{{Chapter Template|chaptername=Denver|extra=Chapter leader is Andy Lewis (many thanks to David Campbell for past leadership). |mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-denver|emailarchives=http://lists.owasp.org/pipermail/owasp-denver}}

==== Local News ====

=====Next Chapter Meeting: [http://dowasp20120118.eventbrite.com RSVP Now!]=====
Denver January 2012 meeting: January 18th, 2012: Greg Knaddison [http://2011.badcamp.net/program/sessions/how-does-drupal-security-stack "How Does Drupal Security Stack up?"]

* [http://dowasp20120118.eventbrite.com RSVP Now!]

====New Chapter Board of Directors!====
Here's the team that's putting it all together:
* Chairman/Chapter Leader - Andy Lewis
* Vice Chairman - Steve Kosten
* Communications Chairman - Craig Klosterman
* Comm Vice-Chair - Alan Darien
* Outreach & Education Chair - James Synovec
* Outreach & Education Vice Chair - Brad Carvalho
* FROC Chair - Kathy Thaxton

NOTE: THIS WIKI IS USUALLY TERRIBLY OUT OF DATE. PLEASE FOLLOW @OWASP303 ON TWITTER AND/OR [http://lists.owasp.org/mailman/listinfo/owasp-denver SUBSCRIBE TO THE MAILING LIST]



=====OWASP Podcast=====
[http://www.owasp.org/index.php/OWASP_Podcast OWASP Podcast]

=====Wassup with Boulder???=====
Boulder is presently leaderless. We hope that by moving the Denver meetings up north several miles that we can lure more of the Boulder folks to come join us in our new setup close to downtown Denver. If you're interested in taking over the Boulder chapter please let us know!

<paypal>Denver</paypal>
<hr>

==Questions, Comments==
Questions can be directed to

*Andy Lewis, Denver OWASP: alewis 'at' owasp.org

<hr>

==== Chapter Meetings ====

== Future Meetings ==

[[Denver Feb 2012 meeting | DenverOWASP201202]] - stay tuned...

[https://www.owasp.org/index.php/Front_Range_OWASP_Conference_2012 SNOWFROC 2012 ] March 22d at the Tivoli!



== Past Meetings ==
[[Denver January 2010 meeting|January 20th 2010: John Evans: Greg Knaddison [http://2011.badcamp.net/program/sessions/how-does-drupal-security-stack "How Does Drupal Security Stack up?"]]

[[Denver September 2011 meeting|September 14th 2011: Chris Schmidt "OWASP ESAPI"]]

[[Denver March 2011 meeting|March 17th 2011: Hands on "Hack a Thon"]]

[[Denver September 2010 meeting|September 22nd 2010: Eric Duprey: Application Vulnerability Shooting Gallery]]

[[Denver August 2010 meeting|August 18th 2010: Clint Pollock: Protecting Your Applications from Backdoors]]

[[Front_Range_OWASP_Conference_2010|June 2nd 2010: Front Range OWASP Conference]]

[[Denver January 2010 meeting|January 20th 2010: John Evans: Securing Webapps: An Illustrative Overview]]

[[Denver November 2009 meeting|November 18th 2009: Anton Rager: Advanced XSS]]

[[Denver August 2009 meeting|August 27th 2009: Jon Rose: Security in the Clouds]]

[[Denver May 2009 meeting|May 2009: Dr. Joseph McComb & and Daniel Weiske: Compliance and application security testing]]

[[Front_Range_OWASP_Conference_2009|March 2009: Front Range OWASP Conference (SnowFROC)]]

[[Denver January 2009 meeting|January 2009: David Campbell & Eric Duprey: Guided Tour: AppSec NYC '08 CTF]]

[[Denver October 2008 meeting|October 2008: Alex Smolen: The OWASP ASP .NET ESAPI]]

[[Denver September 2008 meeting|September 2008: John Dickson: Black Box vs. White Box: Different App Testing Strategies]]

[[Denver August 2008 meeting|August 2008: Dan Cornell: Static Analysis]]

[[Denver July 2008 meeting|July 2008: David Byrne & Eric Duprey: Grendel-Scan]]

[[Front Range OWASP Conference|June 2008: Front Range OWASP Conference: Jeremiah Grossman, Robert Hansen, and more!]]

[[Denver May 2008 meeting|May 2008: David Campbell & Eric Duprey: XSS Attacks & Defenses]]

[[Denver April 2008 meeting|April 2008: Ryan Barnett: Virtual Patching with ModSecurity]]

[[Denver February 2008 meeting|February 2008: Michael Sutton: SQL Injection Revisited]]

[[Denver June 2007 meeting|June 2007]]

[[Denver April 2007 meeting|April 2007]]

[[Denver February 2007 meeting|February 2007]]

[[Denver January 2007 meeting|January 2007]]

[[Denver November 2006 meeting|November 2006]]

==[[Related_Organizations|Local Organizations of Interest]]==

==== Mailing List ====
Join the [http://lists.owasp.org/mailman/listinfo/owasp-denver OWASP Denver Mailing List] to receive meeting notifications via email

==== Twitter Feed @owasp303 ====
Denver OWASP has created a [http://twitter.com/owasp303 Twitter feed @owasp303] to keep you in the loop. Whilst the mailing list is primarily intended to be low-traffic and only provide updates regarding the times, locations, and topics for chapter meetings, the Twitter feed will also provide noteworthy appsec updates.

{|
|-
| style="border: 1px solid rgb(204, 204, 204); width: 100%; font-size: 95%; color: rgb(0, 0, 0); background-color: rgb(236, 236, 236);" |

'''@OWASP303 Twitter Feed ([http://twitter.com/OWASP303 follow us on Twitter!])'''
<twitter>55021150</twitter>

| style="width: 110px; font-size: 95%; color: rgb(0, 0, 0);" |
|}

====Resources====

=====Denver OWASP Chapter Leaders=====
*Andy Lewis, Denver OWASP: alewis 'at' owasp.org

=====Key OWASP Resources=====
* http://www.owasp.org/images/4/41/ASVS_One_Page_Handout.pdf
* http://www.owasp.org/images/3/31/ESAPI_One_Page_Handout.pdf
* http://www.owasp.org/images/a/a1/Legal_One_Page_Handout.pdf
*
* http://www.owasp.org/images/a/a3/How_ESAPI_Works.pdf
* http://www.owasp.org/images/a/ac/LAMP_Should_be_Spelled_LAMPE.pdf
* http://www.owasp.org/images/0/01/Getting_started_designing_for_a_level_of_assurance.pdf
*
* http://www.owasp.org/index.php/Agile_Software_Development:_Don%27t_Forget_EVIL_User_Stories
* http://www.owasp.org/index.php/Man_vs._Code
*
* http://www.owasp.org/images/4/4e/OWASP_ASVS_2009_Web_App_Std_Release.pdf
*
* http://www.owasp.org/images/c/cd/PHP-ESAPI_1.0a_install.pdf
* http://www.owasp.org/images/6/67/PHP-ESAPI_1.0a_ReleaseNotes.pdf

=====Chapter Management Links=====

[[Chapter SOPs|Denver OWASP Chapter SOPs]]
__NOTOC__
<headertabs/>
[[Category:OWASP Chapter]]
[[Category:Colorado]]

Denver Feb 2012 meeting

2012-01-25T21:55:45Z

Craig Klosterman:

=Denver OWASP Meeting Feb 2012=
February's topic is a walkthrough of key OWASP projects:

#Intro to OWASP Projects
* How do they work?
* How do I participate? If something's missing, can I add it?
* What if I want to start one?

# Life Cycle (of particular value to Architects, Managers, and Project Managers)
* [https://www.owasp.org/index.php/Category:OWASP_Enterprise_Security_API ESAPIs]
* [https://www.owasp.org/index.php/Category:Software_Assurance_Maturity_Model Software Assurance Maturity Model]
* [https://www.owasp.org/index.php/Category:OWASP_Source_Code_Review_OWASP_Projects_Project Source Code Review Project]
* [https://www.owasp.org/index.php/Category:OWASP_AppSec_FAQ_Project AppSec FAQ Project]
* [https://www.owasp.org/index.php/Category:OWASP_Legal_Project OWASP Legal Project] (Outsourcing/offshoring?)

# Noteworthy Projects for Testers/QA teams
* [https://www.owasp.org/index.php/Category:OWASP_WebGoat_Project WEBGOAT!]
* [https://www.owasp.org/index.php/Category:OWASP_Testing_Project OWASP Testing Project]
* [https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project OWASP Zed Attack Proxy Project]

# Noteworthy Projects for DEFENDING your apps

Return to [https://www.owasp.org/index.php/Denver Denver OWASP main page]