Evaluation of the Heifer International Medium and Small Enterprises Programme...copppldsecretariat
This Medium and Small Enterprises Programme report is an evaluation of the successes of these programmes in target areas in Coast and Rift Valley. It outlines the target procedures and encompasses interviews with project participants. The evaluation report also highlights the faults and challenges encountered in the implementation of the programmes and suggests possible remedies.
[ Originally posted on http://www.cop-ppld.net/cop_knowledge_base ]
The security of an application is a continuous struggle between solid proactive controls and quality in SDLC versus human weakness and resource restrictions. As the pentester's experience confirms, unfortunatelly even in high-risk (e.g. banking) applications, developed by recognized vendors, the latter often wins - and we end up with critical vulnerabilities.
One of the primary reasons is lack of mechanisms enforcing secure code by default, as opposed to manual adding security per each function. Whenever the secure configuration is not default, there will almost inevitably be bugs, especially in complex systems. I will pinpoint what should be taken into consideration in the architecture and design process of the application. I will show solutions that impose security in ways difficult to circumvent unintentionally by creative developers. I will also share with the audience the pentester's (=attacker's) perspective, and a few clever tricks that made the pentest (=attack) painful, or just rendered the scenarios irrelevant.
Developing GeoGames for Education with Kinect and Android for ArcGIS RuntimeGabriel Moreira
This presentation is about Where Is That, a game developed for geography and history education. There are two versions, one for Android, available on Google Play, and the other for Windows.
Evaluation of the Heifer International Medium and Small Enterprises Programme...copppldsecretariat
This Medium and Small Enterprises Programme report is an evaluation of the successes of these programmes in target areas in Coast and Rift Valley. It outlines the target procedures and encompasses interviews with project participants. The evaluation report also highlights the faults and challenges encountered in the implementation of the programmes and suggests possible remedies.
[ Originally posted on http://www.cop-ppld.net/cop_knowledge_base ]
The security of an application is a continuous struggle between solid proactive controls and quality in SDLC versus human weakness and resource restrictions. As the pentester's experience confirms, unfortunatelly even in high-risk (e.g. banking) applications, developed by recognized vendors, the latter often wins - and we end up with critical vulnerabilities.
One of the primary reasons is lack of mechanisms enforcing secure code by default, as opposed to manual adding security per each function. Whenever the secure configuration is not default, there will almost inevitably be bugs, especially in complex systems. I will pinpoint what should be taken into consideration in the architecture and design process of the application. I will show solutions that impose security in ways difficult to circumvent unintentionally by creative developers. I will also share with the audience the pentester's (=attacker's) perspective, and a few clever tricks that made the pentest (=attack) painful, or just rendered the scenarios irrelevant.
Developing GeoGames for Education with Kinect and Android for ArcGIS RuntimeGabriel Moreira
This presentation is about Where Is That, a game developed for geography and history education. There are two versions, one for Android, available on Google Play, and the other for Windows.