https://wiki.owasp.org/api.php?action=feedcontributions&feedformat=atom&user=Dmitry+DessiatnikovOWASP - User contributions [en]2026-06-02T02:55:27ZUser contributionsMediaWiki 1.27.2https://wiki.owasp.org/index.php?title=Salt_Lake_City&diff=242216Salt Lake City2018-08-02T03:52:51Z<p>Dmitry Dessiatnikov: /* The next meeting is scheduled for Thursday February 1st, 2018 in conjunction with UtahSec */</p>
<hr />
<div>Welcome to the Salt Lake chapter homepage. The chapter leader is [Mailto:dmitry.dessiatnikov@gmail.com Dmitry Dessiatnikov] <br />
<br />
'''[http://lists.owasp.org/mailman/listinfo/owasp-salt_lake Click here] to join the local chapter mailing list.'''<br />
<br />
== ''The next meeting is scheduled for Thursday August 2nd, 2018 in conjunction with [http://www.utahsec.org UtahSec]'' ==<br />
<br />
<br />
'''''Date:'''''<br />
<br />
''' Thursday August 2, 2018'''<br />
<br />
<br />
'''''Time:'''''<br />
<br />
'''6 - 8 pm'''<br />
<br />
<br />
'''''Meeting location:'''''<br />
<br />
'''801 labs 353 east 200 south suite #B'''<br />
<br />
'''Salt Lake City, UT''' <br />
<br />
'''''Meeting Agenda:'''''<br />
<br />
Richard Ullrich - Cybersecurity Career Developmen<br />
<br />
Alan Jex - will also be talking about careers in Cybersecurity<br />
<br />
'''''Everyone is welcome to join us at our chapter meetings'''''<br />
<br />
== Past Meetings ==<br />
=== OpenSAMM Project - Alan Jex - 3 Jan 2013 ===<br />
<br />
Alan discussed the Open Security Assurance Maturity Model (OpenSAMM) including his success at leveraging it to do a successful crawl/walk/run expansion of AppSec at his day job. HP hosted and served food (thanks!).<br />
Slides are available by clicking [[media:UtahSec-Software Assurance Maturity Model.pptx|here.]]<br />
<br />
<!-- maybe need this link https://www.owasp.org/index.php/File:UtahSec-Software_Assurance_Maturity_Model.pptx <br />
!--><br />
[[Category:Utah]]</div>Dmitry Dessiatnikovhttps://wiki.owasp.org/index.php?title=Salt_Lake_City&diff=237198Salt Lake City2018-02-01T05:35:32Z<p>Dmitry Dessiatnikov: /* Past Meetings */</p>
<hr />
<div>Welcome to the Salt Lake chapter homepage. The chapter leader is [Mailto:dmitry.dessiatnikov@gmail.com Dmitry Dessiatnikov] <br />
<br />
'''[http://lists.owasp.org/mailman/listinfo/owasp-salt_lake Click here] to join the local chapter mailing list.'''<br />
<br />
== ''The next meeting is scheduled for Thursday February 1st, 2018 in conjunction with [http://www.utahsec.org UtahSec]'' ==<br />
<br />
<br />
'''''Date:'''''<br />
<br />
''' Thursday February 1st, 2018'''<br />
<br />
<br />
'''''Time:'''''<br />
<br />
'''6 - 8 pm'''<br />
<br />
<br />
'''''Meeting location:'''''<br />
<br />
'''801 labs 353 east 200 south suite #B'''<br />
<br />
'''Salt Lake City, UT''' <br />
<br />
'''''Meeting Agenda:'''''<br />
<br />
'''- Chris Hopkins (Hydroplane):'''<br />
<br />
'''- Packet Squirrel (Hands On)'''<br />
<br />
'''- Dean Sapp: Next-Gen Endpoint Security'''<br />
<br />
'''''Everyone is welcome to join us at our chapter meetings'''''<br />
<br />
== Past Meetings ==<br />
=== OpenSAMM Project - Alan Jex - 3 Jan 2013 ===<br />
<br />
Alan discussed the Open Security Assurance Maturity Model (OpenSAMM) including his success at leveraging it to do a successful crawl/walk/run expansion of AppSec at his day job. HP hosted and served food (thanks!).<br />
Slides are available by clicking [[media:UtahSec-Software Assurance Maturity Model.pptx|here.]]<br />
<br />
<!-- maybe need this link https://www.owasp.org/index.php/File:UtahSec-Software_Assurance_Maturity_Model.pptx <br />
!--><br />
[[Category:Utah]]</div>Dmitry Dessiatnikovhttps://wiki.owasp.org/index.php?title=Salt_Lake_City&diff=229917Salt Lake City2017-05-23T04:42:11Z<p>Dmitry Dessiatnikov: </p>
<hr />
<div>== ''The next meeting is scheduled for Thursday June 1st, 2017 in conjunction with [http://www.utahsec.org UtahSec]'' ==<br />
<br />
<br />
'''''Date:'''''<br />
<br />
''' Thursday June 1st, 2017'''<br />
<br />
<br />
'''''Time:'''''<br />
<br />
'''6 - 8 pm'''<br />
<br />
<br />
'''''Meeting location:'''''<br />
<br />
'''CB106 on the UVU campus in Orem'''<br />
<br />
'''''Presentation:'''''<br />
<br />
'''Dmitry Dessiatnikov from Security Aim will present on the topic: "What’s new in 2017 OWASP Top 10 Application Security Risks – a view from the tranches".''' <br />
<br />
'''We will discuss the changes in the proposed 2017 OWASP Top 10 risks list and how they reflect the constantly changing threat landscape of applications as seen from the perspective of an application penetration tester.'''<br />
<br />
''Everyone is welcome to join us at our chapter meetings'''<br />
<br />
== Past Meetings ==<br />
=== OpenSAMM Project - Alan Jex - 3 Jan 2013 ===<br />
<br />
Alan discussed the Open Security Assurance Maturity Model (OpenSAMM) including his success at leveraging it to do a successful crawl/walk/run expansion of AppSec at his day job. HP hosted and served food (thanks!).<br />
Slides are available by clicking [[media:UtahSec-Software_Assurance_Maturity_Model.pptx|here.]]<br />
<br />
<!-- maybe need this link https://www.owasp.org/index.php/File:UtahSec-Software_Assurance_Maturity_Model.pptx <br />
!--><br />
[[Category:Utah]]</div>Dmitry Dessiatnikovhttps://wiki.owasp.org/index.php?title=Salt_Lake_City&diff=229353Salt Lake City2017-05-03T02:51:06Z<p>Dmitry Dessiatnikov: /* The next meeting is scheduled for Thursday January 5th, 2017 in conjunction with UtahSec */</p>
<hr />
<div>== ''The next meeting is scheduled for Thursday May 4th, 2017 in conjunction with [http://www.utahsec.org UtahSec]'' ==<br />
<br />
<br />
'''''Date:'''''<br />
<br />
''' Thursday May 4th, 2017'''<br />
<br />
<br />
'''''Time:'''''<br />
<br />
'''6 - 8 pm'''<br />
<br />
<br />
'''''Meeting location:'''''<br />
<br />
'''801 Labs'''<br />
<br />
'''353 East 200 South Suite #B'''<br />
<br />
'''Salt Lake City, UT 84111'''<br />
<br />
<br />
<br />
'''''Presentations:'''''<br />
<br />
'''''"Jon Jarvis from SecureUtah.org will be presenting on data privacy and surveillance capitalism.'''''"<br />
<br />
'''''"Presenter from 801 Labs"'''''<br />
<br />
''Everyone is welcome to join us at our chapter meetings'''<br />
<br />
== Past Meetings ==<br />
=== OpenSAMM Project - Alan Jex - 3 Jan 2013 ===<br />
<br />
Alan discussed the Open Security Assurance Maturity Model (OpenSAMM) including his success at leveraging it to do a successful crawl/walk/run expansion of AppSec at his day job. HP hosted and served food (thanks!).<br />
Slides are available by clicking [[media:UtahSec-Software_Assurance_Maturity_Model.pptx|here.]]<br />
<br />
<!-- maybe need this link https://www.owasp.org/index.php/File:UtahSec-Software_Assurance_Maturity_Model.pptx <br />
!--><br />
[[Category:Utah]]</div>Dmitry Dessiatnikovhttps://wiki.owasp.org/index.php?title=Salt_Lake_City&diff=224644Salt Lake City2017-01-02T02:21:33Z<p>Dmitry Dessiatnikov: </p>
<hr />
<div>== ''The next meeting is scheduled for Thursday January 5th, 2017 in conjunction with [http://www.utahsec.org UtahSec]'' ==<br />
<br />
<br />
'''''Date:'''''<br />
<br />
''' Thursday January 5th, 2017'''<br />
<br />
<br />
'''''Time:'''''<br />
<br />
'''6 - 8 pm'''<br />
<br />
<br />
'''''Meeting location:'''''<br />
<br />
'''LDS Riverton Office Building'''<br />
<br />
'''3740 W 13400 S'''<br />
<br />
'''Riverton, UT 84065'''<br />
<br />
'''(Inform security guard at the front desk that you are attending OWASP)'''<br />
<br />
<br />
'''''Presentations:'''''<br />
<br />
'''''"ISACA is presenting first.'''''"<br />
<br />
'''''"Followed by OWASP: How to integrate security into Agile SDLC using OWASP Application Security Verification Standard and how data is exfiltrated out of your web applications "'''''<br />
<br />
'''By Dmitry Dessiatnikov of Security Aim'''<br />
<br />
'''''Agenda: '''''<br />
<br />
OWASP Top 10 awareness document debuted in 2003, but it only covers top 10 risks, what about #11? Now in 2017 meet OWASP Application Security Verification Standard (ASVS) v.3.0.1.<br />
<br />
This is an introductory presentation about what OWASP ASVS is and how to use it to integrate security into the aspects of Agile software development process. Such activities as definition of security-focused user stories, both functional and non-functional requirements will be discussed. The presentation will cover how to inject security and privacy considerations into the early phases of the Agile software development process to address the risks of security bugs pushed to production during frequent releases.<br />
<br />
As a bonus we will discuss a Same Origin Policy bypass that allows data exfultration that most applications are not protected from.<br />
<br />
''Everyone is welcome to join us at our chapter meetings'''<br />
<br />
== Past Meetings ==<br />
=== OpenSAMM Project - Alan Jex - 3 Jan 2013 ===<br />
<br />
Alan discussed the Open Security Assurance Maturity Model (OpenSAMM) including his success at leveraging it to do a successful crawl/walk/run expansion of AppSec at his day job. HP hosted and served food (thanks!).<br />
Slides are available by clicking [[media:UtahSec-Software_Assurance_Maturity_Model.pptx|here.]]<br />
<br />
<!-- maybe need this link https://www.owasp.org/index.php/File:UtahSec-Software_Assurance_Maturity_Model.pptx <br />
!--><br />
<br />
[[Category:Utah]]</div>Dmitry Dessiatnikovhttps://wiki.owasp.org/index.php?title=Salt_Lake_City&diff=223765Salt Lake City2016-12-01T02:46:15Z<p>Dmitry Dessiatnikov: </p>
<hr />
<div>== ''The next meeting is scheduled for Thursday December 1, 2016 in conjunction with [http://www.utahsec.org UtahSec]'' ==<br />
<br />
<br />
'''''Date:'''''<br />
<br />
''' Thursday December 1, 2016'''<br />
<br />
<br />
'''''Time:'''''<br />
<br />
'''6 - 8 pm'''<br />
<br />
<br />
'''''Meeting location:'''''<br />
<br />
''801Labs Hackerspace @ 353 East 200 South Suite #B Salt Lake City, UT 84111"<br />
<br />
<br />
'''''Agenda: First we’ll hear from Justin Searle, and then we’ll plan out the meeting schedule for 2017.'''<br />
<br />
''Everyone is welcome to join us at our chapter meetings'''<br />
<br />
== Past Meetings ==<br />
=== OpenSAMM Project - Alan Jex - 3 Jan 2013 ===<br />
<br />
Alan discussed the Open Security Assurance Maturity Model (OpenSAMM) including his success at leveraging it to do a successful crawl/walk/run expansion of AppSec at his day job. HP hosted and served food (thanks!).<br />
Slides are available by clicking [[media:UtahSec-Software_Assurance_Maturity_Model.pptx|here.]]<br />
<br />
<!-- maybe need this link https://www.owasp.org/index.php/File:UtahSec-Software_Assurance_Maturity_Model.pptx <br />
!--><br />
<br />
[[Category:Utah]]</div>Dmitry Dessiatnikovhttps://wiki.owasp.org/index.php?title=Salt_Lake_City&diff=223764Salt Lake City2016-12-01T02:45:58Z<p>Dmitry Dessiatnikov: </p>
<hr />
<div>== ''The next meeting is scheduled for Thursday December 1, 2016 in conjunction with [http://www.utahsec.org UtahSec]'' ==<br />
<br />
<br />
'''''Date:'''''<br />
<br />
''' Thursday December 1, 2016'''<br />
<br />
<br />
'''''Time:'''''<br />
<br />
'''6 - 8 pm'''<br />
<br />
<br />
'''''Meeting location:'''''<br />
<br />
''801Labs Hackerspace @ 353 East 200 South Suite #B Salt Lake City, UT 84111"<br />
<br />
<br />
'''''Agenda: First we’ll hear from Justin Searle, and then we’ll plan out the meeting schedule for 2017.''''<br />
<br />
''Everyone is welcome to join us at our chapter meetings'''<br />
<br />
== Past Meetings ==<br />
=== OpenSAMM Project - Alan Jex - 3 Jan 2013 ===<br />
<br />
Alan discussed the Open Security Assurance Maturity Model (OpenSAMM) including his success at leveraging it to do a successful crawl/walk/run expansion of AppSec at his day job. HP hosted and served food (thanks!).<br />
Slides are available by clicking [[media:UtahSec-Software_Assurance_Maturity_Model.pptx|here.]]<br />
<br />
<!-- maybe need this link https://www.owasp.org/index.php/File:UtahSec-Software_Assurance_Maturity_Model.pptx <br />
!--><br />
<br />
[[Category:Utah]]</div>Dmitry Dessiatnikovhttps://wiki.owasp.org/index.php?title=Salt_Lake_City&diff=223763Salt Lake City2016-12-01T02:45:08Z<p>Dmitry Dessiatnikov: </p>
<hr />
<div>== ''The next meeting is scheduled for Thursday December 1, 2016 in conjunction with [http://www.utahsec.org UtahSec]'' ==<br />
<br />
<br />
'''''Date:'''''<br />
<br />
''' Thursday December 1, 2016'''<br />
<br />
<br />
'''''Time:'''''<br />
<br />
'''6 - 8 pm'''<br />
<br />
<br />
'''''Meeting location:'''''<br />
<br />
''801Labs Hackerspace @ 353 East 200 South Suite #B Salt Lake City, UT 84111"<br />
<br />
<br />
'''''Agenda: First we’ll hear from Justin Searle, and then we’ll plan out the meeting schedule for 2017.''''"<br />
<br />
''Everyone is welcome to join us at our chapter meetings'''<br />
<br />
== Past Meetings ==<br />
=== OpenSAMM Project - Alan Jex - 3 Jan 2013 ===<br />
<br />
Alan discussed the Open Security Assurance Maturity Model (OpenSAMM) including his success at leveraging it to do a successful crawl/walk/run expansion of AppSec at his day job. HP hosted and served food (thanks!).<br />
Slides are available by clicking [[media:UtahSec-Software_Assurance_Maturity_Model.pptx|here.]]<br />
<br />
<!-- maybe need this link https://www.owasp.org/index.php/File:UtahSec-Software_Assurance_Maturity_Model.pptx <br />
!--><br />
<br />
[[Category:Utah]]</div>Dmitry Dessiatnikovhttps://wiki.owasp.org/index.php?title=Salt_Lake_City&diff=222984Salt Lake City2016-11-03T08:49:16Z<p>Dmitry Dessiatnikov: </p>
<hr />
<div>== ''The next meeting is scheduled for Thursday November 3, 2016 in conjunction with [http://www.utahsec.org UtahSec]'' ==<br />
<br />
<br />
'''''Date:'''''<br />
<br />
''' Thursday November 3, 2016'''<br />
<br />
<br />
'''''Time:'''''<br />
<br />
'''6 - 8 pm'''<br />
<br />
<br />
'''''Meeting location:'''''<br />
<br />
''UVU, in room CB 106. Parking is free after 5, and there should be parking in L3/L4/L5/L6.''<br />
<br />
'''''Agenda: Troy Jessop of UtahSaint and SaintCon fame will be our first presenter. We’ll then have a presenter representing DC801''''' <br />
<br />
'''Everyone is welcome to join us at our chapter meetings'''<br />
<br />
== Past Meetings ==<br />
=== OpenSAMM Project - Alan Jex - 3 Jan 2013 ===<br />
<br />
Alan discussed the Open Security Assurance Maturity Model (OpenSAMM) including his success at leveraging it to do a successful crawl/walk/run expansion of AppSec at his day job. HP hosted and served food (thanks!).<br />
Slides are available by clicking [[media:UtahSec-Software_Assurance_Maturity_Model.pptx|here.]]<br />
<br />
<!-- maybe need this link https://www.owasp.org/index.php/File:UtahSec-Software_Assurance_Maturity_Model.pptx <br />
!--><br />
<br />
[[Category:Utah]]</div>Dmitry Dessiatnikovhttps://wiki.owasp.org/index.php?title=Salt_Lake_City&diff=220915Salt Lake City2016-09-01T03:19:52Z<p>Dmitry Dessiatnikov: </p>
<hr />
<div>== ''The next meeting is scheduled for Thursday September 1, 2016 in conjunction with [http://www.utahsec.org UtahSec]'' ==<br />
<br />
<br />
'''''Date:'''''<br />
<br />
''' Thursday September 1, 2016'''<br />
<br />
<br />
'''''Time:'''''<br />
<br />
'''6 - 8 pm'''<br />
<br />
<br />
'''''Meeting location:'''''<br />
<br />
''801 Labs<br />
353 East 200 South Suite #B<br />
Salt Lake City, UT 84111''<br />
<br />
'''''Agenda: machine learning applied to cyber security''''' <br />
<br />
'''''Presenter: Justin Searle, UtiliSec''''' <br />
<br />
'''Everyone is welcome to join us at our chapter meetings'''<br />
<br />
== Past Meetings ==<br />
=== OpenSAMM Project - Alan Jex - 3 Jan 2013 ===<br />
<br />
Alan discussed the Open Security Assurance Maturity Model (OpenSAMM) including his success at leveraging it to do a successful crawl/walk/run expansion of AppSec at his day job. HP hosted and served food (thanks!).<br />
Slides are available by clicking [[media:UtahSec-Software_Assurance_Maturity_Model.pptx|here.]]<br />
<br />
<!-- maybe need this link https://www.owasp.org/index.php/File:UtahSec-Software_Assurance_Maturity_Model.pptx <br />
!--><br />
<br />
[[Category:Utah]]</div>Dmitry Dessiatnikovhttps://wiki.owasp.org/index.php?title=Salt_Lake_City&diff=220322Salt Lake City2016-08-10T23:05:14Z<p>Dmitry Dessiatnikov: </p>
<hr />
<div>== ''The next meeting is scheduled for Thursday August 11, 2016 in conjunction with [http://www.utahsec.org UtahSec]'' ==<br />
<br />
<br />
'''''Date:'''''<br />
<br />
''' Thursday August 11, 2016'''<br />
<br />
<br />
'''''Time:'''''<br />
<br />
'''6 - 8 pm'''<br />
<br />
<br />
'''''Meeting location:'''''<br />
<br />
''10876 S River Front Pkwy #500, South Jordan, UT 84095''<br />
<br />
"Enter the main lobby, and take the elevator to the fifth floor. Enter<br />
the glass doors and head up the stairs. At the top of the stairs,<br />
head straight past the cubicles and offices. You’ll see the open area<br />
where we’ll be meeting. Signs will be put up to help out as well."<br />
<br />
<br />
'''''Agenda: Recap of BlackHat and DEFCON''''' <br />
<br />
'''''Presenter: Justin Searle, UtiliSec''''' <br />
<br />
'''Everyone is welcome to join us at our chapter meetings'''<br />
<br />
== Past Meetings ==<br />
=== OpenSAMM Project - Alan Jex - 3 Jan 2013 ===<br />
<br />
Alan discussed the Open Security Assurance Maturity Model (OpenSAMM) including his success at leveraging it to do a successful crawl/walk/run expansion of AppSec at his day job. HP hosted and served food (thanks!).<br />
Slides are available by clicking [[media:UtahSec-Software_Assurance_Maturity_Model.pptx|here.]]<br />
<br />
<!-- maybe need this link https://www.owasp.org/index.php/File:UtahSec-Software_Assurance_Maturity_Model.pptx <br />
!--><br />
<br />
[[Category:Utah]]</div>Dmitry Dessiatnikovhttps://wiki.owasp.org/index.php?title=Salt_Lake_City&diff=218792Salt Lake City2016-07-11T05:07:47Z<p>Dmitry Dessiatnikov: /* The next meeting is scheduled for Thursday August 11, 2016 in conjunction with UtahSec */</p>
<hr />
<div>== ''The next meeting is scheduled for Thursday August 11, 2016 in conjunction with [http://www.utahsec.org UtahSec]'' ==<br />
<br />
<br />
'''''Date:'''''<br />
<br />
''' Thursday August 11, 2016'''<br />
<br />
<br />
'''''Time:'''''<br />
<br />
'''6 - 8 pm'''<br />
<br />
<br />
'''''Meeting location:'''''<br />
<br />
''Workfront, 3301 N Thanksgiving Way #100, Lehi, UT 84043''<br />
<br />
<br />
'''''Agenda: Beyond OWASP Top 10, meet OWASP Top 155 or Application Security Verification Standard (ASVS) and how to integrate it into Agile SDLC''''' <br />
<br />
'''''Presenter: Dmitry Dessiatnikov, Security Aim''''' <br />
<br />
'''''Abstract: <br />
<br />
OWASP Top 10 awareness document debuted in 2003 and since then has been widely adopted as a standard. It is a great introductory resource, but only covers top 10 risks, what about #11? Now in 2016 meet OWASP Application Security Verification Standard (ASVS) v.3.0.1.<br />
<br />
This is an introductory presentation about what OWASP ASVS is and how to use it to integrate security into the aspects of Agile software development process. Such activities as definition of security-focused user stories, both functional and non-functional requirements will be discussed. The presentation will cover how to inject security and privacy considerations into the early phases of the Agile software development process to address the risks of security bugs pushed to production during frequent releases.'''<br />
<br />
'''Everyone is welcome to join us at our chapter meetings'''<br />
<br />
== Past Meetings ==<br />
=== OpenSAMM Project - Alan Jex - 3 Jan 2013 ===<br />
<br />
Alan discussed the Open Security Assurance Maturity Model (OpenSAMM) including his success at leveraging it to do a successful crawl/walk/run expansion of AppSec at his day job. HP hosted and served food (thanks!).<br />
Slides are available by clicking [[media:UtahSec-Software_Assurance_Maturity_Model.pptx|here.]]<br />
<br />
<!-- maybe need this link https://www.owasp.org/index.php/File:UtahSec-Software_Assurance_Maturity_Model.pptx <br />
!--><br />
<br />
[[Category:Utah]]</div>Dmitry Dessiatnikovhttps://wiki.owasp.org/index.php?title=Salt_Lake_City&diff=218791Salt Lake City2016-07-11T05:06:32Z<p>Dmitry Dessiatnikov: /* The next meeting is scheduled for Thursday August 11, 2016 in conjunction with UtahSec */</p>
<hr />
<div>== ''The next meeting is scheduled for Thursday August 11, 2016 in conjunction with [http://www.utahsec.org UtahSec]'' ==<br />
<br />
<br />
'''''Date:'''''<br />
<br />
''' Thursday August 11, 2016'''<br />
<br />
<br />
'''''Time:'''''<br />
<br />
'''6 - 8 pm'''<br />
<br />
<br />
'''''Meeting location:'''''<br />
<br />
''Workfront, 3301 N Thanksgiving Way #100, Lehi, UT 84043''<br />
<br />
<br />
'''''Agenda: Beyond OWASP Top 10, meet OWASP Top 155 or Application Security Verification Standard (ASVS) and how to integrate it into Agile SDLC''''' <br />
<br />
'''''Presenter: Dmitry Dessiatnikov, Security Aim''''' <br />
<br />
'''''Abstract: <br />
<br />
OWASP Top 10 awareness document debuted in 2003 and since then has been widely adopted as a standard. It is a great introductory resource, but only covers top 10 risks, what about #11? Now in 2016 meet OWASP Application Security Verification Standard (ASVS) v.3.0.1.<br />
<br />
This is an introductory presentation about what OWASP ASVS is and how to use it to integrate security into the aspects of Agile software development process. Such activities as definition of security-focused user stories, both functional and non-functional requirements will be discussed. The presentation will cover how to inject security and privacy considerations into early phases of the Agile software development process to address the risks of security bugs pushed to production during frequent releases.'''<br />
<br />
'''Everyone is welcome to join us at our chapter meetings'''<br />
<br />
== Past Meetings ==<br />
=== OpenSAMM Project - Alan Jex - 3 Jan 2013 ===<br />
<br />
Alan discussed the Open Security Assurance Maturity Model (OpenSAMM) including his success at leveraging it to do a successful crawl/walk/run expansion of AppSec at his day job. HP hosted and served food (thanks!).<br />
Slides are available by clicking [[media:UtahSec-Software_Assurance_Maturity_Model.pptx|here.]]<br />
<br />
<!-- maybe need this link https://www.owasp.org/index.php/File:UtahSec-Software_Assurance_Maturity_Model.pptx <br />
!--><br />
<br />
[[Category:Utah]]</div>Dmitry Dessiatnikovhttps://wiki.owasp.org/index.php?title=Salt_Lake_City&diff=218790Salt Lake City2016-07-11T04:58:30Z<p>Dmitry Dessiatnikov: /* The next meeting is scheduled for Thursday August 11, 2016 in conjunction with UtahSec */</p>
<hr />
<div>== ''The next meeting is scheduled for Thursday August 11, 2016 in conjunction with [http://www.utahsec.org UtahSec]'' ==<br />
<br />
<br />
'''''Date:'''''<br />
<br />
''' Thursday August 11, 2016'''<br />
<br />
<br />
'''''Time:'''''<br />
<br />
'''6 - 8 pm'''<br />
<br />
<br />
'''''Meeting location:'''''<br />
<br />
''Workfront, 3301 N Thanksgiving Way #100, Lehi, UT 84043''<br />
<br />
<br />
'''''Agenda: Beyond OWASP Top 10, meet OWASP Top 155 or Application Security Verification Standard (ASVS) and how to integrate it into Agile SDLC''''' <br />
<br />
'''''Presenter: Dmitry Dessiatnikov, Security Aim''''' <br />
<br />
'''''Abstract: <br />
<br />
OWASP Top 10 awareness document debuted in 2003 and since then has been widely adopted as a standard. It is a great introductory resource, but only covers top 10 risks, what about #11? Now in 2016 meet OWASP Application Security Verification Standard (ASVS) v.3.0.1.<br />
<br />
This is introductory presentation about integrating security in the aspects of Agile software development process by utilizing OWASP ASVS. Such activities as definition of security-focused epics, user stories and both functional and non-functional requirements will be discussed. The presentation will cover how to inject security and privacy considerations into early phases of the Agile software development process with the goal of defending applications and data.'''''<br />
<br />
'''Everyone is welcome to join us at our chapter meetings'''<br />
<br />
== Past Meetings ==<br />
=== OpenSAMM Project - Alan Jex - 3 Jan 2013 ===<br />
<br />
Alan discussed the Open Security Assurance Maturity Model (OpenSAMM) including his success at leveraging it to do a successful crawl/walk/run expansion of AppSec at his day job. HP hosted and served food (thanks!).<br />
Slides are available by clicking [[media:UtahSec-Software_Assurance_Maturity_Model.pptx|here.]]<br />
<br />
<!-- maybe need this link https://www.owasp.org/index.php/File:UtahSec-Software_Assurance_Maturity_Model.pptx <br />
!--><br />
<br />
[[Category:Utah]]</div>Dmitry Dessiatnikovhttps://wiki.owasp.org/index.php?title=Salt_Lake_City&diff=218789Salt Lake City2016-07-11T04:58:15Z<p>Dmitry Dessiatnikov: /* The next meeting is scheduled for Thursday August 11, 2016 in conjunction with UtahSec */</p>
<hr />
<div>== ''The next meeting is scheduled for Thursday August 11, 2016 in conjunction with [http://www.utahsec.org UtahSec]'' ==<br />
<br />
<br />
'''''Date:'''''<br />
<br />
''' Thursday August 11, 2016'''<br />
<br />
<br />
'''''Time:'''''<br />
<br />
'''6 - 8 pm'''<br />
<br />
<br />
'''''Meeting location:'''''<br />
<br />
''Workfront, 3301 N Thanksgiving Way #100, Lehi, UT 84043''<br />
<br />
<br />
'''''Agenda: Beyond OWASP Top 10, meet OWASP Top 155 or Application Security Verification Standard (ASVS) and how to integrate it into Agile SDLC''''' <br />
<br />
'''''Presenter: Dmitry Dessiatnikov of Security Aim''''' <br />
<br />
'''''Abstract: <br />
<br />
OWASP Top 10 awareness document debuted in 2003 and since then has been widely adopted as a standard. It is a great introductory resource, but only covers top 10 risks, what about #11? Now in 2016 meet OWASP Application Security Verification Standard (ASVS) v.3.0.1.<br />
<br />
This is introductory presentation about integrating security in the aspects of Agile software development process by utilizing OWASP ASVS. Such activities as definition of security-focused epics, user stories and both functional and non-functional requirements will be discussed. The presentation will cover how to inject security and privacy considerations into early phases of the Agile software development process with the goal of defending applications and data.'''''<br />
<br />
'''Everyone is welcome to join us at our chapter meetings'''<br />
<br />
== Past Meetings ==<br />
=== OpenSAMM Project - Alan Jex - 3 Jan 2013 ===<br />
<br />
Alan discussed the Open Security Assurance Maturity Model (OpenSAMM) including his success at leveraging it to do a successful crawl/walk/run expansion of AppSec at his day job. HP hosted and served food (thanks!).<br />
Slides are available by clicking [[media:UtahSec-Software_Assurance_Maturity_Model.pptx|here.]]<br />
<br />
<!-- maybe need this link https://www.owasp.org/index.php/File:UtahSec-Software_Assurance_Maturity_Model.pptx <br />
!--><br />
<br />
[[Category:Utah]]</div>Dmitry Dessiatnikovhttps://wiki.owasp.org/index.php?title=Salt_Lake_City&diff=218788Salt Lake City2016-07-11T04:56:18Z<p>Dmitry Dessiatnikov: /* The next meeting is scheduled for Thursday August 11, 2016 in conjunction with UtahSec */</p>
<hr />
<div>== ''The next meeting is scheduled for Thursday August 11, 2016 in conjunction with [http://www.utahsec.org UtahSec]'' ==<br />
<br />
<br />
'''''Date:'''''<br />
<br />
''' Thursday August 11, 2016'''<br />
<br />
<br />
'''''Time:'''''<br />
<br />
'''6 - 8 pm'''<br />
<br />
<br />
'''''Meeting location:'''''<br />
<br />
''Workfront, 3301 N Thanksgiving Way #100, Lehi, UT 84043''<br />
<br />
<br />
'''''Agenda: Beyond OWASP Top 10, meet OWASP Top 155 or Application Security Verification Standard (ASVS) and how to integrate it into Agile SDLC''''' <br />
<br />
'''''Presenter: Dmitry Dessiatnikov''''' <br />
<br />
'''''Abstract: <br />
<br />
OWASP Top 10 awareness document debuted in 2003 and since then has been widely adopted as a standard. It is a great introductory resource, but only covers top 10 risks, what about #11? Now in 2016 meet OWASP Application Security Verification Standard (ASVS) v.3.0.1.<br />
<br />
This is introductory presentation about integrating security in the aspects of Agile software development process by utilizing OWASP ASVS. Such activities as definition of security-focused epics, user stories and both functional and non-functional requirements will be discussed. The presentation will cover how to inject security and privacy considerations into early phases of the Agile software development process with the goal of defending applications and data.'''''<br />
<br />
'''Everyone is welcome to join us at our chapter meetings'''<br />
<br />
== Past Meetings ==<br />
=== OpenSAMM Project - Alan Jex - 3 Jan 2013 ===<br />
<br />
Alan discussed the Open Security Assurance Maturity Model (OpenSAMM) including his success at leveraging it to do a successful crawl/walk/run expansion of AppSec at his day job. HP hosted and served food (thanks!).<br />
Slides are available by clicking [[media:UtahSec-Software_Assurance_Maturity_Model.pptx|here.]]<br />
<br />
<!-- maybe need this link https://www.owasp.org/index.php/File:UtahSec-Software_Assurance_Maturity_Model.pptx <br />
!--><br />
<br />
[[Category:Utah]]</div>Dmitry Dessiatnikovhttps://wiki.owasp.org/index.php?title=Salt_Lake_City&diff=218787Salt Lake City2016-07-11T04:53:40Z<p>Dmitry Dessiatnikov: /* The next meeting is scheduled for Thursday August 11, 2016 in conjunction with UtahSec */</p>
<hr />
<div>== ''The next meeting is scheduled for Thursday August 11, 2016 in conjunction with [http://www.utahsec.org UtahSec]'' ==<br />
<br />
<br />
'''''Date:'''''<br />
<br />
''' Thursday August 11, 2016'''<br />
<br />
<br />
'''''Time:'''''<br />
<br />
'''6 - 8 pm'''<br />
<br />
<br />
'''''Meeting location:'''''<br />
<br />
''Workfront, 3301 N Thanksgiving Way #100, Lehi, UT 84043''<br />
<br />
<br />
'''''Agenda: Beyond OWASP Top 10, meet OWASP Top 155 or Application Security Verification Standard (ASVS) and how to integrate it into Agile SDLC''''' <br />
<br />
'''''Presenter: Dmitry Dessiatnikov''''' <br />
<br />
'''''Abstract: <br />
<br />
OWASP Top 10 awareness document debuted in 2003 and since then has been widely adopted as a standard. It is a great introductory resource, but only covers top 10 risks, what about #11? Meet OWASP Application Security Verification Standard (ASVS).<br />
<br />
This is introductory presentation about integrating security in the aspects of Agile software development process by utilizing OWASP ASVS. Such activities as definition of security-focused epics, user stories and both functional and non-functional requirements will be discussed. The presentation will cover how to inject security and privacy considerations into early phases of the Agile software development process with the goal of defending applications and data.'''''<br />
<br />
'''Everyone is welcome to join us at our chapter meetings'''<br />
<br />
== Past Meetings ==<br />
=== OpenSAMM Project - Alan Jex - 3 Jan 2013 ===<br />
<br />
Alan discussed the Open Security Assurance Maturity Model (OpenSAMM) including his success at leveraging it to do a successful crawl/walk/run expansion of AppSec at his day job. HP hosted and served food (thanks!).<br />
Slides are available by clicking [[media:UtahSec-Software_Assurance_Maturity_Model.pptx|here.]]<br />
<br />
<!-- maybe need this link https://www.owasp.org/index.php/File:UtahSec-Software_Assurance_Maturity_Model.pptx <br />
!--><br />
<br />
[[Category:Utah]]</div>Dmitry Dessiatnikovhttps://wiki.owasp.org/index.php?title=Salt_Lake_City&diff=218786Salt Lake City2016-07-11T04:42:20Z<p>Dmitry Dessiatnikov: /* The next meeting is scheduled for Thursday June 2nd, 2016 in conjunction with UtahSec */</p>
<hr />
<div>== ''The next meeting is scheduled for Thursday August 11, 2016 in conjunction with [http://www.utahsec.org UtahSec]'' ==<br />
<br />
<br />
'''''Date:'''''<br />
<br />
''' Thursday August 11, 2016'''<br />
<br />
<br />
'''''Time:'''''<br />
<br />
'''6 - 8 pm'''<br />
<br />
<br />
'''''Meeting location:'''''<br />
<br />
''Workfront, 3301 N Thanksgiving Way #100, Lehi, UT 84043''<br />
<br />
<br />
'''''Agenda: Beyond OWASP Top 10, meet OWASP Top 155 or Application Security Verification Standard (ASVS) and how to integrate it into Agile SDLC''''' <br />
<br />
'''''Presenter: Dmitry Dessiatnikov''''' <br />
<br />
'''Everyone is welcome to join us at our chapter meetings'''<br />
<br />
== Past Meetings ==<br />
=== OpenSAMM Project - Alan Jex - 3 Jan 2013 ===<br />
<br />
Alan discussed the Open Security Assurance Maturity Model (OpenSAMM) including his success at leveraging it to do a successful crawl/walk/run expansion of AppSec at his day job. HP hosted and served food (thanks!).<br />
Slides are available by clicking [[media:UtahSec-Software_Assurance_Maturity_Model.pptx|here.]]<br />
<br />
<!-- maybe need this link https://www.owasp.org/index.php/File:UtahSec-Software_Assurance_Maturity_Model.pptx <br />
!--><br />
<br />
[[Category:Utah]]</div>Dmitry Dessiatnikovhttps://wiki.owasp.org/index.php?title=Salt_Lake_City&diff=217521Salt Lake City2016-06-01T14:14:23Z<p>Dmitry Dessiatnikov: /* The next meeting is scheduled for Thursday June 2nd, 2016 in conjunction with UtahSec */</p>
<hr />
<div>== ''The next meeting is scheduled for Thursday June 2nd, 2016 in conjunction with [http://www.utahsec.org UtahSec]'' ==<br />
<br />
<br />
'''''Date:'''''<br />
<br />
''' Thursday June 2nd, 2016'''<br />
<br />
<br />
'''''Time:'''''<br />
<br />
'''6 - 8 pm'''<br />
<br />
<br />
'''''Meeting location:'''''<br />
<br />
''801Labs, 353 E 200 S, Salt Lake City, UT 84111''<br />
<br />
<br />
'''''Agenda: Lawrence Davis will be representing ISACA and will present on SQLi. ''''' <br />
<br />
<br />
'''Everyone is welcome to join us at our chapter meetings'''<br />
<br />
== Past Meetings ==<br />
=== OpenSAMM Project - Alan Jex - 3 Jan 2013 ===<br />
<br />
Alan discussed the Open Security Assurance Maturity Model (OpenSAMM) including his success at leveraging it to do a successful crawl/walk/run expansion of AppSec at his day job. HP hosted and served food (thanks!).<br />
Slides are available by clicking [[media:UtahSec-Software_Assurance_Maturity_Model.pptx|here.]]<br />
<br />
<!-- maybe need this link https://www.owasp.org/index.php/File:UtahSec-Software_Assurance_Maturity_Model.pptx <br />
!--><br />
<br />
[[Category:Utah]]</div>Dmitry Dessiatnikovhttps://wiki.owasp.org/index.php?title=Salt_Lake_City&diff=217520Salt Lake City2016-06-01T14:14:06Z<p>Dmitry Dessiatnikov: /* The next meeting is scheduled for Thursday April 7th in conjunction with UtahSec */</p>
<hr />
<div>== ''The next meeting is scheduled for Thursday June 2nd, 2016 in conjunction with [http://www.utahsec.org UtahSec]'' ==<br />
<br />
<br />
'''''Date:'''''<br />
<br />
''' Thursday June 2nd, 2016'''<br />
<br />
<br />
'''''Time:'''''<br />
<br />
'''6 - 8 pm'''<br />
<br />
<br />
'''''Meeting location:'''''<br />
<br />
'''801Labs, 353 E 200 S, Salt Lake City, UT 84111''<br />
<br />
<br />
'''''Agenda: Lawrence Davis will be representing ISACA and will present on SQLi. ''''' <br />
<br />
<br />
'''Everyone is welcome to join us at our chapter meetings'''<br />
<br />
== Past Meetings ==<br />
=== OpenSAMM Project - Alan Jex - 3 Jan 2013 ===<br />
<br />
Alan discussed the Open Security Assurance Maturity Model (OpenSAMM) including his success at leveraging it to do a successful crawl/walk/run expansion of AppSec at his day job. HP hosted and served food (thanks!).<br />
Slides are available by clicking [[media:UtahSec-Software_Assurance_Maturity_Model.pptx|here.]]<br />
<br />
<!-- maybe need this link https://www.owasp.org/index.php/File:UtahSec-Software_Assurance_Maturity_Model.pptx <br />
!--><br />
<br />
[[Category:Utah]]</div>Dmitry Dessiatnikovhttps://wiki.owasp.org/index.php?title=Salt_Lake_City&diff=217519Salt Lake City2016-06-01T14:13:46Z<p>Dmitry Dessiatnikov: </p>
<hr />
<div>== ''The next meeting is scheduled for Thursday April 7th in conjunction with [http://www.utahsec.org UtahSec]'' ==<br />
<br />
<br />
'''''Date:'''''<br />
<br />
''' Thursday June 2nd, 2016'''<br />
<br />
<br />
'''''Time:'''''<br />
<br />
'''6 - 8 pm'''<br />
<br />
<br />
'''''Meeting location:'''''<br />
<br />
'''801Labs, 353 E 200 S, Salt Lake City, UT 84111''<br />
<br />
<br />
'''''Agenda: Lawrence Davis will be representing ISACA and will present on SQLi. ''''' <br />
<br />
<br />
'''Everyone is welcome to join us at our chapter meetings'''<br />
<br />
== Past Meetings ==<br />
=== OpenSAMM Project - Alan Jex - 3 Jan 2013 ===<br />
<br />
Alan discussed the Open Security Assurance Maturity Model (OpenSAMM) including his success at leveraging it to do a successful crawl/walk/run expansion of AppSec at his day job. HP hosted and served food (thanks!).<br />
Slides are available by clicking [[media:UtahSec-Software_Assurance_Maturity_Model.pptx|here.]]<br />
<br />
<!-- maybe need this link https://www.owasp.org/index.php/File:UtahSec-Software_Assurance_Maturity_Model.pptx <br />
!--><br />
<br />
[[Category:Utah]]</div>Dmitry Dessiatnikovhttps://wiki.owasp.org/index.php?title=Salt_Lake_City&diff=212487Salt Lake City2016-04-05T08:08:47Z<p>Dmitry Dessiatnikov: /* The next meeting is scheduled for Thursday April 7th in conjunction with UtahSec */</p>
<hr />
<div>== ''The next meeting is scheduled for Thursday April 7th in conjunction with [http://www.utahsec.org UtahSec]'' ==<br />
<br />
<br />
'''''Date:'''''<br />
<br />
''' Thursday April 7th, 2016'''<br />
<br />
<br />
'''''Time:'''''<br />
<br />
'''6 - 8 pm'''<br />
<br />
<br />
'''''Meeting location:'''''<br />
<br />
'''LDS Riverton office: 3740 W Market Center Dr, Riverton, UT 84065'''<br />
<br />
<br />
'''''Agenda: Lawrence Davis will be representing ISACA and will present on SQLi, and Cameron Morris will represent OWASP and will present on OAuth and OpenID services. ''''' <br />
<br />
<br />
'''Everyone is welcome to join us at our chapter meetings'''<br />
<br />
== Past Meetings ==<br />
=== OpenSAMM Project - Alan Jex - 3 Jan 2013 ===<br />
<br />
Alan discussed the Open Security Assurance Maturity Model (OpenSAMM) including his success at leveraging it to do a successful crawl/walk/run expansion of AppSec at his day job. HP hosted and served food (thanks!).<br />
Slides are available by clicking [[media:UtahSec-Software_Assurance_Maturity_Model.pptx|here.]]<br />
<br />
<!-- maybe need this link https://www.owasp.org/index.php/File:UtahSec-Software_Assurance_Maturity_Model.pptx <br />
!--><br />
<br />
[[Category:Utah]]</div>Dmitry Dessiatnikovhttps://wiki.owasp.org/index.php?title=Salt_Lake_City&diff=212486Salt Lake City2016-04-05T08:08:02Z<p>Dmitry Dessiatnikov: </p>
<hr />
<div>== ''The next meeting is scheduled for Thursday April 7th in conjunction with [http://www.utahsec.org UtahSec]'' ==<br />
<br />
<br />
'''''Date:'''''<br />
<br />
''' Thursday April 7th, 2016'''<br />
<br />
<br />
'''''Time:'''''<br />
<br />
'''6 - 8 pm'''<br />
<br />
<br />
'''''Meeting location:'''''<br />
<br />
'''LDS Riverton office: 3740 W Market Center Dr, Riverton, UT 84065'''<br />
<br />
<br />
'''''Agenda: Lawrence Davis will be representing ISACA and will present on SQLi, and Cameron Morris will represent OWASP and will present on OAuth and OpenID services. ''''' <br />
<br />
<br />
'''Everyone is welcome to join us at our chapter meetings'''<br />
<br />
'''''Agenda: Lance Buttars (Nemus) presenting on Web Application Firewalls and mod_security ''''' <br />
<br />
<br />
'''Everyone is welcome to join us at our chapter meetings'''<br />
<br />
== Past Meetings ==<br />
=== OpenSAMM Project - Alan Jex - 3 Jan 2013 ===<br />
<br />
Alan discussed the Open Security Assurance Maturity Model (OpenSAMM) including his success at leveraging it to do a successful crawl/walk/run expansion of AppSec at his day job. HP hosted and served food (thanks!).<br />
Slides are available by clicking [[media:UtahSec-Software_Assurance_Maturity_Model.pptx|here.]]<br />
<br />
<!-- maybe need this link https://www.owasp.org/index.php/File:UtahSec-Software_Assurance_Maturity_Model.pptx <br />
!--><br />
<br />
[[Category:Utah]]</div>Dmitry Dessiatnikovhttps://wiki.owasp.org/index.php?title=Salt_Lake_City&diff=210258Salt Lake City2016-03-02T03:53:20Z<p>Dmitry Dessiatnikov: /* The next meeting is scheduled for Thursday, Thursday March 3rd in conjunction with UtahSec */</p>
<hr />
<div>{{Chapter Template|chaptername=Salt_Lake|extra=The chapter leader is [mailto:dmitry.dessiatnikov@gmail.com Dmitry Dessiatnikov]<br />
<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Salt_Lake|emailarchives=http://lists.owasp.org/pipermail/owasp-Salt_Lake}}<br />
<br />
== Local News ==<br />
<br />
<br />
== ''The next meeting is scheduled for Thursday March 3rd in conjunction with [http://www.utahsec.org UtahSec]'' ==<br />
<br />
<br />
'''''Date:'''''<br />
<br />
''' Thursday March 3rd, 2016'''<br />
<br />
<br />
'''''Time:'''''<br />
<br />
'''6 - 8 pm'''<br />
<br />
<br />
'''''Meeting location:'''''<br />
<br />
'''801Labs 353 E 200 S, Salt Lake City, UT 84111'''<br />
<br />
<br />
'''''Agenda: Lance Buttars (Nemus) presenting on Web Application Firewalls and mod_security ''''' <br />
<br />
<br />
'''Everyone is welcome to join us at our chapter meetings'''<br />
<br />
== Past Meetings ==<br />
=== OpenSAMM Project - Alan Jex - 3 Jan 2013 ===<br />
<br />
Alan discussed the Open Security Assurance Maturity Model (OpenSAMM) including his success at leveraging it to do a successful crawl/walk/run expansion of AppSec at his day job. HP hosted and served food (thanks!).<br />
Slides are available by clicking [[media:UtahSec-Software_Assurance_Maturity_Model.pptx|here.]]<br />
<br />
<!-- maybe need this link https://www.owasp.org/index.php/File:UtahSec-Software_Assurance_Maturity_Model.pptx <br />
!--><br />
<br />
[[Category:Utah]]</div>Dmitry Dessiatnikovhttps://wiki.owasp.org/index.php?title=Salt_Lake_City&diff=210257Salt Lake City2016-03-02T03:52:02Z<p>Dmitry Dessiatnikov: /* The next meeting is scheduled for Thursday, February 4th in conjunction with UtahSec */</p>
<hr />
<div>{{Chapter Template|chaptername=Salt_Lake|extra=The chapter leader is [mailto:dmitry.dessiatnikov@gmail.com Dmitry Dessiatnikov]<br />
<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Salt_Lake|emailarchives=http://lists.owasp.org/pipermail/owasp-Salt_Lake}}<br />
<br />
== Local News ==<br />
<br />
<br />
== ''The next meeting is scheduled for Thursday, Thursday March 3rd in conjunction with [http://www.utahsec.org UtahSec]'' ==<br />
<br />
<br />
'''''Date:'''''<br />
<br />
''' Thursday March 3rd, 2016'''<br />
<br />
<br />
'''''Time:'''''<br />
<br />
'''6 - 8 pm'''<br />
<br />
<br />
'''''Meeting location:'''''<br />
<br />
'''801Labs 353 E 200 S, Salt Lake City, UT 84111'''<br />
<br />
<br />
'''''Agenda: Lance Buttars (Nemus) presenting on Web Application Firewalls and mod_security ''''' <br />
<br />
<br />
'''Everyone is welcome to join us at our chapter meetings'''<br />
<br />
== Past Meetings ==<br />
=== OpenSAMM Project - Alan Jex - 3 Jan 2013 ===<br />
<br />
Alan discussed the Open Security Assurance Maturity Model (OpenSAMM) including his success at leveraging it to do a successful crawl/walk/run expansion of AppSec at his day job. HP hosted and served food (thanks!).<br />
Slides are available by clicking [[media:UtahSec-Software_Assurance_Maturity_Model.pptx|here.]]<br />
<br />
<!-- maybe need this link https://www.owasp.org/index.php/File:UtahSec-Software_Assurance_Maturity_Model.pptx <br />
!--><br />
<br />
[[Category:Utah]]</div>Dmitry Dessiatnikovhttps://wiki.owasp.org/index.php?title=Salt_Lake_City&diff=207749Salt Lake City2016-01-31T18:39:06Z<p>Dmitry Dessiatnikov: </p>
<hr />
<div>{{Chapter Template|chaptername=Salt_Lake|extra=The chapter leader is [mailto:dmitry.dessiatnikov@gmail.com Dmitry Dessiatnikov]<br />
<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Salt_Lake|emailarchives=http://lists.owasp.org/pipermail/owasp-Salt_Lake}}<br />
<br />
== Local News ==<br />
<br />
<br />
== ''The next meeting is scheduled for Thursday, February 4th in conjunction with [http://www.utahsec.org UtahSec]'' ==<br />
<br />
<br />
'''''Date:'''''<br />
<br />
''' Feb 4th, 2016'''<br />
<br />
<br />
'''''Time:'''''<br />
<br />
'''6 - 8 pm'''<br />
<br />
<br />
'''''Meeting location:'''''<br />
<br />
'''WorkFront 3301 Thanksgiving Way #100, Lehi'''<br />
<br />
<br />
'''''Agenda: Brandon Greenwood, Director of IT Security and Compliance for Overstock.com, representing Utah Snort User Group ''''' <br />
<br />
'''Pizza will be provided by WorkFront'''<br />
<br />
'''Everyone is welcome to join us at our chapter meetings'''<br />
<br />
== Past Meetings ==<br />
=== OpenSAMM Project - Alan Jex - 3 Jan 2013 ===<br />
<br />
Alan discussed the Open Security Assurance Maturity Model (OpenSAMM) including his success at leveraging it to do a successful crawl/walk/run expansion of AppSec at his day job. HP hosted and served food (thanks!).<br />
Slides are available by clicking [[media:UtahSec-Software_Assurance_Maturity_Model.pptx|here.]]<br />
<br />
<!-- maybe need this link https://www.owasp.org/index.php/File:UtahSec-Software_Assurance_Maturity_Model.pptx <br />
!--><br />
<br />
[[Category:Utah]]</div>Dmitry Dessiatnikovhttps://wiki.owasp.org/index.php?title=Salt_Lake_City&diff=205820Salt Lake City2016-01-05T04:20:44Z<p>Dmitry Dessiatnikov: /* The next meeting is scheduled for Thursday, January 7th in conjunction with UtahSec */</p>
<hr />
<div>{{Chapter Template|chaptername=Salt_Lake|extra=The chapter leader is [mailto:dmitry.dessiatnikov@gmail.com Dmitry Dessiatnikov]<br />
<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Salt_Lake|emailarchives=http://lists.owasp.org/pipermail/owasp-Salt_Lake}}<br />
<br />
== Local News ==<br />
<br />
<br />
== ''The next meeting is scheduled for Thursday, January 7th in conjunction with [http://www.utahsec.org UtahSec]'' ==<br />
<br />
<br />
'''''Date:'''''<br />
<br />
''' Jan 7th, 2016'''<br />
<br />
<br />
'''''Time:'''''<br />
<br />
'''6 - 8 pm'''<br />
<br />
<br />
'''''Meeting location:'''''<br />
<br />
'''LDS Riverton Office Building'''<br />
<br />
'''3740 W 13400 S'''<br />
<br />
'''Riverton, UT 84065'''<br />
<br />
'''(Inform security guard at the front desk that you are attending OWASP)'''<br />
<br />
<br />
'''''Agenda: Special Agent Mark Roberts presenting “FBI Threat Briefing”.''''' <br />
<br />
'''Everyone is welcome to join us at our chapter meetings'''<br />
<br />
== Past Meetings ==<br />
=== OpenSAMM Project - Alan Jex - 3 Jan 2013 ===<br />
<br />
Alan discussed the Open Security Assurance Maturity Model (OpenSAMM) including his success at leveraging it to do a successful crawl/walk/run expansion of AppSec at his day job. HP hosted and served food (thanks!).<br />
Slides are available by clicking [[media:UtahSec-Software_Assurance_Maturity_Model.pptx|here.]]<br />
<br />
<!-- maybe need this link https://www.owasp.org/index.php/File:UtahSec-Software_Assurance_Maturity_Model.pptx <br />
!--><br />
<br />
[[Category:Utah]]</div>Dmitry Dessiatnikovhttps://wiki.owasp.org/index.php?title=Salt_Lake_City&diff=205745Salt Lake City2016-01-03T18:42:45Z<p>Dmitry Dessiatnikov: </p>
<hr />
<div>{{Chapter Template|chaptername=Salt_Lake|extra=The chapter leader is [mailto:dmitry.dessiatnikov@gmail.com Dmitry Dessiatnikov]<br />
<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Salt_Lake|emailarchives=http://lists.owasp.org/pipermail/owasp-Salt_Lake}}<br />
<br />
== Local News ==<br />
<br />
<br />
== ''The next meeting is scheduled for Thursday, January 7th in conjunction with [http://www.utahsec.org UtahSec]'' ==<br />
<br />
<br />
'''''Date:'''''<br />
<br />
''' Jan 7th, 2016'''<br />
<br />
<br />
'''''Time:'''''<br />
<br />
'''6 - 8 pm'''<br />
<br />
<br />
'''''Meeting location:'''''<br />
<br />
'''LDS Riverton Office Building'''<br />
<br />
'''3740 W 13400 S'''<br />
<br />
'''Riverton, UT 84065'''<br />
<br />
'''(Inform security guard at the front desk that you are attending OWASP)'''<br />
<br />
<br />
'''''Agenda:''''' UtahSec - ISSA and Infraguard<br />
<br />
'''Everyone is welcome to join us at our chapter meetings'''<br />
<br />
== Past Meetings ==<br />
=== OpenSAMM Project - Alan Jex - 3 Jan 2013 ===<br />
<br />
Alan discussed the Open Security Assurance Maturity Model (OpenSAMM) including his success at leveraging it to do a successful crawl/walk/run expansion of AppSec at his day job. HP hosted and served food (thanks!).<br />
Slides are available by clicking [[media:UtahSec-Software_Assurance_Maturity_Model.pptx|here.]]<br />
<br />
<!-- maybe need this link https://www.owasp.org/index.php/File:UtahSec-Software_Assurance_Maturity_Model.pptx <br />
!--><br />
<br />
[[Category:Utah]]</div>Dmitry Dessiatnikovhttps://wiki.owasp.org/index.php?title=Salt_Lake_City&diff=203001Salt Lake City2015-11-03T07:27:11Z<p>Dmitry Dessiatnikov: /* The next meeting is scheduled for Thursday, November 5th in conjunction with UtahSec */</p>
<hr />
<div>{{Chapter Template|chaptername=Salt_Lake|extra=The chapter leader is [mailto:dmitry.dessiatnikov@gmail.com Dmitry Dessiatnikov]<br />
<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Salt_Lake|emailarchives=http://lists.owasp.org/pipermail/owasp-Salt_Lake}}<br />
<br />
== Local News ==<br />
<br />
<br />
== ''The next meeting is scheduled for Thursday, November 5th in conjunction with [http://www.utahsec.org UtahSec]'' ==<br />
<br />
<br />
'''''Date:'''''<br />
<br />
''' Nov 5th, 2015'''<br />
<br />
<br />
'''''Time:'''''<br />
<br />
'''6 - 8 pm'''<br />
<br />
<br />
'''''Meeting location:'''''<br />
<br />
'''LDS Riverton Office Building'''<br />
<br />
'''3740 W 13400 S'''<br />
<br />
'''Riverton, UT 84065'''<br />
<br />
'''(Inform security guard at the front desk that you are attending OWASP)'''<br />
<br />
<br />
'''''Agenda:''''' Troy Jessup, organizer for SaintCon will give us a post-mortem on the event<br />
and tell us what worked and what will be changed for next year.<br />
<br />
Then we’ll hear from David Harvey, Principal Consultant at Cigital,<br />
representing the Salt Lake OWASP chapter, who will speak to us on Mobile<br />
Application Thread Modeling.<br />
<br />
As a bonus, David’s company is going to supply pizza for us.<br />
<br />
'''Everyone is welcome to join us at our chapter meetings'''<br />
<br />
== Past Meetings ==<br />
=== OpenSAMM Project - Alan Jex - 3 Jan 2013 ===<br />
<br />
Alan discussed the Open Security Assurance Maturity Model (OpenSAMM) including his success at leveraging it to do a successful crawl/walk/run expansion of AppSec at his day job. HP hosted and served food (thanks!).<br />
Slides are available by clicking [[media:UtahSec-Software_Assurance_Maturity_Model.pptx|here.]]<br />
<br />
<!-- maybe need this link https://www.owasp.org/index.php/File:UtahSec-Software_Assurance_Maturity_Model.pptx <br />
!--><br />
<br />
[[Category:Utah]]</div>Dmitry Dessiatnikovhttps://wiki.owasp.org/index.php?title=Salt_Lake_City&diff=203000Salt Lake City2015-11-03T07:26:24Z<p>Dmitry Dessiatnikov: /* The next meeting is scheduled for Thursday, Sep 3rd in conjunction with UtahSec */</p>
<hr />
<div>{{Chapter Template|chaptername=Salt_Lake|extra=The chapter leader is [mailto:dmitry.dessiatnikov@gmail.com Dmitry Dessiatnikov]<br />
<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Salt_Lake|emailarchives=http://lists.owasp.org/pipermail/owasp-Salt_Lake}}<br />
<br />
== Local News ==<br />
<br />
<br />
== ''The next meeting is scheduled for Thursday, November 5th in conjunction with [http://www.utahsec.org UtahSec]'' ==<br />
<br />
<br />
'''''Date:'''''<br />
<br />
''' Nov 5th, 2015'''<br />
<br />
<br />
'''''Time:'''''<br />
<br />
'''6 - 8 pm'''<br />
<br />
<br />
'''''Meeting location:'''''<br />
<br />
'''LDS Riverton Office Building'''<br />
<br />
'''3740 W 13400 S'''<br />
<br />
'''Riverton, UT 84065'''<br />
<br />
'''(Inform security guard at the front desk that you are attending OWASP)'''<br />
<br />
<br />
'''''Agenda: Troy Jessup, organizer for SaintCon will give us a post-mortem on the event<br />
and tell us what worked and what will be changed for next year.<br />
<br />
Then we’ll hear from David Harvey, Principal Consultant at Cigital,<br />
representing the Salt Lake OWASP chapter, who will speak to us on Mobile<br />
Application Thread Modeling.<br />
<br />
As a bonus, David’s company is going to supply pizza for us.'''''<br />
<br />
'''Everyone is welcome to join us at our chapter meetings'''<br />
<br />
== Past Meetings ==<br />
=== OpenSAMM Project - Alan Jex - 3 Jan 2013 ===<br />
<br />
Alan discussed the Open Security Assurance Maturity Model (OpenSAMM) including his success at leveraging it to do a successful crawl/walk/run expansion of AppSec at his day job. HP hosted and served food (thanks!).<br />
Slides are available by clicking [[media:UtahSec-Software_Assurance_Maturity_Model.pptx|here.]]<br />
<br />
<!-- maybe need this link https://www.owasp.org/index.php/File:UtahSec-Software_Assurance_Maturity_Model.pptx <br />
!--><br />
<br />
[[Category:Utah]]</div>Dmitry Dessiatnikovhttps://wiki.owasp.org/index.php?title=Salt_Lake_City&diff=200051Salt Lake City2015-09-04T02:24:41Z<p>Dmitry Dessiatnikov: /* The next meeting is scheduled for Thursday, Sep 3rd in conjunction with UtahSec */</p>
<hr />
<div>{{Chapter Template|chaptername=Salt_Lake|extra=The chapter leader is [mailto:dmitry.dessiatnikov@gmail.com Dmitry Dessiatnikov]<br />
<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Salt_Lake|emailarchives=http://lists.owasp.org/pipermail/owasp-Salt_Lake}}<br />
<br />
== Local News ==<br />
<br />
<br />
== ''The next meeting is scheduled for Thursday, Sep 3rd in conjunction with [http://www.utahsec.org UtahSec]'' ==<br />
<br />
<br />
'''''Date:'''''<br />
<br />
''' Sep 3rd, 2015'''<br />
<br />
<br />
'''''Time:'''''<br />
<br />
'''6 - 8 pm'''<br />
<br />
<br />
'''''Meeting location:'''''<br />
<br />
'''LDS Riverton Office Building'''<br />
<br />
'''3740 W 13400 S'''<br />
<br />
'''Riverton, UT 84065'''<br />
<br />
'''(Inform security guard at the front desk that you are attending OWASP)'''<br />
<br />
<br />
'''''Agenda: "Malware Techniques" presentation by Lee Christensen.'''''<br />
<br />
'''Everyone is welcome to join us at our chapter meetings'''<br />
<br />
== Past Meetings ==<br />
=== OpenSAMM Project - Alan Jex - 3 Jan 2013 ===<br />
<br />
Alan discussed the Open Security Assurance Maturity Model (OpenSAMM) including his success at leveraging it to do a successful crawl/walk/run expansion of AppSec at his day job. HP hosted and served food (thanks!).<br />
Slides are available by clicking [[media:UtahSec-Software_Assurance_Maturity_Model.pptx|here.]]<br />
<br />
<!-- maybe need this link https://www.owasp.org/index.php/File:UtahSec-Software_Assurance_Maturity_Model.pptx <br />
!--><br />
<br />
[[Category:Utah]]</div>Dmitry Dessiatnikovhttps://wiki.owasp.org/index.php?title=Salt_Lake_City&diff=199045Salt Lake City2015-08-13T03:47:02Z<p>Dmitry Dessiatnikov: /* The next meeting is scheduled for Thursday, August 13th in conjunction with UtahSec */</p>
<hr />
<div>{{Chapter Template|chaptername=Salt_Lake|extra=The chapter leader is [mailto:dmitry.dessiatnikov@gmail.com Dmitry Dessiatnikov]<br />
<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Salt_Lake|emailarchives=http://lists.owasp.org/pipermail/owasp-Salt_Lake}}<br />
<br />
== Local News ==<br />
<br />
<br />
== ''The next meeting is scheduled for Thursday, May 7th in conjunction with [http://www.utahsec.org UtahSec]'' ==<br />
<br />
<br />
'''''Date:'''''<br />
<br />
''' August 13th, 2015'''<br />
<br />
<br />
'''''Time:'''''<br />
<br />
'''6 - 8 pm'''<br />
<br />
<br />
'''''Meeting location:'''''<br />
<br />
'''LDS Riverton Office Building'''<br />
<br />
'''3740 W 13400 S'''<br />
<br />
'''Riverton, UT 84065'''<br />
<br />
'''(Inform security guard at the front desk that you are attending OWASP)'''<br />
<br />
<br />
'''''Agenda: "What your momma didn’t teach you about injection" presentation by David Hazar.'''''<br />
<br />
'''Everyone is welcome to join us at our chapter meetings'''<br />
<br />
== Past Meetings ==<br />
=== OpenSAMM Project - Alan Jex - 3 Jan 2013 ===<br />
<br />
Alan discussed the Open Security Assurance Maturity Model (OpenSAMM) including his success at leveraging it to do a successful crawl/walk/run expansion of AppSec at his day job. HP hosted and served food (thanks!).<br />
Slides are available by clicking [[media:UtahSec-Software_Assurance_Maturity_Model.pptx|here.]]<br />
<br />
<!-- maybe need this link https://www.owasp.org/index.php/File:UtahSec-Software_Assurance_Maturity_Model.pptx <br />
!--><br />
<br />
[[Category:Utah]]</div>Dmitry Dessiatnikovhttps://wiki.owasp.org/index.php?title=Salt_Lake_City&diff=194443Salt Lake City2015-05-05T02:55:09Z<p>Dmitry Dessiatnikov: /* The next meeting is scheduled for Thursday, May 7th in conjunction with UtahSec */</p>
<hr />
<div>{{Chapter Template|chaptername=Salt_Lake|extra=The chapter leader is [mailto:dmitry.dessiatnikov@gmail.com Dmitry Dessiatnikov]<br />
<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Salt_Lake|emailarchives=http://lists.owasp.org/pipermail/owasp-Salt_Lake}}<br />
<br />
== Local News ==<br />
<br />
<br />
== ''The next meeting is scheduled for Thursday, May 7th in conjunction with [http://www.utahsec.org UtahSec]'' ==<br />
<br />
<br />
'''''Date:'''''<br />
<br />
''' May 7th, 2015'''<br />
<br />
<br />
'''''Time:'''''<br />
<br />
'''6 - 8 pm'''<br />
<br />
<br />
'''''Meeting location:'''''<br />
<br />
'''LDS Riverton Office Building'''<br />
<br />
'''3740 W 13400 S'''<br />
<br />
'''Riverton, UT 84065'''<br />
<br />
'''(Inform security guard at the front desk that you are attending OWASP)'''<br />
<br />
<br />
'''''Agenda: "OAuth and Open-ID-Connect" presentation by Cameron Morris.'''''<br />
<br />
'''''Abstract: In 2014 Eran Hammer removed himself from the OAuth 2.0 spec that he helped create. He complained that the simple protocol had been converted into complex framework that will likely lead to security vulnerabilities. Despite his warning, the industry has marched forward with OAuth 2.0 and OpenID-Connect. In this discussion we'll dissect OAuth 2.0 and OpenID Connect enough help expose some common pitfalls and what to look for in a flawed implementation.<br />
'''''<br />
<br />
'''Everyone is welcome to join us at our chapter meetings'''<br />
<br />
== Past Meetings ==<br />
=== OpenSAMM Project - Alan Jex - 3 Jan 2013 ===<br />
<br />
Alan discussed the Open Security Assurance Maturity Model (OpenSAMM) including his success at leveraging it to do a successful crawl/walk/run expansion of AppSec at his day job. HP hosted and served food (thanks!).<br />
Slides are available by clicking [[media:UtahSec-Software_Assurance_Maturity_Model.pptx|here.]]<br />
<br />
<!-- maybe need this link https://www.owasp.org/index.php/File:UtahSec-Software_Assurance_Maturity_Model.pptx <br />
!--><br />
<br />
[[Category:Utah]]</div>Dmitry Dessiatnikovhttps://wiki.owasp.org/index.php?title=Salt_Lake_City&diff=194442Salt Lake City2015-05-05T02:54:46Z<p>Dmitry Dessiatnikov: /* The next meeting is scheduled for Thursday, May 7th in conjunction with UtahSec */</p>
<hr />
<div>{{Chapter Template|chaptername=Salt_Lake|extra=The chapter leader is [mailto:dmitry.dessiatnikov@gmail.com Dmitry Dessiatnikov]<br />
<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Salt_Lake|emailarchives=http://lists.owasp.org/pipermail/owasp-Salt_Lake}}<br />
<br />
== Local News ==<br />
<br />
<br />
== ''The next meeting is scheduled for Thursday, May 7th in conjunction with [http://www.utahsec.org UtahSec]'' ==<br />
<br />
<br />
'''''Date:'''''<br />
<br />
''' May 7th, 2015'''<br />
<br />
<br />
'''''Time:'''''<br />
<br />
'''6 - 8 pm'''<br />
<br />
<br />
'''''Meeting location:'''''<br />
<br />
'''LDS Riverton Office Building'''<br />
<br />
'''3740 W 13400 S'''<br />
<br />
'''Riverton, UT 84065'''<br />
<br />
'''(Inform security guard at the front desk that you are attending OWASP)'''<br />
<br />
<br />
'''''Agenda: "OAuth and Open-ID-Connect" presentation by Cameron Morris.'''''<br />
<br />
'''''Abstract: In 2014 Eran Hammer removed himself from the OAuth 2.0 spec that he helped create. He complained that the simple protocol had been converted into complex framework that will likely lead to security vulnerabilities. Despite his warning, the industry has marched forward with OAuth 2.0 and OpenID-Connect. In this discussion we'll dissect OAuth 2.0 and OpenID Connect enough help expose some common pitfalls and what to look for in a flawed implementation."<br />
'''''<br />
<br />
'''Everyone is welcome to join us at our chapter meetings'''<br />
<br />
== Past Meetings ==<br />
=== OpenSAMM Project - Alan Jex - 3 Jan 2013 ===<br />
<br />
Alan discussed the Open Security Assurance Maturity Model (OpenSAMM) including his success at leveraging it to do a successful crawl/walk/run expansion of AppSec at his day job. HP hosted and served food (thanks!).<br />
Slides are available by clicking [[media:UtahSec-Software_Assurance_Maturity_Model.pptx|here.]]<br />
<br />
<!-- maybe need this link https://www.owasp.org/index.php/File:UtahSec-Software_Assurance_Maturity_Model.pptx <br />
!--><br />
<br />
[[Category:Utah]]</div>Dmitry Dessiatnikovhttps://wiki.owasp.org/index.php?title=Salt_Lake_City&diff=194441Salt Lake City2015-05-05T02:53:38Z<p>Dmitry Dessiatnikov: /* The next meeting is scheduled for Thursday, January 8th in conjunction with UtahSec */</p>
<hr />
<div>{{Chapter Template|chaptername=Salt_Lake|extra=The chapter leader is [mailto:dmitry.dessiatnikov@gmail.com Dmitry Dessiatnikov]<br />
<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Salt_Lake|emailarchives=http://lists.owasp.org/pipermail/owasp-Salt_Lake}}<br />
<br />
== Local News ==<br />
<br />
<br />
== ''The next meeting is scheduled for Thursday, May 7th in conjunction with [http://www.utahsec.org UtahSec]'' ==<br />
<br />
<br />
'''''Date:'''''<br />
<br />
''' May 7th, 2015'''<br />
<br />
<br />
'''''Time:'''''<br />
<br />
'''6 - 8 pm'''<br />
<br />
<br />
'''''Meeting location:'''''<br />
<br />
'''LDS Riverton Office Building'''<br />
<br />
'''3740 W 13400 S'''<br />
<br />
'''Riverton, UT 84065'''<br />
<br />
'''(Inform security guard at the front desk that you are attending OWASP)'''<br />
<br />
<br />
'''''Agenda: "OAuth and Open-ID-Connect" presentation by Cameron Morris. Abstract: In 2014 Eran Hammer removed himself from the OAuth 2.0 spec that he helped create. He complained that the simple protocol had been converted into complex framework that will likely lead to security vulnerabilities. Despite his warning, the industry has marched forward with OAuth 2.0 and OpenID-Connect. In this discussion we'll dissect OAuth 2.0 and OpenID Connect enough help expose some common pitfalls and what to look for in a flawed implementation."<br />
'''''<br />
<br />
'''Everyone is welcome to join us at our chapter meetings'''<br />
<br />
== Past Meetings ==<br />
=== OpenSAMM Project - Alan Jex - 3 Jan 2013 ===<br />
<br />
Alan discussed the Open Security Assurance Maturity Model (OpenSAMM) including his success at leveraging it to do a successful crawl/walk/run expansion of AppSec at his day job. HP hosted and served food (thanks!).<br />
Slides are available by clicking [[media:UtahSec-Software_Assurance_Maturity_Model.pptx|here.]]<br />
<br />
<!-- maybe need this link https://www.owasp.org/index.php/File:UtahSec-Software_Assurance_Maturity_Model.pptx <br />
!--><br />
<br />
[[Category:Utah]]</div>Dmitry Dessiatnikovhttps://wiki.owasp.org/index.php?title=Salt_Lake_City&diff=187676Salt Lake City2015-01-06T23:22:20Z<p>Dmitry Dessiatnikov: /* The next meeting is scheduled for Thursday, January 8th in conjunction with UtahSec */</p>
<hr />
<div>{{Chapter Template|chaptername=Salt_Lake|extra=The chapter leader is [mailto:dmitry.dessiatnikov@gmail.com Dmitry Dessiatnikov]<br />
<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Salt_Lake|emailarchives=http://lists.owasp.org/pipermail/owasp-Salt_Lake}}<br />
<br />
== Local News ==<br />
<br />
<br />
== ''The next meeting is scheduled for Thursday, January 8th in conjunction with [http://www.utahsec.org UtahSec]'' ==<br />
<br />
<br />
'''''Date:'''''<br />
<br />
''' January 8, 2015'''<br />
<br />
<br />
'''''Time:'''''<br />
<br />
'''6 - 8 pm'''<br />
<br />
<br />
'''''Meeting location:'''''<br />
<br />
'''LDS Riverton Office Building'''<br />
<br />
'''3740 W 13400 S'''<br />
<br />
'''Riverton, UT 84065'''<br />
<br />
'''(Inform security guard at the front desk that you are attending OWASP)'''<br />
<br />
<br />
'''''Agenda: Planning Meeting for 2015 and presentation by David Hazar "What your momma didn't teach you about cross-domain security"<br />
'''''<br />
<br />
'''Everyone is welcome to join us at our chapter meetings'''<br />
<br />
== Past Meetings ==<br />
=== OpenSAMM Project - Alan Jex - 3 Jan 2013 ===<br />
<br />
Alan discussed the Open Security Assurance Maturity Model (OpenSAMM) including his success at leveraging it to do a successful crawl/walk/run expansion of AppSec at his day job. HP hosted and served food (thanks!).<br />
Slides are available by clicking [[media:UtahSec-Software_Assurance_Maturity_Model.pptx|here.]]<br />
<br />
<!-- maybe need this link https://www.owasp.org/index.php/File:UtahSec-Software_Assurance_Maturity_Model.pptx <br />
!--><br />
<br />
[[Category:Utah]]</div>Dmitry Dessiatnikovhttps://wiki.owasp.org/index.php?title=Salt_Lake_City&diff=187516Salt Lake City2015-01-05T03:38:29Z<p>Dmitry Dessiatnikov: /* The next meeting is scheduled for Thursday, January 8th in conjunction with UtahSec */</p>
<hr />
<div>{{Chapter Template|chaptername=Salt_Lake|extra=The chapter leader is [mailto:dmitry.dessiatnikov@gmail.com Dmitry Dessiatnikov]<br />
<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Salt_Lake|emailarchives=http://lists.owasp.org/pipermail/owasp-Salt_Lake}}<br />
<br />
== Local News ==<br />
<br />
<br />
== ''The next meeting is scheduled for Thursday, January 8th in conjunction with [http://www.utahsec.org UtahSec]'' ==<br />
<br />
<br />
'''''Date:'''''<br />
<br />
''' January 8, 2015'''<br />
<br />
<br />
'''''Time:'''''<br />
<br />
'''6 - 8 pm'''<br />
<br />
<br />
'''''Meeting location:'''''<br />
<br />
'''LDS Riverton Office Building'''<br />
<br />
'''3740 W 13400 S'''<br />
<br />
'''Riverton, UT 84065'''<br />
<br />
'''(Inform security guard at the front desk that you are attending OWASP)'''<br />
<br />
<br />
'''''Agenda: Planning Meeting for 2015'''''<br />
<br />
'''Everyone is welcome to join us at our chapter meetings'''<br />
<br />
== Past Meetings ==<br />
=== OpenSAMM Project - Alan Jex - 3 Jan 2013 ===<br />
<br />
Alan discussed the Open Security Assurance Maturity Model (OpenSAMM) including his success at leveraging it to do a successful crawl/walk/run expansion of AppSec at his day job. HP hosted and served food (thanks!).<br />
Slides are available by clicking [[media:UtahSec-Software_Assurance_Maturity_Model.pptx|here.]]<br />
<br />
<!-- maybe need this link https://www.owasp.org/index.php/File:UtahSec-Software_Assurance_Maturity_Model.pptx <br />
!--><br />
<br />
[[Category:Utah]]</div>Dmitry Dessiatnikovhttps://wiki.owasp.org/index.php?title=Salt_Lake_City&diff=187515Salt Lake City2015-01-05T03:37:28Z<p>Dmitry Dessiatnikov: /* The next meeting is scheduled for Thursday, January 8th in conjunction with UtahSec */</p>
<hr />
<div>{{Chapter Template|chaptername=Salt_Lake|extra=The chapter leader is [mailto:dmitry.dessiatnikov@gmail.com Dmitry Dessiatnikov]<br />
<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Salt_Lake|emailarchives=http://lists.owasp.org/pipermail/owasp-Salt_Lake}}<br />
<br />
== Local News ==<br />
<br />
<br />
== ''The next meeting is scheduled for Thursday, January 8th in conjunction with [http://www.utahsec.org UtahSec]'' ==<br />
<br />
<br />
'''''Date:'''''<br />
<br />
''' January 8, 2015'''<br />
<br />
<br />
'''''Time:'''''<br />
<br />
'''6 - 8 pm'''<br />
<br />
<br />
'''''Meeting location:'''''<br />
<br />
'''LDS Riverton Office Building'''<br />
<br />
'''3740 W 13400 S'''<br />
<br />
'''Riverton, UT 84065'''<br />
<br />
'''(Inform security guard at the front desk that you are attending OWASP)'''<br />
<br />
<br />
'''''Planning Meeting for 2015'''''<br />
<br />
'''Everyone is welcome to join us at our chapter meetings'''<br />
<br />
== Past Meetings ==<br />
=== OpenSAMM Project - Alan Jex - 3 Jan 2013 ===<br />
<br />
Alan discussed the Open Security Assurance Maturity Model (OpenSAMM) including his success at leveraging it to do a successful crawl/walk/run expansion of AppSec at his day job. HP hosted and served food (thanks!).<br />
Slides are available by clicking [[media:UtahSec-Software_Assurance_Maturity_Model.pptx|here.]]<br />
<br />
<!-- maybe need this link https://www.owasp.org/index.php/File:UtahSec-Software_Assurance_Maturity_Model.pptx <br />
!--><br />
<br />
[[Category:Utah]]</div>Dmitry Dessiatnikovhttps://wiki.owasp.org/index.php?title=Salt_Lake_City&diff=177911Salt Lake City2014-07-02T03:30:07Z<p>Dmitry Dessiatnikov: </p>
<hr />
<div>{{Chapter Template|chaptername=Salt_Lake|extra=The chapter leader is [mailto:dmitry.dessiatnikov@gmail.com Dmitry Dessiatnikov]<br />
<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Salt_Lake|emailarchives=http://lists.owasp.org/pipermail/owasp-Salt_Lake}}<br />
<br />
== Local News ==<br />
<br />
<br />
== ''The next meeting is scheduled for Thursday, July 3rd in conjunction with [http://www.utahsec.org UtahSec]'' ==<br />
<br />
<br />
'''''Date:'''''<br />
<br />
''' July 3rd, 2014'''<br />
<br />
<br />
'''''Time:'''''<br />
<br />
'''6 - 8 pm'''<br />
<br />
<br />
'''''Meeting location:'''''<br />
<br />
'''''440 S 700 E SLC, Suite 102'''''<br />
<br />
'''Presenter: Danny Hawerton - DC801'''<br />
'''Topic: Heartbleed using Metasploit'''<br />
<br />
'''Everyone is welcome to join us at our chapter meetings'''<br />
<br />
== Past Meetings ==<br />
=== OpenSAMM Project - Alan Jex - 3 Jan 2013 ===<br />
<br />
Alan discussed the Open Security Assurance Maturity Model (OpenSAMM) including his success at leveraging it to do a successful crawl/walk/run expansion of AppSec at his day job. HP hosted and served food (thanks!).<br />
Slides are available by clicking [[media:UtahSec-Software_Assurance_Maturity_Model.pptx|here.]]<br />
<br />
<!-- maybe need this link https://www.owasp.org/index.php/File:UtahSec-Software_Assurance_Maturity_Model.pptx <br />
!--><br />
<br />
[[Category:Utah]]</div>Dmitry Dessiatnikovhttps://wiki.owasp.org/index.php?title=Salt_Lake_City&diff=176397Salt Lake City2014-06-04T03:07:09Z<p>Dmitry Dessiatnikov: </p>
<hr />
<div>{{Chapter Template|chaptername=Salt_Lake|extra=The chapter leader is [mailto:dmitry.dessiatnikov@gmail.com Dmitry Dessiatnikov]<br />
<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Salt_Lake|emailarchives=http://lists.owasp.org/pipermail/owasp-Salt_Lake}}<br />
<br />
== Local News ==<br />
<br />
<br />
== ''The next meeting is scheduled for Thursday, June 5th in conjunction with [http://www.utahsec.org UtahSec]'' ==<br />
<br />
<br />
'''''Date:'''''<br />
<br />
''' June 5th, 2014'''<br />
<br />
<br />
'''''Time:'''''<br />
<br />
'''6 - 8 pm'''<br />
<br />
<br />
'''''Meeting location:'''''<br />
<br />
'''''SecurityMetrics Office Building'''''<br />
'''''Basement Meeting Room'''''<br />
'''1275 West, 1600 North, Orem Utah'''<br />
<br />
'''Introductions/Announcements: Dmitry Dessiatnikov'''<br />
<br />
'''Presenter #1: John Overbaugh'''<br />
'''Topic: Achievable Security: Building Security into the Development Lifecycle'''<br />
<br />
'''Presenter #2: Aaron Willis'''<br />
'''Topic: Unconventional Defense Against WebScraping and Data Theft Attacks'''<br />
<br />
'''Food Sponsor: SecurityMetrics'''<br />
<br />
'''Everyone is welcome to join us at our chapter meetings'''<br />
<br />
== Past Meetings ==<br />
=== OpenSAMM Project - Alan Jex - 3 Jan 2013 ===<br />
<br />
Alan discussed the Open Security Assurance Maturity Model (OpenSAMM) including his success at leveraging it to do a successful crawl/walk/run expansion of AppSec at his day job. HP hosted and served food (thanks!).<br />
Slides are available by clicking [[media:UtahSec-Software_Assurance_Maturity_Model.pptx|here.]]<br />
<br />
<!-- maybe need this link https://www.owasp.org/index.php/File:UtahSec-Software_Assurance_Maturity_Model.pptx <br />
!--><br />
<br />
[[Category:Utah]]</div>Dmitry Dessiatnikovhttps://wiki.owasp.org/index.php?title=Salt_Lake_City&diff=176396Salt Lake City2014-06-04T03:01:21Z<p>Dmitry Dessiatnikov: </p>
<hr />
<div>{{Chapter Template|chaptername=Salt_Lake|extra=The chapter leader is [mailto:dmitry.dessiatnikov@gmail.com Dmitry Dessiatnikov]<br />
<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Salt_Lake|emailarchives=http://lists.owasp.org/pipermail/owasp-Salt_Lake}}<br />
<br />
== Local News ==<br />
<br />
<br />
== ''The next meeting is scheduled for Thursday, June 5th in conjunction with [http://www.utahsec.org UtahSec]'' ==<br />
<br />
<br />
'''''Date:'''''<br />
<br />
''' June 5th, 2014'''<br />
<br />
<br />
'''''Time:'''''<br />
<br />
'''6 - 8 pm'''<br />
<br />
<br />
'''''Meeting location:'''''<br />
<br />
'''1275 West, 1600 North, Orem Utah'''<br />
<br />
'''Introductions/Announcements: Dmitry Dessiatnikov'''<br />
<br />
'''Presenter #1: John Overbaugh'''<br />
'''Topic: Achievable Security: Building Security into the Development Lifecycle'''<br />
<br />
'''Presenter #2: Aaron Willis'''<br />
'''Topic: Unconventional Defense Against WebScraping and Data Theft Attacks'''<br />
<br />
'''Food Sponsor: SecurityMetrics'''<br />
<br />
'''Everyone is welcome to join us at our chapter meetings'''<br />
<br />
== Past Meetings ==<br />
=== OpenSAMM Project - Alan Jex - 3 Jan 2013 ===<br />
<br />
Alan discussed the Open Security Assurance Maturity Model (OpenSAMM) including his success at leveraging it to do a successful crawl/walk/run expansion of AppSec at his day job. HP hosted and served food (thanks!).<br />
Slides are available by clicking [[media:UtahSec-Software_Assurance_Maturity_Model.pptx|here.]]<br />
<br />
<!-- maybe need this link https://www.owasp.org/index.php/File:UtahSec-Software_Assurance_Maturity_Model.pptx <br />
!--><br />
<br />
[[Category:Utah]]</div>Dmitry Dessiatnikovhttps://wiki.owasp.org/index.php?title=Salt_Lake_City&diff=176395Salt Lake City2014-06-04T03:00:29Z<p>Dmitry Dessiatnikov: </p>
<hr />
<div>{{Chapter Template|chaptername=Salt_Lake|extra=The chapter leader is [mailto:dmitry.dessiatnikov@gmail.com Dmitry Dessiatnikov]<br />
<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Salt_Lake|emailarchives=http://lists.owasp.org/pipermail/owasp-Salt_Lake}}<br />
<br />
== Local News ==<br />
<br />
<br />
== ''The next meeting is scheduled for Thursday, June 5th in conjunction with [http://www.utahsec.org UtahSec]'' ==<br />
<br />
<br />
'''''Date:'''''<br />
<br />
''' June 5th, 2014'''<br />
<br />
<br />
'''''Time:'''''<br />
<br />
'''6 - 8 pm'''<br />
<br />
<br />
'''''Meeting location:'''''<br />
<br />
'''1275 West, 1600 North, Orem Utah'''<br />
<br />
'''Introductions/Announcements: Dmitry Dessiatnikov'''<br />
<br />
'''Presenter #1: John Overbaugh'''<br />
'''Topic: Achievable Security: Building Security into the Development Lifecycle'''<br />
'''Summary:''' You simply cannot test security into your web applications; it must be part and parcel to the development effort. Sadly, few teams approach with a complete “security first” perspective. The good news is, it isn’t much more costly to build secure applications as it is to build insecure applications; it just takes tools, skills, and a little process. This presentation examines these tools, skills, and processes necessary for building increasingly secure code – even in Agile environments. <br />
'''Bio: ''' John Overbaugh is managing director of security services at Caliber Security Partners. He has nearly 20 years of experience building robust, secure software – from consumer desktop applications to enterprise web applications and everything in between. He is a CISSP, GWAPT, GSLC and GCIH and has training and expertise in mobile security. John has been leading secure development efforts since 1999, when he led the first application after Windows to undergo the “Secure Windows Initiative” at Microsoft. He is a frequent presenter and a passionate technology geek. <br />
<br />
'''Presenter #2: Aaron Willis'''<br />
'''Topic: Unconventional Defense Against WebScraping and Data Theft Attacks'''<br />
'''Summary:''' Website data can be a valuable asset for a business and data thieves are relentless in their efforts to harvest data for their own personal use or for resale. Many times this is not an issue when the proliferation of the data is in the best interest of the business, but for others it is critical to protect data from being harvested by or sold to competitors. This presentation examines methods, techniques and case studies for protecting website data from automated web scraping attacks. <br />
'''Bio:''' Aaron Willis is a Senior Forensic Analyst at SecurityMetrics. He is also the owner of ScrapeGoat, Inc., a local data analytics and web scraping company. He has over 15 years of experience in web scraping and anti-web scraping methods and technologies. Aaron has also taught Information Security and Forensic classes at Utah Valley University for over 5 years. He graduated from UVU with a bachelor of science in Information Technology and will finish a masters program in Digital Forensics this summer. He has been with SecurityMetrics almost 4 years and has completed over 50 investigations. <br />
<br />
'''Food Sponsor: SecurityMetrics'''<br />
<br />
'''Everyone is welcome to join us at our chapter meetings'''<br />
<br />
== Past Meetings ==<br />
=== OpenSAMM Project - Alan Jex - 3 Jan 2013 ===<br />
<br />
Alan discussed the Open Security Assurance Maturity Model (OpenSAMM) including his success at leveraging it to do a successful crawl/walk/run expansion of AppSec at his day job. HP hosted and served food (thanks!).<br />
Slides are available by clicking [[media:UtahSec-Software_Assurance_Maturity_Model.pptx|here.]]<br />
<br />
<!-- maybe need this link https://www.owasp.org/index.php/File:UtahSec-Software_Assurance_Maturity_Model.pptx <br />
!--><br />
<br />
[[Category:Utah]]</div>Dmitry Dessiatnikovhttps://wiki.owasp.org/index.php?title=Salt_Lake_City&diff=176394Salt Lake City2014-06-04T02:59:51Z<p>Dmitry Dessiatnikov: </p>
<hr />
<div>{{Chapter Template|chaptername=Salt_Lake|extra=The chapter leader is [mailto:dmitry.dessiatnikov@gmail.com Dmitry Dessiatnikov]<br />
<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Salt_Lake|emailarchives=http://lists.owasp.org/pipermail/owasp-Salt_Lake}}<br />
<br />
== Local News ==<br />
<br />
<br />
== ''The next meeting is scheduled for Thursday, June 5th in conjunction with [http://www.utahsec.org UtahSec]'' ==<br />
<br />
<br />
'''''Date:'''''<br />
<br />
''' June 5th, 2014'''<br />
<br />
<br />
'''''Time:'''''<br />
<br />
'''6 - 8 pm'''<br />
<br />
<br />
'''''Meeting location:'''''<br />
<br />
'''1275 West, 1600 North, Orem Utah'''<br />
<br />
‘’’Introductions/Announcements: Dmitry Dessiatnikov'''<br />
<br />
'''Presenter #1: John Overbaugh'''<br />
'''Topic: Achievable Security: Building Security into the Development Lifecycle'''<br />
'''Summary:''' You simply cannot test security into your web applications; it must be part and parcel to the development effort. Sadly, few teams approach with a complete “security first” perspective. The good news is, it isn’t much more costly to build secure applications as it is to build insecure applications; it just takes tools, skills, and a little process. This presentation examines these tools, skills, and processes necessary for building increasingly secure code – even in Agile environments. <br />
'''Bio: ''' John Overbaugh is managing director of security services at Caliber Security Partners. He has nearly 20 years of experience building robust, secure software – from consumer desktop applications to enterprise web applications and everything in between. He is a CISSP, GWAPT, GSLC and GCIH and has training and expertise in mobile security. John has been leading secure development efforts since 1999, when he led the first application after Windows to undergo the “Secure Windows Initiative” at Microsoft. He is a frequent presenter and a passionate technology geek. <br />
<br />
'''Presenter #2: Aaron Willis'''<br />
'''Topic: Unconventional Defense Against WebScraping and Data Theft Attacks'''<br />
'''Summary:''' Website data can be a valuable asset for a business and data thieves are relentless in their efforts to harvest data for their own personal use or for resale. Many times this is not an issue when the proliferation of the data is in the best interest of the business, but for others it is critical to protect data from being harvested by or sold to competitors. This presentation examines methods, techniques and case studies for protecting website data from automated web scraping attacks. <br />
'''Bio:''' Aaron Willis is a Senior Forensic Analyst at SecurityMetrics. He is also the owner of ScrapeGoat, Inc., a local data analytics and web scraping company. He has over 15 years of experience in web scraping and anti-web scraping methods and technologies. Aaron has also taught Information Security and Forensic classes at Utah Valley University for over 5 years. He graduated from UVU with a bachelor of science in Information Technology and will finish a masters program in Digital Forensics this summer. He has been with SecurityMetrics almost 4 years and has completed over 50 investigations. <br />
<br />
'''Food Sponsor: SecurityMetrics'''<br />
<br />
'''Everyone is welcome to join us at our chapter meetings'''<br />
<br />
== Past Meetings ==<br />
=== OpenSAMM Project - Alan Jex - 3 Jan 2013 ===<br />
<br />
Alan discussed the Open Security Assurance Maturity Model (OpenSAMM) including his success at leveraging it to do a successful crawl/walk/run expansion of AppSec at his day job. HP hosted and served food (thanks!).<br />
Slides are available by clicking [[media:UtahSec-Software_Assurance_Maturity_Model.pptx|here.]]<br />
<br />
<!-- maybe need this link https://www.owasp.org/index.php/File:UtahSec-Software_Assurance_Maturity_Model.pptx <br />
!--><br />
<br />
[[Category:Utah]]</div>Dmitry Dessiatnikovhttps://wiki.owasp.org/index.php?title=Salt_Lake_City&diff=176393Salt Lake City2014-06-04T02:58:59Z<p>Dmitry Dessiatnikov: </p>
<hr />
<div>{{Chapter Template|chaptername=Salt_Lake|extra=The chapter leader is [mailto:dmitry.dessiatnikov@gmail.com Dmitry Dessiatnikov]<br />
<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Salt_Lake|emailarchives=http://lists.owasp.org/pipermail/owasp-Salt_Lake}}<br />
<br />
== Local News ==<br />
<br />
<br />
== ''The next meeting is scheduled for Thursday, June 5th in conjunction with [http://www.utahsec.org UtahSec]'' ==<br />
<br />
<br />
'''''Date:'''''<br />
<br />
''' June 5th, 2014'''<br />
<br />
<br />
'''''Time:'''''<br />
<br />
'''6 - 8 pm'''<br />
<br />
<br />
'''''Meeting location:'''''<br />
<br />
'''1275 West, 1600 North, Orem Utah'''<br />
<br />
<br />
'''Introductions/Announcements: Dmitry Dessiatnikov'''<br />
<br />
'''Presenter #1: John Overbaugh'''<br />
'''Topic: Achievable Security: Building Security into the Development Lifecycle'''<br />
'''Summary:''' You simply cannot test security into your web applications; it must be part and parcel to the development effort. Sadly, few teams approach with a complete “security first” perspective. The good news is, it isn’t much more costly to build secure applications as it is to build insecure applications; it just takes tools, skills, and a little process. This presentation examines these tools, skills, and processes necessary for building increasingly secure code – even in Agile environments. <br />
'''Bio: ''' John Overbaugh is managing director of security services at Caliber Security Partners. He has nearly 20 years of experience building robust, secure software – from consumer desktop applications to enterprise web applications and everything in between. He is a CISSP, GWAPT, GSLC and GCIH and has training and expertise in mobile security. John has been leading secure development efforts since 1999, when he led the first application after Windows to undergo the “Secure Windows Initiative” at Microsoft. He is a frequent presenter and a passionate technology geek. <br />
<br />
'''Presenter #2: Aaron Willis'''<br />
'''Topic: Unconventional Defense Against WebScraping and Data Theft Attacks'''<br />
'''Summary:''' Website data can be a valuable asset for a business and data thieves are relentless in their efforts to harvest data for their own personal use or for resale. Many times this is not an issue when the proliferation of the data is in the best interest of the business, but for others it is critical to protect data from being harvested by or sold to competitors. This presentation examines methods, techniques and case studies for protecting website data from automated web scraping attacks. <br />
'''Bio:''' Aaron Willis is a Senior Forensic Analyst at SecurityMetrics. He is also the owner of ScrapeGoat, Inc., a local data analytics and web scraping company. He has over 15 years of experience in web scraping and anti-web scraping methods and technologies. Aaron has also taught Information Security and Forensic classes at Utah Valley University for over 5 years. He graduated from UVU with a bachelor of science in Information Technology and will finish a masters program in Digital Forensics this summer. He has been with SecurityMetrics almost 4 years and has completed over 50 investigations. <br />
<br />
'''Food Sponsor: SecurityMetrics'''<br />
<br />
'''Everyone is welcome to join us at our chapter meetings'''<br />
<br />
== Past Meetings ==<br />
=== OpenSAMM Project - Alan Jex - 3 Jan 2013 ===<br />
<br />
Alan discussed the Open Security Assurance Maturity Model (OpenSAMM) including his success at leveraging it to do a successful crawl/walk/run expansion of AppSec at his day job. HP hosted and served food (thanks!).<br />
Slides are available by clicking [[media:UtahSec-Software_Assurance_Maturity_Model.pptx|here.]]<br />
<br />
<!-- maybe need this link https://www.owasp.org/index.php/File:UtahSec-Software_Assurance_Maturity_Model.pptx <br />
!--><br />
<br />
[[Category:Utah]]</div>Dmitry Dessiatnikovhttps://wiki.owasp.org/index.php?title=Salt_Lake_City&diff=176392Salt Lake City2014-06-04T02:58:08Z<p>Dmitry Dessiatnikov: </p>
<hr />
<div>{{Chapter Template|chaptername=Salt_Lake|extra=The chapter leader is [mailto:dmitry.dessiatnikov@gmail.com Dmitry Dessiatnikov]<br />
<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Salt_Lake|emailarchives=http://lists.owasp.org/pipermail/owasp-Salt_Lake}}<br />
<br />
== Local News ==<br />
<br />
<br />
== ''The next meeting is scheduled for Thursday, June 5th in conjunction with [http://www.utahsec.org UtahSec]'' ==<br />
<br />
<br />
'''''Date:'''''<br />
<br />
''' June 5th, 2014'''<br />
<br />
<br />
'''''Time:'''''<br />
<br />
'''6 - 8 pm'''<br />
<br />
<br />
'''''Meeting location:'''''<br />
<br />
'''1275 West, 1600 North, Orem Utah'''<br />
<br />
<br />
'''Introductions/Announcements: Dmitry Dessiatnikov'''<br />
<br />
'''Presenter #1: John Overbaugh'''<br />
'''Topic: Achievable Security: Building Security into the Development Lifecycle'''<br />
'''Summary:''' You simply cannot test security into your web applications; it must be part and parcel to the development effort. Sadly, few teams approach with a complete “security first” perspective. The good news is, it isn’t much more costly to build secure applications as it is to build insecure applications; it just takes tools, skills, and a little process. This presentation examines these tools, skills, and processes necessary for building increasingly secure code – even in Agile environments. <br />
'''Bio: ''' John Overbaugh is managing director of security services at Caliber Security Partners. He has nearly 20 years of experience building robust, secure software – from consumer desktop applications to enterprise web applications and everything in between. He is a CISSP, GWAPT, GSLC and GCIH and has training and expertise in mobile security. John has been leading secure development efforts since 1999, when he led the first application after Windows to undergo the “Secure Windows Initiative” at Microsoft. He is a frequent presenter and a passionate technology geek. <br />
<br />
'''Presenter #2: Aaron Willis'''<br />
'''Topic: Unconventional Defense Against WebScraping and Data Theft Attacks'''<br />
'''Summary:''' Website data can be a valuable asset for a business and data thieves are relentless in their efforts to harvest data for their own personal use or for resale. Many times this is not an issue when the proliferation of the data is in the best interest of the business, but for others it is critical to protect data from being harvested by or sold to competitors. This presentation examines methods, techniques and case studies for protecting website data from automated web scraping attacks. <br />
'''Bio:''' Aaron Willis is a Senior Forensic Analyst at SecurityMetrics. He is also the owner of ScrapeGoat, Inc., a local data analytics and web scraping company. He has over 15 years of experience in web scraping and anti-web scraping methods and technologies. Aaron has also taught Information Security and Forensic classes at Utah Valley University for over 5 years. He graduated from UVU with a bachelor of science in Information Technology and will finish a masters program in Digital Forensics this summer. He has been with SecurityMetrics almost 4 years and has completed over 50 investigations. <br />
<br />
'''Food Sponsor: SecurityMetrics'''<br />
<br />
'''Everyone is welcome to join us at our chapter meetings'''<br />
<br />
== Past Meetings ==<br />
=== OpenSAMM Project - Alan Jex - 3 Jan 2013 ===<br />
<br />
Alan discussed the Open Security Assurance Maturity Model (OpenSAMM) including his success at leveraging it to do a successful crawl/walk/run expansion of AppSec at his day job. HP hosted and served food (thanks!).<br />
Slides are available by clicking [[media:UtahSec-Software_Assurance_Maturity_Model.pptx|here.]]<br />
<br />
<!-- maybe need this link https://www.owasp.org/index.php/File:UtahSec-Software_Assurance_Maturity_Model.pptx <br />
!--><br />
<br />
[[Category:Utah]]</div>Dmitry Dessiatnikovhttps://wiki.owasp.org/index.php?title=Salt_Lake_City&diff=176391Salt Lake City2014-06-04T02:56:32Z<p>Dmitry Dessiatnikov: </p>
<hr />
<div>{{Chapter Template|chaptername=Salt_Lake|extra=The chapter leader is [mailto:dmitry.dessiatnikov@gmail.com Dmitry Dessiatnikov]<br />
<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Salt_Lake|emailarchives=http://lists.owasp.org/pipermail/owasp-Salt_Lake}}<br />
<br />
== Local News ==<br />
<br />
<br />
== ''The next meeting is scheduled for Thursday, June 5th in conjunction with [http://www.utahsec.org UtahSec]'' ==<br />
<br />
<br />
'''''Date:'''''<br />
<br />
''' June 5th, 2014'''<br />
<br />
<br />
'''''Time:'''''<br />
<br />
'''6 - 8 pm'''<br />
<br />
<br />
'''''Meeting location:'''''<br />
<br />
'''1275 West, 1600 North, Orem Utah'''<br />
<br />
<br />
Introductions/Announcements: Dmitry Dessiatnikov<br />
<br />
Presenter #1: John Overbaugh<br />
Topic: Achievable Security: Building Security into the Development Lifecycle<br />
Summary: You simply cannot test security into your web applications; it must be part and parcel to the development effort. Sadly, few teams approach with a complete “security first” perspective. The good news is, it isn’t much more costly to build secure applications as it is to build insecure applications; it just takes tools, skills, and a little process. This presentation examines these tools, skills, and processes necessary for building increasingly secure code – even in Agile environments. <br />
Bio: John Overbaugh is managing director of security services at Caliber Security Partners. He has nearly 20 years of experience building robust, secure software – from consumer desktop applications to enterprise web applications and everything in between. He is a CISSP, GWAPT, GSLC and GCIH and has training and expertise in mobile security. John has been leading secure development efforts since 1999, when he led the first application after Windows to undergo the “Secure Windows Initiative” at Microsoft. He is a frequent presenter and a passionate technology geek. <br />
<br />
Presenter #2: Aaron Willis<br />
Topic: Unconventional Defense Against WebScraping and Data Theft Attacks<br />
Summary: Website data can be a valuable asset for a business and data thieves are relentless in their efforts to harvest data for their own personal use or for resale. Many times this is not an issue when the proliferation of the data is in the best interest of the business, but for others it is critical to protect data from being harvested by or sold to competitors. This presentation examines methods, techniques and case studies for protecting website data from automated web scraping attacks. <br />
Bio: Aaron Willis is a Senior Forensic Analyst at SecurityMetrics. He is also the owner of ScrapeGoat, Inc., a local data analytics and web scraping company. He has over 15 years of experience in web scraping and anti-web scraping methods and technologies. Aaron has also taught Information Security and Forensic classes at Utah Valley University for over 5 years. He graduated from UVU with a bachelor of science in Information Technology and will finish a masters program in Digital Forensics this summer. He has been with SecurityMetrics almost 4 years and has completed over 50 investigations. <br />
<br />
'''Food Sponsor: SecurityMetrics'''<br />
<br />
'''Everyone is welcome to join us at our chapter meetings'''<br />
<br />
== Past Meetings ==<br />
=== OpenSAMM Project - Alan Jex - 3 Jan 2013 ===<br />
<br />
Alan discussed the Open Security Assurance Maturity Model (OpenSAMM) including his success at leveraging it to do a successful crawl/walk/run expansion of AppSec at his day job. HP hosted and served food (thanks!).<br />
Slides are available by clicking [[media:UtahSec-Software_Assurance_Maturity_Model.pptx|here.]]<br />
<br />
<!-- maybe need this link https://www.owasp.org/index.php/File:UtahSec-Software_Assurance_Maturity_Model.pptx <br />
!--><br />
<br />
[[Category:Utah]]</div>Dmitry Dessiatnikovhttps://wiki.owasp.org/index.php?title=Salt_Lake_City&diff=171430Salt Lake City2014-04-02T01:11:01Z<p>Dmitry Dessiatnikov: </p>
<hr />
<div>{{Chapter Template|chaptername=Salt_Lake|extra=The chapter leader is [mailto:dmitry.dessiatnikov@gmail.com Dmitry Dessiatnikov]<br />
<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Salt_Lake|emailarchives=http://lists.owasp.org/pipermail/owasp-Salt_Lake}}<br />
<br />
== Local News ==<br />
<br />
<br />
== ''The next meeting is scheduled for Thursday, April 3rd in conjunction with [http://www.utahsec.org UtahSec]'' ==<br />
<br />
<br />
'''''Date:'''''<br />
<br />
''' April 3rd, 2014'''<br />
<br />
<br />
'''''Time:'''''<br />
<br />
'''6 - 8 pm'''<br />
<br />
<br />
'''''Meeting location:'''''<br />
<br />
'''LDS Riverton Office Building'''<br />
<br />
'''3740 W 13400 S'''<br />
<br />
'''Riverton, UT 84065'''<br />
<br />
<br />
'''''"Penetration Testing control systems and hardware hacking"'''''<br />
<br />
'''By Justin Searle of Utilisec'''<br />
<br />
'''Food Sponsor: FireEye'''<br />
<br />
'''Everyone is welcome to join us at our chapter meetings'''<br />
<br />
== Past Meetings ==<br />
=== OpenSAMM Project - Alan Jex - 3 Jan 2013 ===<br />
<br />
Alan discussed the Open Security Assurance Maturity Model (OpenSAMM) including his success at leveraging it to do a successful crawl/walk/run expansion of AppSec at his day job. HP hosted and served food (thanks!).<br />
Slides are available by clicking [[media:UtahSec-Software_Assurance_Maturity_Model.pptx|here.]]<br />
<br />
<!-- maybe need this link https://www.owasp.org/index.php/File:UtahSec-Software_Assurance_Maturity_Model.pptx <br />
!--><br />
<br />
[[Category:Utah]]</div>Dmitry Dessiatnikovhttps://wiki.owasp.org/index.php?title=Salt_Lake_City&diff=169519Salt Lake City2014-03-05T20:48:24Z<p>Dmitry Dessiatnikov: </p>
<hr />
<div>{{Chapter Template|chaptername=Salt_Lake|extra=The chapter leader is [mailto:dmitry.dessiatnikov@gmail.com Dmitry Dessiatnikov]<br />
<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Salt_Lake|emailarchives=http://lists.owasp.org/pipermail/owasp-Salt_Lake}}<br />
<br />
== Local News ==<br />
<br />
<br />
== ''The next meeting is scheduled for Thursday, March 6th in conjunction with [http://www.utahsec.org UtahSec]'' ==<br />
<br />
<br />
'''''Date:'''''<br />
<br />
''' March 6th, 2014'''<br />
<br />
<br />
'''''Time:'''''<br />
<br />
'''6 - 8 pm'''<br />
<br />
<br />
'''''Meeting location:'''''<br />
<br />
'''LDS Riverton Office Building'''<br />
<br />
'''3740 W 13400 S'''<br />
<br />
'''Riverton, UT 84065'''<br />
<br />
<br />
'''''"DoS/DDoS Attacks"'''''<br />
<br />
'''By Drew Peck, LDS Church IT'''<br />
<br />
'''Food Sponsor: Solutions II'''<br />
<br />
'''Everyone is welcome to join us at our chapter meetings'''<br />
<br />
== Past Meetings ==<br />
=== OpenSAMM Project - Alan Jex - 3 Jan 2013 ===<br />
<br />
Alan discussed the Open Security Assurance Maturity Model (OpenSAMM) including his success at leveraging it to do a successful crawl/walk/run expansion of AppSec at his day job. HP hosted and served food (thanks!).<br />
Slides are available by clicking [[media:UtahSec-Software_Assurance_Maturity_Model.pptx|here.]]<br />
<br />
<!-- maybe need this link https://www.owasp.org/index.php/File:UtahSec-Software_Assurance_Maturity_Model.pptx <br />
!--><br />
<br />
[[Category:Utah]]</div>Dmitry Dessiatnikovhttps://wiki.owasp.org/index.php?title=Salt_Lake_City&diff=165740Salt Lake City2014-01-13T00:36:48Z<p>Dmitry Dessiatnikov: </p>
<hr />
<div>{{Chapter Template|chaptername=Salt_Lake|extra=The chapter leader is [mailto:dmitry.dessiatnikov@gmail.com Dmitry Dessiatnikov]<br />
<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Salt_Lake|emailarchives=http://lists.owasp.org/pipermail/owasp-Salt_Lake}}<br />
<br />
== Local News ==<br />
<br />
<br />
== ''The next meeting is scheduled for Thursday, February 6th in conjunction with [http://www.utahsec.org UtahSec]'' ==<br />
<br />
<br />
'''''Date:'''''<br />
<br />
''' February 6th, 2014'''<br />
<br />
<br />
'''''Time:'''''<br />
<br />
'''6 - 8 pm'''<br />
<br />
<br />
'''''Meeting location:'''''<br />
<br />
'''LDS Riverton Office Building'''<br />
<br />
'''3740 W 13400 S'''<br />
<br />
'''Riverton, UT 84065'''<br />
<br />
<br />
'''''"Mobile Application and BYOD (Bring Your Own Device) Security"'''''<br />
<br />
'''By Dmitry Dessiatnikov, Security Aim'''<br />
<br />
'''Food Sponsor: TBA'''<br />
<br />
'''Abstract:'''<br />
<br />
''The explosion of the mobile application market coupled with acceptance of "bring your own device" (BYOD) to enterprise environments comes with its unique security risks. While driven by a rise in productivity, convenience and overall user satisfaction BYOD increases the attack surface that most businesses are not prepared for. In this presentation we will cover the reasons for concern along with a demonstration of a remote compromise of an Android phone in a corporate environment. We will also discuss the OWASP top 10 mobile risks and demonstrate some common issues with a vulnerable iOS mobile application. A free tool will be shared with the audience that can assist with assessing their corporate BYOD environments. Finally, we will cover some mitigating controls and what can be done to address raised issues.''<br />
<br />
'''Everyone is welcome to join us at our chapter meetings'''<br />
<br />
== Past Meetings ==<br />
=== OpenSAMM Project - Alan Jex - 3 Jan 2013 ===<br />
<br />
Alan discussed the Open Security Assurance Maturity Model (OpenSAMM) including his success at leveraging it to do a successful crawl/walk/run expansion of AppSec at his day job. HP hosted and served food (thanks!).<br />
Slides are available by clicking [[media:UtahSec-Software_Assurance_Maturity_Model.pptx|here.]]<br />
<br />
<!-- maybe need this link https://www.owasp.org/index.php/File:UtahSec-Software_Assurance_Maturity_Model.pptx <br />
!--><br />
<br />
[[Category:Utah]]</div>Dmitry Dessiatnikovhttps://wiki.owasp.org/index.php?title=Salt_Lake_City&diff=165739Salt Lake City2014-01-13T00:34:43Z<p>Dmitry Dessiatnikov: </p>
<hr />
<div>{{Chapter Template|chaptername=Salt_Lake|extra=The chapter leader is [mailto:dmitry.dessiatnikov@gmail.com Dmitry Dessiatnikov]<br />
<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Salt_Lake|emailarchives=http://lists.owasp.org/pipermail/owasp-Salt_Lake}}<br />
<br />
== Local News ==<br />
<br />
<br />
== ''The next meeting is scheduled for Thursday, February 6th in conjunction with [http://www.utahsec.org UtahSec]'' ==<br />
<br />
<br />
'''''Date:'''''<br />
<br />
''' February 6th, 2014'''<br />
<br />
<br />
'''''Time:'''''<br />
<br />
'''6 - 8 pm'''<br />
<br />
<br />
'''''Meeting location:'''''<br />
<br />
'''LDS Riverton Office Building'''<br />
<br />
'''3740 W 13400 S'''<br />
<br />
'''Riverton, UT 84065'''<br />
<br />
<br />
'''''"Mobile Application and BYOD (Bring Your Own Device) Security"'''''<br />
<br />
'''By Dmitry Dessiatnikov, Security Aim'''<br />
<br />
'''Food Sponsor: TBA'''<br />
<br />
'''Abstract:'''<br />
<br />
''The explosion of the mobile application market coupled with acceptance of "bring your own device" (BYOD) to enterprise environments comes with its unique security risks. While driven by a rise in productivity, convenience and overall user satisfaction BYOD increases the attack surface that most businesses are not prepared for. In this presentation we will cover the reasons for concern along with a demonstration of a remote compromise of an Android phone in a corporate environment. We will also discuss the OWASP top 10 mobile risks and demonstrate some common issues with a vulnerable iOS mobile application. A free tool will be shared with the audience that can be used to assess their corporate BYOD environments. Finally, we will cover some mitigating controls and what can be done to address raised issues.''<br />
<br />
'''Everyone is welcome to join us at our chapter meetings'''<br />
<br />
== Past Meetings ==<br />
=== OpenSAMM Project - Alan Jex - 3 Jan 2013 ===<br />
<br />
Alan discussed the Open Security Assurance Maturity Model (OpenSAMM) including his success at leveraging it to do a successful crawl/walk/run expansion of AppSec at his day job. HP hosted and served food (thanks!).<br />
Slides are available by clicking [[media:UtahSec-Software_Assurance_Maturity_Model.pptx|here.]]<br />
<br />
<!-- maybe need this link https://www.owasp.org/index.php/File:UtahSec-Software_Assurance_Maturity_Model.pptx <br />
!--><br />
<br />
[[Category:Utah]]</div>Dmitry Dessiatnikov