The next few days 10 and 11 December shall be the first conference jointly organized by the chapters in Spain and Portugal from the OWASP in what purports to be the referent of security event in development of Southern Europe: IBWAS'09, Iberic Web Application Security Conference 2009.

How could it be otherwise in our continuing support for the nonprofit organization participate in conferences where technical team members have been elected by the committee on some of his presentations, and as sponsors of this event, supporting organizing the event along with other organizations and the International OWASP own, to be held in the facilities of the School of Telecommunications Engineering of the Polytechnic University of Madrid.

More information and registration on the IBWAS 2009 website.

The next 22 and 23 October the ISACA chapter of Valencia organized as each year the National Congress of Audit, Security and IT Governance.

In this event come together eminent personalities from the corporate, institutional and teaching related to Information Technology and Communications. Its objective, the dissemination of knowledge, methodologies, best practices, procedures, standards in the areas of Audit, Control and Governance of Information Technology.

The call for this year made a presentation related to Security in Development compliance applied to PA-DSS standard safety related applications and means of payment products.

Congress information and registration at the congress website.

Red Seguridad magazine in its issue for the month of July 2009 published an article by Miguel Angel Dominguez, Director of Consulting Dept. of Internet Security Auditors , which developed the current trends in the field of certification of Information Security.

Today certification has become a major tool to validate the knowledge of IT security professionals, and although can not replace the professional experience if they are an important reference for industry professionals both technical as at management level.

The article makes a journey through the various existing certifications currently on Information Security (CISA, CISM, CISSP, CSSLP, CE, CHFI, ISO27001 LA, ...), detailing the highlights of each, and the international institute or entity to which they are attached (ISC ², EC-Council, ISACA, BSI, SANS or BCI).

You can find the full article in our Downloads area.

On 1 September they were awarded the prizes awarded annually EC-Council between its official partners. Internet Security Auditors was awarded "Circle of Excellence ATC-2009" thus recognizing the contribution of IsecAuditors to improve overall knowledge of Information Security.

Internet Security Auditors was named the winner among a large group of entities associated with the network training EC-Council Training Partner, and after meeting the strict criteria set by the jury of the awards EC-Council. The award recognizes the commitment and achievements made by Internet Security Auditors in relation to training and awareness in the area of Information Security.

Jay Bavisi, president of EC-Council, congratulated the winners "for their dedication to the Industry of Information Security and achievements", likewise, Jay, said "the work of improving the overall security situation Information held by schools winning trainers".

You can find more info on the training courses offered by Internet Security Auditors in our Training area.

The Colombian Association of Systems Engineers (ACIS) published an article in the magazine number 110 of its systems, in which one member of the consulting team at Internet Security Auditors gives an overview of the main requirements of PCI DSS standard.

After touring the 12 requirements of safety regulations on credit cards, the article focuses on the importance to this rule is the implementation of good management and monitoring of logs and events. The installation of such systems allows, according to the article, prevent, detect, contain, correct and evaluate any threat that affects the information related to credit card data and / or debit card.

You can find the full article in our Downloads area.

For the second consecutive year the Spanish team "Sexy Panda" qualified for the finals "Capture the Flag" of the DefCon 2009, the most important meeting of hackers on the planet. The final of this championship will be held at a luxury hotel in Las Vegas during the month of August and will consist of servers from attack and defend as quickly as possible, trying to outdo other teams of renowned specialists in Information Security from every around the world.

"Capture the Flag" is a kind of contest of "hacking" and Las Vegas DF one is considered one of the toughest in the world. Each team receives an identical server, which includes a number of vulnerabilities. Participating teams must find and exploit security flaws in servers from rival teams, while defending their own.

Several team members "Sexy Panda" are part of the audit team at Internet Security Auditors.

In the edition for the month of June, the SIC magazine, in its section on Projects, includes an article describing a collaboration between Rural Servicios Informáticos (RSI) and Internet Security Auditors.

The project in question involved the design and implementation of a Secure Programming Methodology (METPROGSEC) within what is called S-SDLC (Secure Software Development Lifecycle), associated with SDLC (Secure Development Lifecycle).

The implementation of this methodology began with a design phase and then continue with the awareness and security training in the process of developing its people, being the first two key pieces and fundamental part of the project.

You can find the full article in our Downloads area.

Internet Security Auditors participate in what is to become a series of conferences promoted by the Catalan Agency for Data Protection (APDCat) designed to provide a broad view of security, beyond the LOPD and security of personal information. Awareness and dissemination of security in all its aspects is the key to global security in all companies and organizations, public or private and the goal of APDCat is to promote that philosophy.

In these early days, whose theme will be on the Analysis and Risk Management raises interesting papers, roundtables and workshops so that they can serve as an informative event and mainly trainer.

The event will be held in the magnificent setting of CosmoCaixa in Barcelona on June 9. You can find more information on our website and in the Agencia de Protección de Datos de Cataluña site.

ISACA's chapter of Valencia invited the Director of Audit and Chairman of the OWASP Chapter of Spain to participate in technical conferences last Tuesday 21 April.

During these sessions, Vicente Aguilera gave a lecture, entitled "Building Secure Software and purpose of the Authority, showed the best practices contained in the major security initiatives currently existing software.

Also addressed the need for commitment of the Managing to achieve the successful implementation of these good security practices, and how to justify security investment in the current economic crisis.

You can find the presentation by Vicente Aguilera in our Downloads area.

In the process of excellence and expertise in strategic areas such as security in payment processing, Internet Security Auditors goes a step further and under the strict criteria of the PCI SSC, gets the PA-QSA certification.

This certification, complementing PCI DSS, which certifies companies and their payment processes, allows for third parties and certify products that are used in infrastructure involved in electronic payment processes, both in the physical world (POS, fee collection systems in car parks and highways, ticket machines and tickets, etc..) and virtual (virtual POS, payment gateways, 3D Secure products, etc.).. All products that are used for electronic payment must be certified to work in an increasingly demanding industry.

Internet Security Auditors, as security experts and specialists in the field of security in software development, has brought extensive experience to achieve this certification, which places it as a pioneer in developing security software in Spain and the audit and security consulting.

The next May will be held another edition of the OWASP Spain Chapter Meeting. The what is the fifth edition of this renowned event will be held on 15th of May in the Assembly Hall of the Ateneo Barcelonès.

The president of the Spanish chapter of OWASP, Vicente Aguilera, along with other recognized figures of Information Security, will participate in various presentations and panel discussions.

You can find the detailed agenda of the event on the web OWASP.

In the issue 84, the SIC magazine for the month of April 2009, includes an article that explains the details of implementation of PCI DSS that has made Internet Security Auditors in LocalBilling Solutions Ltd.

LocalBilling Solutions is a service provider focused primarily on the payment process for e-commerce companies. As a provider of such solutions, LocalBilling Solutions collects, stores and transmits payment card data and therefore decided to bet on the implementation of the PCI DSS security standard.

In this deployment, LocalBilling Solutions has enjoyed the support of Internet Security Auditors who has provided advice and support required to successfully implement the projects that have enabled it to achieve compliance with PCI DSS.

You can find the article in our Downloads area.

In the January of Network Security magazine included an interview with Vicente Aguilera, president of the Spanish chapter of the Open Web Application Security Project (OWASP) and partner co-founder of Internet Security Auditors. In this interview, Vicente traces the history of the OWASP since birth internationally back in 2000, through the creation of the Spanish chapter in December 2005 until the present time.

The Spanish chapter president listed the main priorities of this organization and reels off the various activities of the same. Vincent also gives his expert opinion on how open source can help improve the security of information technologies.

You can find the article on our Downloads area.

At number 83, the SIC magazine (Computer and Communications Security), and within their Proposals section, we had the opportunity to describe our Anti-Malware Security Service. This article pinpoints the operation of this service, which has been developed to address this growing malware on trusted sites.

The dynamics of malware attacks and / or trojanizations has evolved, so that sites that are trusted, may have been committed, and be infecting the users themselves without the owners of the websites it becomes known. Against this new way of attack, the AntiMalware Security Service has been created.

You can find the article on our Downloads area.

Within our growing commitment to the coming year we doubled the space of our facilities in Barcelona, where we have two floors in the building where our office is situated. As always since our inception we continue to grow slowly but surely. Our clients require us to do so and this allows us to increase our services, our team and our office facilities.