 11 and 12 June talking about the benefits of certification security officers.

The next June 17 will participate as sponsors and speakers at the event organized by AKJ Associates in Madrid to treat different aspect of the standard PCI DSS. At this meeting point of reference we will meet with other experts from companies such as Visa, America Express, Cisco, Telefonica, etc.. To bring the experiences of implementing the standard for secure credit card data.

More information in PCI Madrid.

On its #78 issue corresponding to February edition, the SIC magazine published the article written by Miguel Angel Dominguez on the standard that has been revised and has become managed by the PCI SSC. This standard determines the secure developmental requirements which all the electronic payment process involved aplications have to implement: PA-DSS (Payment Application Data Security Standard).

You can find the article in our zone of Downloads.

Continuing with our constant desire to be the latest in all aspects of security, and specifically in the area of training, this year began offering certification courses on Management Service in IT certification and ISO 20000 Lead Auditor Management of the Business Continuity, with certifications BS 25999 Lead Auditor. In addition, we have incorporated into our programme of EC-Council certifications of the current v2 EC-Council Certified Secure Programmer, which covers all aspects of security in application development.