This year we’ll be returning to RSA to deliver a couple of 1 day training classes: application security hands on and database security hands on. Both are introductory courses that aim to get students ramped up quickly on these important topics. Know anyone who’s interested?

Come check us out at OWASP DC. We’ll be speaking on the Security Analysis of Core J2EE Patterns and teaching classes on Threat Model Express and Java Source Code Review

We’re happy to announce that our Security Analysis of the J2EE Core Patterns is now officially an OWASP project! I’ll be the project leader and look forward to getting your input on constantly improving this doc. Thanks to everyone who has supported us in this effort thus far!