OWASP - User contributions [en]

Columbus

2009-09-01T10:48:41Z

Echo5haiz: /* 2009 Q3 Meeting */

{{Chapter Template|chaptername=Columbus, OH|extra=The chapter leaders are [mailto:owasp(at)hayesdf.com Chris Hayes] , [mailto:greg.s.green@gmail.com Greg Green], and [mailto:owasp(at)cgsvo.org Chris Green]. |mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-columbus|emailarchives=http://lists.owasp.org/pipermail/owasp-columbus}}
==== Local News ====
<paypal>Columbus</paypal>

'''– REMINDER – Next chapter meeting - September 29th, 2009, 6:00 PM - 8:00 PM'''
'''** Click "Chapter Meetings" tab for details. **'''

To submit educational topics for upcoming meetings, please submit your powerpoint using the
[http://www.owasp.org/images/5/54/Presentation_template.ppt OWASP Template] and include a speaker BIO. Any inquiries regarding chapter or meeting sponsors can be directed to [mailto:owasp(at)hayesdf.com Chris Hayes]. Please begin the subject header with: [OWASP COLUMBUS].

Thank you!

==== Chapter Meetings ====
== 2009 Q3 Meeting ==

'''When:''' September 29th, 2009, 6:00 PM - 8:00 PM, Doors open at 5:30 PM; ** Refreshments Provided **

'''Where:''' [http://www.innova-partners.com/ Innova Partners] 130 E. Chestnut St., Suite 100, Columbus, OH 43215
http://maps.google.com/maps?f=q&hl=en&geocode=&q=130+E+Chestnut+St,+Columbus,+OH+43215&sll=37.0625,-95.677068&sspn=50.244827,71.542969&ie=UTF8&s=AARTsJqTB5jVDz_BQJCw5RLKBjuh1iBO-g&view=map

'''Parking:''' On Chestnut street; in front of and behind building.

'''General Session Topic:''' PHP Security

'''Speakers:''' Jon Canady, Web Application Developer, [http://www.innova-partners.com/ Innova Partners]

'''Topic Summary:''' PHP is a widely used, general-purpose scripting language, originally designed to produce dynamic web pages. In 2007, The PHP Group reported it was utilized on over 20 million websites and 1 million web servers. In 2008, the National Vulnerability Database claimed PHP accounted for 35% of software vulnerabilities, with nearly all caused by poor programming practices. Every PHP developer, hoster, and security professional should understand the primary attack vectors being used by attackers against PHP applications. During this OWASP meeting we will be deep-diving into PHP security. Specifically, Mr. Canady will be covering the OWASP Top 10 in the context of PHP.

The Columbus OWASP Chapter leadership would like to thank [http://www.innova-partners.com/ Innova Partners] for both sponsoring and hosting this event.

'''RSVP:''' Please RSVP to owasp@hayesdf.com as soon as possible.

==== Columbus OWASP Chapter Leaders ====
The chapter leaders are [mailto:owasp(at)hayesdf.com Chris Hayes] , Greg Green, and [mailto:owasp(at)cgsvo.org Chris Green].
__NOTOC__
<headertabs/>
[[Category:Ohio]]

Columbus

2009-09-01T10:42:19Z

Echo5haiz: /* 2009 Q3 Meeting */

{{Chapter Template|chaptername=Columbus, OH|extra=The chapter leaders are [mailto:owasp(at)hayesdf.com Chris Hayes] , [mailto:greg.s.green@gmail.com Greg Green], and [mailto:owasp(at)cgsvo.org Chris Green]. |mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-columbus|emailarchives=http://lists.owasp.org/pipermail/owasp-columbus}}
==== Local News ====
<paypal>Columbus</paypal>

'''– REMINDER – Next chapter meeting - September 29th, 2009, 6:00 PM - 8:00 PM'''
'''** Click "Chapter Meetings" tab for details. **'''

To submit educational topics for upcoming meetings, please submit your powerpoint using the
[http://www.owasp.org/images/5/54/Presentation_template.ppt OWASP Template] and include a speaker BIO. Any inquiries regarding chapter or meeting sponsors can be directed to [mailto:owasp(at)hayesdf.com Chris Hayes]. Please begin the subject header with: [OWASP COLUMBUS].

Thank you!

==== Chapter Meetings ====
== 2009 Q3 Meeting ==

'''When:''' September 29th, 2009, 6:00 PM - 8:00 PM, Doors open at 5:30 PM; ** Refreshments Provided **

'''Where:''' 130 E. Chestnut St., Suite 100, Columbus, OH 43215
http://maps.google.com/maps?f=q&hl=en&geocode=&q=130+E+Chestnut+St,+Columbus,+OH+43215&sll=37.0625,-95.677068&sspn=50.244827,71.542969&ie=UTF8&s=AARTsJqTB5jVDz_BQJCw5RLKBjuh1iBO-g&view=map

'''Parking:''' On Chestnut street; in front of and behind building.

'''General Session Topic:''' PHP Security

'''Speakers:''' Jon Canady, Web Application Developer, Innova Partners

'''Topic Summary:''' PHP is a widely used, general-purpose scripting language, originally designed to produce dynamic web pages. In 2007, The PHP Group reported it was utilized on over 20 million websites and 1 million web servers. In 2008, the National Vulnerability Database claimed PHP accounted for 35% of software vulnerabilities, with nearly all caused by poor programming practices. Every PHP developer, hoster, and security professional should understand the primary attack vectors being used by attackers against PHP applications. During this OWASP meeting we will be deep-diving into PHP security. Specifically, Mr. Canady will be covering the OWASP Top 10 in the context of PHP.

The Columbus OWASP Chapter leadership would like to thank Innova Partners for both sponsoring and hosting this event.

'''RSVP:''' Please RSVP to owasp@hayesdf.com as soon as possible.

==== Columbus OWASP Chapter Leaders ====
The chapter leaders are [mailto:owasp(at)hayesdf.com Chris Hayes] , Greg Green, and [mailto:owasp(at)cgsvo.org Chris Green].
__NOTOC__
<headertabs/>
[[Category:Ohio]]

Columbus

2009-08-30T21:05:04Z

Echo5haiz:

{{Chapter Template|chaptername=Columbus, OH|extra=The chapter leaders are [mailto:owasp(at)hayesdf.com Chris Hayes] , [mailto:greg.s.green@gmail.com Greg Green], and [mailto:owasp(at)cgsvo.org Chris Green]. |mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-columbus|emailarchives=http://lists.owasp.org/pipermail/owasp-columbus}}
==== Local News ====
<paypal>Columbus</paypal>

'''– REMINDER – Next chapter meeting - September 29th, 2009, 6:00 PM - 8:00 PM'''
'''** Click "Chapter Meetings" tab for details. **'''

To submit educational topics for upcoming meetings, please submit your powerpoint using the
[http://www.owasp.org/images/5/54/Presentation_template.ppt OWASP Template] and include a speaker BIO. Any inquiries regarding chapter or meeting sponsors can be directed to [mailto:owasp(at)hayesdf.com Chris Hayes]. Please begin the subject header with: [OWASP COLUMBUS].

Thank you!

==== Chapter Meetings ====
== 2009 Q3 Meeting ==

'''When:''' September 29th, 2009, 6:00 PM - 8:00 PM, Doors open at 5:30 PM; ** Refreshments Provided **

'''Where:''' 130 E. Chestnut St., Suite 100, Columbus, OH 43215
http://maps.google.com/maps?f=q&hl=en&geocode=&q=130+E+Chestnut+St,+Columbus,+OH+43215&sll=37.0625,-95.677068&sspn=50.244827,71.542969&ie=UTF8&s=AARTsJqTB5jVDz_BQJCw5RLKBjuh1iBO-g&view=map

'''Parking:''' http://www.innova-partners.com/files/directions_innova.pdf

'''General Session Topic:''' PHP Security

'''Speakers:''' Jon Canady, Web Application Developer, Innova Partners

'''Topic Summary:''' PHP is a very popular language. It is not easy to produce a PHP application without security vulnerabilities. Most application security vulnerabilities apply to PHP applications just like other environments. Every PHP developer, hoster, and security professional should understand the primary attack vectors being used by attackers against PHP applications. During this OWASP meeting we will be deep-diving into PHP security. Specifically, Mr. Canady will be covering the OWASP Top 10 in the context of PHP.

The Columbus OWASP Chapter leadership would like to thank Innova Partners for both sponsoring and hosting this event.

'''RSVP:''' Please RSVP to owasp@hayesdf.com as soon as possible.

==== Columbus OWASP Chapter Leaders ====
The chapter leaders are [mailto:owasp(at)hayesdf.com Chris Hayes] , Greg Green, and [mailto:owasp(at)cgsvo.org Chris Green].
__NOTOC__
<headertabs/>
[[Category:Ohio]]

Columbus

2009-05-26T20:05:32Z

Echo5haiz: /* 2009 Q2 Meeting */

{{Chapter Template|chaptername=Columbus, OH|extra=The chapter leaders are [mailto:owasp(at)hayesdf.com Chris Hayes] , Greg Green, and [mailto:owasp(at)cgsvo.org Chris Green]. |mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-columbus|emailarchives=http://lists.owasp.org/pipermail/owasp-columbus}}
==== Local News ====
<paypal>Columbus</paypal>

'''– REMINDER – Next chapter meeting - May 27th, 2009, 11:00 AM - 1:00 PM'''
'''** Click "Chapter Meetings" tab for details. **'''
We are still seeking one or two more board members and to get the local community involved by publicizing the chapter. We are currently planning activities for early 2009; at least one chapter meeting per quarter - more if interest warrants.

To submit educational topics for upcoming meetings, please submit your powerpoint using the
[http://www.owasp.org/images/5/54/Presentation_template.ppt OWASP Template] and include a speaker BIO. Any inquiries regarding chapter or meeting sponsors can be directed to [mailto:owasp(at)hayesdf.com Chris Hayes]. Please begin the subject header with: [OWASP COLUMBUS].

Thank you!

==== Chapter Meetings ====
== 2009 Q2 Meeting ==

'''When:''' May 27th, 2009, 11:00 AM - 1:00 PM, Doors open at 10:30 AM; ** Refreshments Provided **

'''Where:''' 5455 Rings Rd, Dublin, OH 43017. Duke Conference Room
http://maps.google.com/maps?f=q&source=s_q&hl=en&geocode=&q=5455+Rings+Rd.,+dublin,+oh&sll=37.0625,-95.677068&sspn=29.772081,56.601563&ie=UTF8&ll=40.08326,-83.134489&spn=0.003505,0.006909&t=h&z=17&iwloc=A

'''Parking:''' In front of and behind building.

'''General Session Topic:''' Service-Oriented Architecture

'''Speakers:''' Greg Green, CISSP, Enterprise Security Architecture, Nationwide Insurance

'''Topic Summary:''' In the last Columbus OWASP meeting, we demonstrated how to secure the code inside a web service. In our May 2009 meeting, we will discuss a governance process for determining appropriate controls for securing a web service deployment. While technical, this meeting is a "process chat" that does not directly involve application code. Instead, we will look at a risk "heat map" for service-oriented architecture and a "decision matrix" for determining which logical controls are required for an SOA deployment. The decision matrix considers various information security attributes from the risk heat map, for a particular SOA interaction.

'''RSVP:''' Please RSVP to owasp@hayesdf.com as soon as possible. We will provide additional meeting information in the coming weeks!

==== Columbus OWASP Chapter Leaders ====
The chapter leaders are [mailto:owasp(at)hayesdf.com Chris Hayes] , Greg Green, and [mailto:owasp(at)cgsvo.org Chris Green].
__NOTOC__
<headertabs/>
[[Category:Ohio]]

Columbus

2009-04-28T19:19:26Z

Echo5haiz:

{{Chapter Template|chaptername=Columbus, OH|extra=The chapter leaders are [mailto:owasp(at)hayesdf.com Chris Hayes] , Greg Green, and [mailto:owasp(at)cgsvo.org Chris Green]. |mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-columbus|emailarchives=http://lists.owasp.org/pipermail/owasp-columbus}}
==== Local News ====
<paypal>Columbus</paypal>

'''– REMINDER – Next chapter meeting - May 27th, 2009, 11:00 AM - 1:00 PM'''
'''** Click "Chapter Meetings" tab for details. **'''
We are still seeking one or two more board members and to get the local community involved by publicizing the chapter. We are currently planning activities for early 2009; at least one chapter meeting per quarter - more if interest warrants.

To submit educational topics for upcoming meetings, please submit your powerpoint using the
[http://www.owasp.org/images/5/54/Presentation_template.ppt OWASP Template] and include a speaker BIO. Any inquiries regarding chapter or meeting sponsors can be directed to [mailto:owasp(at)hayesdf.com Chris Hayes]. Please begin the subject header with: [OWASP COLUMBUS].

Thank you!

==== Chapter Meetings ====
== 2009 Q2 Meeting ==

'''When:''' May 27th, 2009, 11:00 AM - 1:00 PM, Doors open at 10:30 AM; ** Refreshments Provided **

'''Where:''' 5525 Parkcenter Circle, Dublin, OH 43017. Duke Conference Room
http://maps.google.com/maps?f=q&source=s_q&hl=en&geocode=&q=5525+Parkcenter+Circle+Dublin,+OH+43017&sll=40.082956,-83.133427&sspn=0.003292,0.006909&ie=UTF8&ll=40.081027,-83.132762&spn=0.003292,0.006909&t=h&z=17&iwloc=A

'''Parking:''' In front of and behind building.

'''General Session Topic:''' Service-Oriented Architecture

'''Speakers:''' Greg Green, CISSP, Enterprise Security Architecture, Nationwide Insurance

'''Topic Summary:''' In the last Columbus OWASP meeting, we demonstrated how to secure the code inside a web service. In our May 2009 meeting, we will discuss a governance process for determining appropriate controls for securing a web service deployment. While technical, this meeting is a "process chat" that does not directly involve application code. Instead, we will look at a risk "heat map" for service-oriented architecture and a "decision matrix" for determining which logical controls are required for an SOA deployment. The decision matrix considers various information security attributes from the risk heat map, for a particular SOA interaction.

'''RSVP:''' Please RSVP to owasp@hayesdf.com as soon as possible. We will provide additional meeting information in the coming weeks!

==== Columbus OWASP Chapter Leaders ====
The chapter leaders are [mailto:owasp(at)hayesdf.com Chris Hayes] , Greg Green, and [mailto:owasp(at)cgsvo.org Chris Green].
__NOTOC__
<headertabs/>
[[Category:Ohio]]

Columbus

2009-04-28T19:17:52Z

Echo5haiz: /* Local News */

{{Chapter Template|chaptername=Columbus, OH|extra=The chapter leaders are [mailto:owasp(at)hayesdf.com Chris Hayes] , Greg Green, and Chris Green. |mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-columbus|emailarchives=http://lists.owasp.org/pipermail/owasp-columbus}}
==== Local News ====
<paypal>Columbus</paypal>

'''– REMINDER – Next chapter meeting - May 27th, 2009, 11:00 AM - 1:00 PM'''
'''** Click "Chapter Meetings" tab for details. **'''
We are still seeking one or two more board members and to get the local community involved by publicizing the chapter. We are currently planning activities for early 2009; at least one chapter meeting per quarter - more if interest warrants.

To submit educational topics for upcoming meetings, please submit your powerpoint using the
[http://www.owasp.org/images/5/54/Presentation_template.ppt OWASP Template] and include a speaker BIO. Any inquiries regarding chapter or meeting sponsors can be directed to [mailto:owasp(at)hayesdf.com Chris Hayes]. Please begin the subject header with: [OWASP COLUMBUS].

Thank you!

==== Chapter Meetings ====
== 2009 Q2 Meeting ==

'''When:''' May 27th, 2009, 11:00 AM - 1:00 PM, Doors open at 10:30 AM; ** Refreshments Provided **

'''Where:''' 5525 Parkcenter Circle, Dublin, OH 43017. Duke Conference Room
http://maps.google.com/maps?f=q&source=s_q&hl=en&geocode=&q=5525+Parkcenter+Circle+Dublin,+OH+43017&sll=40.082956,-83.133427&sspn=0.003292,0.006909&ie=UTF8&ll=40.081027,-83.132762&spn=0.003292,0.006909&t=h&z=17&iwloc=A

'''Parking:''' In front of and behind building.

'''General Session Topic:''' Service-Oriented Architecture

'''Speakers:''' Greg Green, CISSP, Enterprise Security Architecture, Nationwide Insurance

'''Topic Summary:''' In the last Columbus OWASP meeting, we demonstrated how to secure the code inside a web service. In our May 2009 meeting, we will discuss a governance process for determining appropriate controls for securing a web service deployment. While technical, this meeting is a "process chat" that does not directly involve application code. Instead, we will look at a risk "heat map" for service-oriented architecture and a "decision matrix" for determining which logical controls are required for an SOA deployment. The decision matrix considers various information security attributes from the risk heat map, for a particular SOA interaction.

'''RSVP:''' Please RSVP to owasp@hayesdf.com as soon as possible. We will provide additional meeting information in the coming weeks!

==== Columbus OWASP Chapter Leaders ====
The chapter leaders are [mailto:owasp(at)hayesdf.com Chris Hayes] , Greg Green, and [mailto:owasp(at)cgsvo.org Chris Green].
__NOTOC__
<headertabs/>
[[Category:Ohio]]

Columbus

2009-04-28T19:16:10Z

Echo5haiz: /* 2009 Q2 Meeting */

{{Chapter Template|chaptername=Columbus, OH|extra=The chapter leaders are [mailto:owasp(at)hayesdf.com Chris Hayes] , Greg Green, and Chris Green. |mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-columbus|emailarchives=http://lists.owasp.org/pipermail/owasp-columbus}}
==== Local News ====
<paypal>Columbus</paypal>

'''– REMINDER – Next chapter meeting - May 27th, 2009, 11:00 AM - 1:00 PM'''
'''** Details Forthcoming **'''
We are still seeking one or two more board members and to get the local community involved by publicizing the chapter. We are currently planning activities for early 2009; at least one chapter meeting per quarter - more if interest warrants.

To submit educational topics for upcoming meetings, please submit your powerpoint using the
[http://www.owasp.org/images/5/54/Presentation_template.ppt OWASP Template] and include a speaker BIO. Any inquiries regarding chapter or meeting sponsors can be directed to [mailto:owasp(at)hayesdf.com Chris Hayes]. Please begin the subject header with: [OWASP COLUMBUS].

Thank you!

==== Chapter Meetings ====
== 2009 Q2 Meeting ==

'''When:''' May 27th, 2009, 11:00 AM - 1:00 PM, Doors open at 10:30 AM; ** Refreshments Provided **

'''Where:''' 5525 Parkcenter Circle, Dublin, OH 43017. Duke Conference Room
http://maps.google.com/maps?f=q&source=s_q&hl=en&geocode=&q=5525+Parkcenter+Circle+Dublin,+OH+43017&sll=40.082956,-83.133427&sspn=0.003292,0.006909&ie=UTF8&ll=40.081027,-83.132762&spn=0.003292,0.006909&t=h&z=17&iwloc=A

'''Parking:''' In front of and behind building.

'''General Session Topic:''' Service-Oriented Architecture

'''Speakers:''' Greg Green, CISSP, Enterprise Security Architecture, Nationwide Insurance

'''Topic Summary:''' In the last Columbus OWASP meeting, we demonstrated how to secure the code inside a web service. In our May 2009 meeting, we will discuss a governance process for determining appropriate controls for securing a web service deployment. While technical, this meeting is a "process chat" that does not directly involve application code. Instead, we will look at a risk "heat map" for service-oriented architecture and a "decision matrix" for determining which logical controls are required for an SOA deployment. The decision matrix considers various information security attributes from the risk heat map, for a particular SOA interaction.

'''RSVP:''' Please RSVP to owasp@hayesdf.com as soon as possible. We will provide additional meeting information in the coming weeks!

==== Columbus OWASP Chapter Leaders ====
The chapter leaders are [mailto:owasp(at)hayesdf.com Chris Hayes] , Greg Green, and [mailto:owasp(at)cgsvo.org Chris Green].
__NOTOC__
<headertabs/>
[[Category:Ohio]]

Columbus

2009-04-28T19:06:40Z

Echo5haiz: /* 2009 Q1 Meeting */

Columbus

2009-04-07T11:00:51Z

Echo5haiz:

Columbus

2009-04-07T10:59:09Z

Echo5haiz:

Columbus

2009-03-09T12:28:31Z

Echo5haiz: /* 2009 Q1 Meeting */

Columbus

2009-01-24T19:34:02Z

Echo5haiz: /* 2009 Q1 Meeting */

Columbus

2009-01-24T19:03:25Z

Echo5haiz: /* 2009 Q1 Meeting */

Columbus

2009-01-24T18:56:01Z

Echo5haiz: /* Local News */

{{Chapter Template|chaptername=Columbus, OH|extra=The chapter leaders are [mailto:owasp(at)hayesdf.com Chris Hayes] and Greg Green. |mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-columbus|emailarchives=http://lists.owasp.org/pipermail/owasp-columbus}}

<paypal>Columbus</paypal>

== Local News ==
'''– REMINDER – Next chapter meeting - Wednesday 3/18/2009; details below'''
We are still seeking one or two more board members and to get the local community involved by publicizing the chapter. We are currently planning activities for early 2009; at least one chapter meeting per quarter - more if interest warrants.

To submit educational topics for upcoming meetings, please submit your powerpoint using the
[http://www.owasp.org/images/5/54/Presentation_template.ppt OWASP Template] and include a speaker BIO. Any inquiries regarding chapter or meeting sponsors can be directed to [mailto:owasp(at)hayesdf.com Chris Hayes]. Please begin the subject header with: [OWASP COLUMBUS].

Thank you!

== November (Q4) 2008 Meeting ==

'''When:''' November 13th, 2008, 11:00 AM - 1:00 PM, Doors open at 10:30 AM; ** Refreshments Provided **

''' *** Please RSVP to owasp@hayesdf.com as soon as possible. We will provide detailed meeting logistics in the coming days! *** '''

'''Where:''' Security Desk, One Nationwide Plaza, Columbus, OH 43215.

'''Parking:''' We recommend parking at the Front St. Garage; From the garage use the walkway (over Front St. and proceed to the Plaza One main entrance (signs posted). Sign in at the security desk and you will be escorted to the meeting room.

'''General Session Topic:''' Special Guest Speaker - Jeff Williams, Chair of the OWASP Foundation; Topic Details Forthcoming

'''Who:''' Special Guest Speaker - Jeff Williams, Chair of the OWASP Foundation

This chapter meeting is a joint effort between the "Nationwide Security Community of Practice" (NASCoP) and the Columbus, OH OWASP Chapter. We are excited to have Mr. Jeff Williams present in person to both of these communities.

Jeff Williams is the CEO and a cofounder of Aspect, where he is responsible for strategic direction for the company and research and development efforts. Prior to founding Aspect, Jeff had a leadership role in the worldwide security consulting practice at Exodus Communications. Jeff also serves as the chair of the non-profit OWASP Foundation.

Jeff has specialized in information security since 1989 and has published numerous papers focused on practical risk and assurance techniques. Jeff has been writing code for 25 years in many different environments but has focused primarily on Java and J2EE security for the past 10 years.

Jeff is a primary author of the OWASP Top 10 Web Application Security Vulnerabilities and the OWASP Secure Software Development Contract Annex, and he leads several OWASP projects. He also chaired the group responsible for creating ISO 21827, the Systems Security Engineering Capability Maturity Model (SSE-CMM).

Jeff has undergraduate degrees in Psychology and Computer Science from the University of Virginia, an MA in Human Factors Engineering from George Mason University, and a JD cum laude from the Georgetown University Law Center, where he specialized in intellectual property and cyberlaw.

''' ** Please RSVP to owasp@hayesdf.com as soon as possible. We will provide detailed meeting logistics in the coming days! ** '''

[[Category:Ohio]]

Columbus

2008-11-09T19:00:28Z

Echo5haiz: /* November (Q4) 2008 Meeting */

{{Chapter Template|chaptername=Columbus, OH|extra=The chapter leaders are [mailto:owasp(at)hayesdf.com Chris Hayes] and Greg Green. |mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-columbus|emailarchives=http://lists.owasp.org/pipermail/owasp-columbus}}

<paypal>Columbus</paypal>

== Local News ==
'''– REMINDER – Next chapter meeting - 11/13/2008; details below'''
We are still seeking one or two more board members and to get the local community involved by publicizing the chapter. We are currently planning activities for early 2009; at least one chapter meeting per quarter - more if interest warrants.

To submit educational topics for upcoming meetings, please submit your powerpoint using the
[http://www.owasp.org/images/5/54/Presentation_template.ppt OWASP Template] and include a speaker BIO. Any inquiries regarding chapter or meeting sponsors can be directed to [mailto:owasp(at)hayesdf.com Chris Hayes]. Please begin the subject header with: [OWASP COLUMBUS].

Thank you!

== November (Q4) 2008 Meeting ==

'''When:''' November 13th, 2008, 11:00 AM - 1:00 PM, Doors open at 10:30 AM; ** Refreshments Provided **

''' *** Please RSVP to owasp@hayesdf.com as soon as possible. We will provide detailed meeting logistics in the coming days! *** '''

'''Where:''' Security Desk, One Nationwide Plaza, Columbus, OH 43215.

'''Parking:''' We recommend parking at the Front St. Garage; From the garage use the walkway (over Front St. and proceed to the Plaza One main entrance (signs posted). Sign in at the security desk and you will be escorted to the meeting room.

'''General Session Topic:''' Special Guest Speaker - Jeff Williams, Chair of the OWASP Foundation; Topic Details Forthcoming

'''Who:''' Special Guest Speaker - Jeff Williams, Chair of the OWASP Foundation

This chapter meeting is a joint effort between the "Nationwide Security Community of Practice" (NASCoP) and the Columbus, OH OWASP Chapter. We are excited to have Mr. Jeff Williams present in person to both of these communities.

Jeff Williams is the CEO and a cofounder of Aspect, where he is responsible for strategic direction for the company and research and development efforts. Prior to founding Aspect, Jeff had a leadership role in the worldwide security consulting practice at Exodus Communications. Jeff also serves as the chair of the non-profit OWASP Foundation.

Jeff has specialized in information security since 1989 and has published numerous papers focused on practical risk and assurance techniques. Jeff has been writing code for 25 years in many different environments but has focused primarily on Java and J2EE security for the past 10 years.

Jeff is a primary author of the OWASP Top 10 Web Application Security Vulnerabilities and the OWASP Secure Software Development Contract Annex, and he leads several OWASP projects. He also chaired the group responsible for creating ISO 21827, the Systems Security Engineering Capability Maturity Model (SSE-CMM).

Jeff has undergraduate degrees in Psychology and Computer Science from the University of Virginia, an MA in Human Factors Engineering from George Mason University, and a JD cum laude from the Georgetown University Law Center, where he specialized in intellectual property and cyberlaw.

''' ** Please RSVP to owasp@hayesdf.com as soon as possible. We will provide detailed meeting logistics in the coming days! ** '''

[[Category:Ohio]]

Columbus

2008-11-09T18:59:17Z

Echo5haiz: /* November (Q4) 2008 Meeting */

{{Chapter Template|chaptername=Columbus, OH|extra=The chapter leaders are [mailto:owasp(at)hayesdf.com Chris Hayes] and Greg Green. |mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-columbus|emailarchives=http://lists.owasp.org/pipermail/owasp-columbus}}

<paypal>Columbus</paypal>

== Local News ==
'''– REMINDER – Next chapter meeting - 11/13/2008; details below'''
We are still seeking one or two more board members and to get the local community involved by publicizing the chapter. We are currently planning activities for early 2009; at least one chapter meeting per quarter - more if interest warrants.

To submit educational topics for upcoming meetings, please submit your powerpoint using the
[http://www.owasp.org/images/5/54/Presentation_template.ppt OWASP Template] and include a speaker BIO. Any inquiries regarding chapter or meeting sponsors can be directed to [mailto:owasp(at)hayesdf.com Chris Hayes]. Please begin the subject header with: [OWASP COLUMBUS].

Thank you!

== November (Q4) 2008 Meeting ==

'''When:''' November 13th, 2008, 11:00 AM - 1:00 PM, Doors open at 10:30 AM; ** Refreshments Provided **

''' *** Please RSVP to owasp@hayesdf.com as soon as possible. We will provide detailed meeting logistics in the coming days! *** '''

'''Where:''' Security Desk, One Nationwide Plaza, Columbus, OH 43215.

'''Parking:''' Recommend parking at the Front St. Garage; From the garage use the walkway (over Front St. and proceed to the Plaza One main entrance (signs posted. Sign in at the security desk and you will be escorted to the meeting room.

'''General Session Topic:''' Special Guest Speaker - Jeff Williams, Chair of the OWASP Foundation; Topic Details Forthcoming

'''Who:''' Special Guest Speaker - Jeff Williams, Chair of the OWASP Foundation

This chapter meeting is a joint effort between the "Nationwide Security Community of Practice" (NASCoP) and the Columbus, OH OWASP Chapter. We are excited to have Mr. Jeff Williams present in person to both of these communities.

Jeff Williams is the CEO and a cofounder of Aspect, where he is responsible for strategic direction for the company and research and development efforts. Prior to founding Aspect, Jeff had a leadership role in the worldwide security consulting practice at Exodus Communications. Jeff also serves as the chair of the non-profit OWASP Foundation.

Jeff has specialized in information security since 1989 and has published numerous papers focused on practical risk and assurance techniques. Jeff has been writing code for 25 years in many different environments but has focused primarily on Java and J2EE security for the past 10 years.

Jeff is a primary author of the OWASP Top 10 Web Application Security Vulnerabilities and the OWASP Secure Software Development Contract Annex, and he leads several OWASP projects. He also chaired the group responsible for creating ISO 21827, the Systems Security Engineering Capability Maturity Model (SSE-CMM).

Jeff has undergraduate degrees in Psychology and Computer Science from the University of Virginia, an MA in Human Factors Engineering from George Mason University, and a JD cum laude from the Georgetown University Law Center, where he specialized in intellectual property and cyberlaw.

''' ** Please RSVP to owasp@hayesdf.com as soon as possible. We will provide detailed meeting logistics in the coming days! ** '''

[[Category:Ohio]]

Columbus

2008-11-02T21:23:58Z

Echo5haiz: /* November (Q4) 2008 Meeting */

{{Chapter Template|chaptername=Columbus, OH|extra=The chapter leaders are [mailto:owasp(at)hayesdf.com Chris Hayes] and Greg Green. |mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-columbus|emailarchives=http://lists.owasp.org/pipermail/owasp-columbus}}

<paypal>Columbus</paypal>

== Local News ==
'''– REMINDER – Next chapter meeting - 11/13/2008; details below'''
We are still seeking one or two more board members and to get the local community involved by publicizing the chapter. We are currently planning activities for early 2009; at least one chapter meeting per quarter - more if interest warrants.

To submit educational topics for upcoming meetings, please submit your powerpoint using the
[http://www.owasp.org/images/5/54/Presentation_template.ppt OWASP Template] and include a speaker BIO. Any inquiries regarding chapter or meeting sponsors can be directed to [mailto:owasp(at)hayesdf.com Chris Hayes]. Please begin the subject header with: [OWASP COLUMBUS].

Thank you!

== November (Q4) 2008 Meeting ==

'''When:''' November 13th, 2008, 11:00 AM - 1:00 PM, Doors open at 10:30 AM; ** Refreshments Provided **

''' *** Please RSVP to owasp@hayesdf.com as soon as possible. We will provide detailed meeting logistics in the coming days! *** '''

'''Where:''' Nationwide Insurance, Columbus, OH; Details Forthcoming

'''Parking:''' Details Forthcoming

'''General Session Topic:''' Special Guest Speaker - Jeff Williams, Chair of the OWASP Foundation; Topic Details Forthcoming

'''Who:''' Special Guest Speaker - Jeff Williams, Chair of the OWASP Foundation

This chapter meeting is a joint effort between the "Nationwide Security Community of Practice" (NASCoP) and the Columbus, OH OWASP Chapter. We are excited to have Mr. Jeff Williams present in person to both of these communities.

Jeff Williams is the CEO and a cofounder of Aspect, where he is responsible for strategic direction for the company and research and development efforts. Prior to founding Aspect, Jeff had a leadership role in the worldwide security consulting practice at Exodus Communications. Jeff also serves as the chair of the non-profit OWASP Foundation.

Jeff has specialized in information security since 1989 and has published numerous papers focused on practical risk and assurance techniques. Jeff has been writing code for 25 years in many different environments but has focused primarily on Java and J2EE security for the past 10 years.

Jeff is a primary author of the OWASP Top 10 Web Application Security Vulnerabilities and the OWASP Secure Software Development Contract Annex, and he leads several OWASP projects. He also chaired the group responsible for creating ISO 21827, the Systems Security Engineering Capability Maturity Model (SSE-CMM).

Jeff has undergraduate degrees in Psychology and Computer Science from the University of Virginia, an MA in Human Factors Engineering from George Mason University, and a JD cum laude from the Georgetown University Law Center, where he specialized in intellectual property and cyberlaw.

''' ** Please RSVP to owasp@hayesdf.com as soon as possible. We will provide detailed meeting logistics in the coming days! ** '''

[[Category:Ohio]]

Columbus

2008-11-02T20:49:25Z

Echo5haiz: /* November (Q4) 2008 Meeting */

{{Chapter Template|chaptername=Columbus, OH|extra=The chapter leaders are [mailto:owasp(at)hayesdf.com Chris Hayes] and Greg Green. |mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-columbus|emailarchives=http://lists.owasp.org/pipermail/owasp-columbus}}

<paypal>Columbus</paypal>

== Local News ==
'''– REMINDER – Next chapter meeting - 11/13/2008; details below'''
We are still seeking one or two more board members and to get the local community involved by publicizing the chapter. We are currently planning activities for early 2009; at least one chapter meeting per quarter - more if interest warrants.

To submit educational topics for upcoming meetings, please submit your powerpoint using the
[http://www.owasp.org/images/5/54/Presentation_template.ppt OWASP Template] and include a speaker BIO. Any inquiries regarding chapter or meeting sponsors can be directed to [mailto:owasp(at)hayesdf.com Chris Hayes]. Please begin the subject header with: [OWASP COLUMBUS].

Thank you!

== November (Q4) 2008 Meeting ==

'''When:''' November 13th, 2008, 11:00 AM - 1:00 PM, Doors open at 10:30 AM; ** Refreshments Provided **

''' *** Please RSVP to owasp@hayesdf.com as soon as possible. We will provide detailed meeting logistics in the coming days! *** '''

'''Where:''' Nationwide Insurance, Columbus, OH; Details Forthcoming

'''Parking:''' Details Forthcoming

'''General Session Topic:''' Special Guest Speaker - Jeff Williams, Chair of the OWASP Foundation; Topic Details Forthcoming

'''Who:''' Special Guest Speaker - Jeff Williams, Chair of the OWASP Foundation

This chapter meeting will a joint effort between the "Nationwide Security Community of Practice" (NASCoP) and the Columbus, OH OWASP Chapter. We are excited to have Mr. Jeff Williams present in person to both of these communities.

Jeff Williams is the CEO and a cofounder of Aspect, where he is responsible for strategic direction for the company and research and development efforts. Prior to founding Aspect, Jeff had a leadership role in the worldwide security consulting practice at Exodus Communications. Jeff also serves as the chair of the non-profit OWASP Foundation.

Jeff has specialized in information security since 1989 and has published numerous papers focused on practical risk and assurance techniques. Jeff has been writing code for 25 years in many different environments but has focused primarily on Java and J2EE security for the past 10 years.

Jeff is a primary author of the OWASP Top 10 Web Application Security Vulnerabilities and the OWASP Secure Software Development Contract Annex, and he leads several OWASP projects. He also chaired the group responsible for creating ISO 21827, the Systems Security Engineering Capability Maturity Model (SSE-CMM).

Jeff has undergraduate degrees in Psychology and Computer Science from the University of Virginia, an MA in Human Factors Engineering from George Mason University, and a JD cum laude from the Georgetown University Law Center, where he specialized in intellectual property and cyberlaw.

''' ** Please RSVP to owasp@hayesdf.com as soon as possible. We will provide detailed meeting logistics in the coming days! ** '''

[[Category:Ohio]]

Columbus

2008-11-02T20:40:04Z

Echo5haiz: /* Local News */

{{Chapter Template|chaptername=Columbus, OH|extra=The chapter leaders are [mailto:owasp(at)hayesdf.com Chris Hayes] and Greg Green. |mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-columbus|emailarchives=http://lists.owasp.org/pipermail/owasp-columbus}}

<paypal>Columbus</paypal>

== Local News ==
'''– REMINDER – Next chapter meeting - 11/13/2008; details below'''
We are still seeking one or two more board members and to get the local community involved by publicizing the chapter. We are currently planning activities for early 2009; at least one chapter meeting per quarter - more if interest warrants.

To submit educational topics for upcoming meetings, please submit your powerpoint using the
[http://www.owasp.org/images/5/54/Presentation_template.ppt OWASP Template] and include a speaker BIO. Any inquiries regarding chapter or meeting sponsors can be directed to [mailto:owasp(at)hayesdf.com Chris Hayes]. Please begin the subject header with: [OWASP COLUMBUS].

Thank you!

== September (Q3) 2008 Meeting ==

'''When:''' September 16th, 2008, 11:00 AM - 1:00 PM, Doors open at 10:30 AM; ** Refreshments Provided **

'''Where:''' Conference Room G, 215 N. Front St, Columbus, OH 43215 (corner of N. Front and W. Spring). http://maps.google.com/maps?f=q&hl=en&geocode=&q=215+N.+Front+Street,+Columbus,+OH&sll=37.0625,-95.677068&sspn=58.731174,113.203125&ie=UTF8&layer=x&ll=39.96903,-83.005207&spn=0.007038,0.013819&z=16

'''RSVP:''' Send email to owasp@hayesdf.com. This is highly recommended for security and logistical purposes. Those that RSVP will receive a calendar/meeting invite from owaspcmh@gmail.com. Virtual meeting details will be provided to those who RSVP and declare they will not be able to attend in person.

'''Parking:''' Recommend parking at the Front St. Garage; (about 120 yards from 215 N. Front St.) Signs will be posted at 215 N. Front St.

'''General Session Topic:''' Centralized Security Functionality In a .NET World – The OWASP .NET ESAPI Project

'''Who:''' Alex Smolen, Consultant, Foundstone Professional Services ([[Image:Owaspcmh_080916meeting_speakerbio_Alex_Smolen_v8.2.0.pdf|Smolen Bio]])

The Enterprise Security Application Programming Interface, or ESAPI, is a one-stop security shop for developers looking to implement security mechanisms in their code. The OWASP .NET ESAPI project intends to help .NET developers avoid introducing security vulnerabilities into their code by providing a full port of the original ESAPI project from Java to C#.

This talk will explore the gains, gripes, and gotchas of converting the ESAPI to .NET from the .NET ESAPI project lead himself. It will discuss features of the .NET frameworks security model, key differences between the Java and .NET platforms, and ASP.NET web security issues. Additionally, future ideas for .NET specific functionality will be proposed and discussed. Participation and feedback from the attendees is expected and encouraged.

Foundstone® Professional Services, a division of McAfee. Inc., offers expert services and education to help organizations continuously and measurably protect their most important assets from the most critical threats. Through a strategic approach to security, Foundstone identifies and implements the right balance of technology, people, and process to manage digital risk and leverage security investments more effectively. The company’s professional services team consists of recognized security experts and authors with broad security experience with multinational corporations, the public sector, and the US military.

[[Category:Ohio]]

Columbus

2008-08-06T16:51:31Z

Echo5haiz: /* September (Q3) 2008 Meeting */

{{Chapter Template|chaptername=Columbus, OH|extra=The chapter leaders are [mailto:owasp(at)hayesdf.com Chris Hayes] and Greg Green. |mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-columbus|emailarchives=http://lists.owasp.org/pipermail/owasp-columbus}}

== Local News ==
'''– REMINDER – Next chapter meeting - 9/16/2008; details below'''
We are still seeking one or two more board members and to get the local community involved by publicizing the chapter. We are currently planning activities for the remainder of 2008; at least one chapter meeting per quarter - more if interest warrants.

To submit educational topics for upcoming meetings, please submit your powerpoint using the
[http://www.owasp.org/images/5/54/Presentation_template.ppt OWASP Template] and include a speaker BIO. Any inquiries regarding chapter or meeting sponsors can be directed to [mailto:owasp(at)hayesdf.com Chris Hayes]. Please begin the subject header with: [OWASP COLUMBUS].

Thank you!

== September (Q3) 2008 Meeting ==

'''When:''' September 16th, 2008, 11:00 AM - 1:00 PM, Doors open at 10:30 AM; ** Refreshments Provided **

'''Where:''' Conference Room G, 215 N. Front St, Columbus, OH 43215 (corner of N. Front and W. Spring). http://maps.google.com/maps?f=q&hl=en&geocode=&q=215+N.+Front+Street,+Columbus,+OH&sll=37.0625,-95.677068&sspn=58.731174,113.203125&ie=UTF8&layer=x&ll=39.96903,-83.005207&spn=0.007038,0.013819&z=16

'''RSVP:''' Send email to owasp@hayesdf.com. This is highly recommended for security and logistical purposes. Those that RSVP will receive a calendar/meeting invite from owaspcmh@gmail.com. Virtual meeting details will be provided to those who RSVP and declare they will not be able to attend in person.

'''Parking:''' Recommend parking at the Front St. Garage; (about 120 yards from 215 N. Front St.) Signs will be posted at 215 N. Front St.

'''General Session Topic:''' Centralized Security Functionality In a .NET World – The OWASP .NET ESAPI Project

'''Who:''' Alex Smolen, Consultant, Foundstone Professional Services ([[Image:Owaspcmh_080916meeting_speakerbio_Alex_Smolen_v8.2.0.pdf|Smolen Bio]])

The Enterprise Security Application Programming Interface, or ESAPI, is a one-stop security shop for developers looking to implement security mechanisms in their code. The OWASP .NET ESAPI project intends to help .NET developers avoid introducing security vulnerabilities into their code by providing a full port of the original ESAPI project from Java to C#.

This talk will explore the gains, gripes, and gotchas of converting the ESAPI to .NET from the .NET ESAPI project lead himself. It will discuss features of the .NET frameworks security model, key differences between the Java and .NET platforms, and ASP.NET web security issues. Additionally, future ideas for .NET specific functionality will be proposed and discussed. Participation and feedback from the attendees is expected and encouraged.

Foundstone® Professional Services, a division of McAfee. Inc., offers expert services and education to help organizations continuously and measurably protect their most important assets from the most critical threats. Through a strategic approach to security, Foundstone identifies and implements the right balance of technology, people, and process to manage digital risk and leverage security investments more effectively. The company’s professional services team consists of recognized security experts and authors with broad security experience with multinational corporations, the public sector, and the US military.

[[Category:Ohio]]

Columbus

2008-08-06T16:49:20Z

Echo5haiz: /* September (Q3) 2008 Meeting */

{{Chapter Template|chaptername=Columbus, OH|extra=The chapter leaders are [mailto:owasp(at)hayesdf.com Chris Hayes] and Greg Green. |mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-columbus|emailarchives=http://lists.owasp.org/pipermail/owasp-columbus}}

== Local News ==
'''– REMINDER – Next chapter meeting - 9/16/2008; details below'''
We are still seeking one or two more board members and to get the local community involved by publicizing the chapter. We are currently planning activities for the remainder of 2008; at least one chapter meeting per quarter - more if interest warrants.

To submit educational topics for upcoming meetings, please submit your powerpoint using the
[http://www.owasp.org/images/5/54/Presentation_template.ppt OWASP Template] and include a speaker BIO. Any inquiries regarding chapter or meeting sponsors can be directed to [mailto:owasp(at)hayesdf.com Chris Hayes]. Please begin the subject header with: [OWASP COLUMBUS].

Thank you!

== September (Q3) 2008 Meeting ==

'''When:''' September 16th, 2008, 11:00 AM - 1:00 PM, Doors open at 10:30 AM; ** Refreshments Provided **

'''Where:''' Conference Room G, 215 N. Front St, Columbus, OH 43215 (corner of N. Front and W. Spring). http://maps.google.com/maps?f=q&hl=en&geocode=&q=215+N.+Front+Street,+Columbus,+OH&sll=37.0625,-95.677068&sspn=58.731174,113.203125&ie=UTF8&layer=x&ll=39.96903,-83.005207&spn=0.007038,0.013819&z=16

'''RSVP:''' Send email to owasp@hayesdf.com. This is highly recommended for security and logistical purposes. Those that RSVP will receive a calendar/meeting invite from owaspcmh@gmail.com.

'''Parking:''' Recommend parking at the Front St. Garage; (about 120 yards from 215 N. Front St.) Signs will be posted at 215 N. Front St.

'''General Session Topic:''' Centralized Security Functionality In a .NET World – The OWASP .NET ESAPI Project

'''Who:''' Alex Smolen, Consultant, Foundstone Professional Services ([[Image:Owaspcmh_080916meeting_speakerbio_Alex_Smolen_v8.2.0.pdf|Smolen Bio]])

The Enterprise Security Application Programming Interface, or ESAPI, is a one-stop security shop for developers looking to implement security mechanisms in their code. The OWASP .NET ESAPI project intends to help .NET developers avoid introducing security vulnerabilities into their code by providing a full port of the original ESAPI project from Java to C#.

This talk will explore the gains, gripes, and gotchas of converting the ESAPI to .NET from the .NET ESAPI project lead himself. It will discuss features of the .NET frameworks security model, key differences between the Java and .NET platforms, and ASP.NET web security issues. Additionally, future ideas for .NET specific functionality will be proposed and discussed. Participation and feedback from the attendees is expected and encouraged.

Foundstone® Professional Services, a division of McAfee. Inc., offers expert services and education to help organizations continuously and measurably protect their most important assets from the most critical threats. Through a strategic approach to security, Foundstone identifies and implements the right balance of technology, people, and process to manage digital risk and leverage security investments more effectively. The company’s professional services team consists of recognized security experts and authors with broad security experience with multinational corporations, the public sector, and the US military.

[[Category:Ohio]]

File:Owaspcmh 080916meeting speakerbio Alex Smolen v8.2.0.pdf

2008-08-06T16:42:21Z

Echo5haiz: Speaker bio for Alex Smolen. Alex will be speaking at the 9/16/2008 Columbus, OH Chapter OWASP Meeting.

Speaker bio for Alex Smolen. Alex will be speaking at the 9/16/2008 Columbus, OH Chapter OWASP Meeting.

Columbus

2008-08-06T16:34:44Z

Echo5haiz: /* Local News */

{{Chapter Template|chaptername=Columbus, OH|extra=The chapter leaders are [mailto:owasp(at)hayesdf.com Chris Hayes] and Greg Green. |mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-columbus|emailarchives=http://lists.owasp.org/pipermail/owasp-columbus}}

== Local News ==
'''– REMINDER – Next chapter meeting - 9/16/2008; details below'''
We are still seeking one or two more board members and to get the local community involved by publicizing the chapter. We are currently planning activities for the remainder of 2008; at least one chapter meeting per quarter - more if interest warrants.

To submit educational topics for upcoming meetings, please submit your powerpoint using the
[http://www.owasp.org/images/5/54/Presentation_template.ppt OWASP Template] and include a speaker BIO. Any inquiries regarding chapter or meeting sponsors can be directed to [mailto:owasp(at)hayesdf.com Chris Hayes]. Please begin the subject header with: [OWASP COLUMBUS].

Thank you!

== September (Q3) 2008 Meeting ==

'''When:''' September 16th, 2008, 11:00 AM - 1:00 PM, Doors open at 10:30 AM; ** Refreshments Provided **

'''Where:''' Conference Room G, 215 N. Front St, Columbus, OH 43215 (corner of N. Front and W. Spring). http://maps.google.com/maps?f=q&hl=en&geocode=&q=215+N.+Front+Street,+Columbus,+OH&sll=37.0625,-95.677068&sspn=58.731174,113.203125&ie=UTF8&layer=x&ll=39.96903,-83.005207&spn=0.007038,0.013819&z=16

'''RSVP:''' Send email to owasp@hayesdf.com. This is highly recommended for security and logistical purposes. Those that RSVP will receive a calendar/meeting invite from owaspcmh@gmail.com.

'''Parking:''' Recommend parking at the Front St. Garage; (about 120 yards from 215 N. Front St.) Signs will be posted at 215 N. Front St.

'''General Session Topic:''' Centralized Security Functionality In a .NET World – The OWASP .NET ESAPI Project

'''Who:''' Alex Smolen, Consultant, Foundstone Professional Services

The Enterprise Security Application Programming Interface, or ESAPI, is a one-stop security shop for developers looking to implement security mechanisms in their code. The OWASP .NET ESAPI project intends to help .NET developers avoid introducing security vulnerabilities into their code by providing a full port of the original ESAPI project from Java to C#.

This talk will explore the gains, gripes, and gotchas of converting the ESAPI to .NET from the .NET ESAPI project lead himself. It will discuss features of the .NET frameworks security model, key differences between the Java and .NET platforms, and ASP.NET web security issues. Additionally, future ideas for .NET specific functionality will be proposed and discussed. Participation and feedback from the attendees is expected and encouraged.

Foundstone® Professional Services, a division of McAfee. Inc., offers expert services and education to help organizations continuously and measurably protect their most important assets from the most critical threats. Through a strategic approach to security, Foundstone identifies and implements the right balance of technology, people, and process to manage digital risk and leverage security investments more effectively. The company’s professional services team consists of recognized security experts and authors with broad security experience with multinational corporations, the public sector, and the US military.

[[Category:Ohio]]

Columbus

2008-08-06T16:34:14Z

Echo5haiz: /* September 2008 Meeting */

{{Chapter Template|chaptername=Columbus, OH|extra=The chapter leaders are [mailto:owasp(at)hayesdf.com Chris Hayes] and Greg Green. |mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-columbus|emailarchives=http://lists.owasp.org/pipermail/owasp-columbus}}

== Local News ==
'''– REMINDER – Next chapter meeting - 9/16/2008; details to follow'''
We are still seeking one or two more board members and to get the local community involved by publicizing the chapter. We are currently planning activities for the remainder of 2008; at least one chapter meeting per quarter - more if interest warrants.

To submit educational topics for upcoming meetings, please submit your powerpoint using the
[http://www.owasp.org/images/5/54/Presentation_template.ppt OWASP Template] and include a speaker BIO. Any inquiries regarding chapter or meeting sponsors can be directed to [mailto:owasp(at)hayesdf.com Chris Hayes]. Please begin the subject header with: [OWASP COLUMBUS].

Thank you!

== September (Q3) 2008 Meeting ==

'''When:''' September 16th, 2008, 11:00 AM - 1:00 PM, Doors open at 10:30 AM; ** Refreshments Provided **

'''Where:''' Conference Room G, 215 N. Front St, Columbus, OH 43215 (corner of N. Front and W. Spring). http://maps.google.com/maps?f=q&hl=en&geocode=&q=215+N.+Front+Street,+Columbus,+OH&sll=37.0625,-95.677068&sspn=58.731174,113.203125&ie=UTF8&layer=x&ll=39.96903,-83.005207&spn=0.007038,0.013819&z=16

'''RSVP:''' Send email to owasp@hayesdf.com. This is highly recommended for security and logistical purposes. Those that RSVP will receive a calendar/meeting invite from owaspcmh@gmail.com.

'''Parking:''' Recommend parking at the Front St. Garage; (about 120 yards from 215 N. Front St.) Signs will be posted at 215 N. Front St.

'''General Session Topic:''' Centralized Security Functionality In a .NET World – The OWASP .NET ESAPI Project

'''Who:''' Alex Smolen, Consultant, Foundstone Professional Services

The Enterprise Security Application Programming Interface, or ESAPI, is a one-stop security shop for developers looking to implement security mechanisms in their code. The OWASP .NET ESAPI project intends to help .NET developers avoid introducing security vulnerabilities into their code by providing a full port of the original ESAPI project from Java to C#.

This talk will explore the gains, gripes, and gotchas of converting the ESAPI to .NET from the .NET ESAPI project lead himself. It will discuss features of the .NET frameworks security model, key differences between the Java and .NET platforms, and ASP.NET web security issues. Additionally, future ideas for .NET specific functionality will be proposed and discussed. Participation and feedback from the attendees is expected and encouraged.

Foundstone® Professional Services, a division of McAfee. Inc., offers expert services and education to help organizations continuously and measurably protect their most important assets from the most critical threats. Through a strategic approach to security, Foundstone identifies and implements the right balance of technology, people, and process to manage digital risk and leverage security investments more effectively. The company’s professional services team consists of recognized security experts and authors with broad security experience with multinational corporations, the public sector, and the US military.

[[Category:Ohio]]

Columbus

2008-08-06T16:03:40Z

Echo5haiz: /* Local News */

OWASP Education Presentation

2008-07-08T20:41:30Z

Echo5haiz: /* Chapter Presentations */

This page provide a commented overview of the OWASP presentations available. 
Please use the last line of the tables as template. 
Presentions can be tracked through:
* the [http://www.owasp.org/index.php/Category:OWASP_Presentations OWASP Presentations Category]
* [http://www.owasp.org/index.php/Category:OWASP_AppSec_Conference Past OWASP Conference agenda's]
* From the chapter pages
Everybody is encouraged to link the presentations and add their findings on this page !
There are currently hundreds of presentations all over the OWASP web site.
If you search google with “site:owasp.org filetype:ppt” there are 166 hits. “site:owasp.org filetype:pdf” returns 76.
Feel free to “mine” them and add them to the overview.

== OWASP Education Presentations ==
{|class="wikitable sortable" style="text-align: top;" border="1" cellpadding="2"
|+ OWASP Education Presentations
!width="30%" |Title
!width="40%" |Comment
!width="15%" |Level
!width="15%" |Date (yyyy-mm-dd)
|-valign="top"
|[[:Image:Education Module Why WebAppSec Matters.ppt|Why WebAppSec Matters]]|| This module explains why security should be considered when developping or deploying web applications as part of the [[:Category:OWASP Education Project|Education Project]] || Novice || 2007-11-01
|-valign="top"
|[[:Image:OWASP-Intro-2008-portuguese.ppt|OWASP Intro 2008 Portuguese]]|| This module explains || Novice || 2008-07-06
|-valign="top"
|[[:Image:Education Module OWASP Top 10 Introduction and Remedies.ppt|OWASP Top 10 Introduction and Remedies]]|| This module explains the OWASP Top 10 web application vulnerabilities as part of the [[:Category:OWASP Education Project|Education Project]] || Novice || 2007-11-01
|-valign="top"
|[[:Image:Education Module Embed within SDLC.ppt|Embed within SDLC]]|| This module explains the complete approach of Web Application Security when developping or deploying web applications as part of the [[:Category:OWASP Education Project|Education Project]] || Novice || 2007-11-01
|-valign="top"
|[[:Image:Education Module Good Secure Development Practices.ppt|Good Secure Development Practices]]|| This module explains some good secure development practices when developping or deploying web applications as part of the [[:Category:OWASP Education Project|Education Project]] || Novice || 2007-11-01
|-valign="top"
|[[:Image:Education Module Testing for Vulnerabilities.ppt|Testing for Vulnerabilities]]|| This module explains application security testing when developping or deploying web applications as part of the [[:Category:OWASP Education Project|Education Project]] || Novice || 2007-11-01
|-valign="top"
|[[:Image:Education Module Good WebAppSec Resources.ppt|Good WebAppSec Resources]]|| This module points you to some good web application security resources when developping or deploying web applications as part of the [[:Category:OWASP Education Project|Education Project]] || Novice || 2007-11-01
|-valign="top"
|Example (include link) || Fill in your comments || Novice/Intermediate/Expert || yyyy-mm-dd
|}

 

== OWASP Project Presentations ==
{|class="wikitable sortable" style="text-align: top;" border="1" cellpadding="2"
|+ OWASP Project Presentations
!width="30%" |Title
!width="40%" |Comment
!width="15%" |Level
!width="15%" |Date (yyyy-mm-dd)
|-valign="top"
|[[:Image:OWASP NY Keynote.ppt|OWASP NY Keynote by Jeff]] also available in [[:Image:20070620-FR-OWASP NY Keynote.ppt|French]]|| OWASP Overview presentation with slide "OWASP by the numbers" and slide with the sorry state of Tools (at best 45%) which caused some controverse || Novice || 2007-06-12
|-valign="top"
|[http://www.owasp.org/images/a/af/OWASP_Testing_Guide_Presentation.zip The OWASP Testing Guide (Jeff Williams)] || Overview of the OWASP Testing Guide || Novice || 2007-01-23
|-valign="top"
|[http://www.owasp.org/images/e/e9/OWASP_Testing_Guide_Presentation_EUSecWest07.zip The OWASP Testing Guide v2 EUSecWest07 (Matteo Meucci, Alberto Revelli)] || Presentation at EUSecWest07 || Intermediate || 2007-03-01
|-valign="top"
|[http://www.owasp.org/images/3/3c/OWASP_Flyer_Sep06.ppt OWASP Project Overview] || High level overview of projects and how OWASP works || Novice || 2006-09-19
|-valign="top"
|[http://www.owasp.org/images/4/49/OWASPAppSec2006Seattle_Security_Metrics.ppt The OWASP Application Security Metrics Project (Bob Austin)] || Presentation on the Application Security Metrics project || Novice || 2006-10-17
|-valign="top"
|[http://www.owasp.org/images/5/53/OWASPAppSecEU2006_CLASP_Project.ppt OWASP CLASP Project (Pravir Chandra)] || OWASP CLASP project presentation given at the 2006 European AppSec conference || Novice || 2006-05-30
|-valign="top"
|[http://www.owasp.org/images/3/30/OWASPAppSec2006Seattle_UsingSprajaxToTestAJAXSecurity.ppt Sprajax (Dan Cornell)] || OWASP Sprajax presentation given at the 2006 Seattle AppSec conference || Intermediate || 2006-10-17
|-valign="top"
|Example (include link) || Fill in your comments || Novice/Intermediate/Expert || yyyy-mm-dd
|}

 

== OWASP Conference Presentations ==
{|class="wikitable sortable" style="text-align: top;" border="1" cellpadding="2"
|+ OWASP Conference Presentations
!width="30%" | Title
!width="40%" | Comment
!width="15%" | Level
!width="15%" |Date (yyyy-mm-dd)

|-valign="top"
|[[:Image:OWASPAppSec2007Milan ModSecurityCoreRuleSet.ppt | Mod Security Core Rule Set (Ofer Shezaf)]] ||Ofer Shezaf's presentation on the Core Ruleset for the latest version of ModSecurity presented at 6th OWASP AppSec conference in Milan, Italy, in May 2007.|| Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan OWASPTestingGuide2v1.ppt | OWASP Testing Guide v2.1 (Matteo Meucci)]] ||Matteo Meucci's presentation on the OWASP Testing Guide v2 at the 6th OWASP AppSec conference in Milan, Italy in May 2007. || Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan CLASP.ppt | CLASP (Pravir Chandra)]] ||Pravir Chandra's presentation on the upcoming 2007 update to CLASP presented at 6th OWASP AppSec conference in Milan, Italy in May 2007. || Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan AdvancedWebHacking.ppt | Advanced Web Hacking (PDP)]] ||PDPs presentation at the 6th OWASP AppSec conference in Milan, Italy in May 2007. || Expert || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan XMLSecurityGatewayEvalCriteria.ppt | XML Security Gateway Evaluation Criteria (Gunnar Peterson)]] ||Gunnar Peterson's presentation about the new XML Security Gateway Evaluation Criteria project at 6th OWASP AppSec conference in Milan, Italy in May 2007. || Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan TestingFlashApplications.ppt | Testing Flash Applications (Stephano Di Paolo)]] ||Stephano Di Paolo's presentation on how to test Flash applications presented at the 6th OWASP AppSec conference in Milan, Italy in May 2007. || Expert|| 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan OvertakingGoogleDesktop.ppt | Overtaking Google Desktop (Yair Amit)]] ||Yair Amit's presentation on XSS Flaws in Google Desktop that can be exploited through google.com presented at 6th OWASP AppSec conference in Milan, Italy in May 2007. || Expert || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan MS ACETeamAppSecfromTheCore.ppt | ACE Team Application Security from the Core (Simon Roses Femerling)]] ||Simon Roses Femerling's presentation on the Microsoft ACE team's application security process at the 6th OWASP AppSec conference in Milan, Italy in May 2007. || Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan Pantera.ppt | Pantera (Simon Roses Femerling)]] ||Simon Roses Femerling's presentation on the new OWASP tool Pantera at the 6th OWASP AppSec conference in Milan, Italy in May 2007. || Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan ProtectingWebAppsfromUniversalPDFXSS.ppt | Protecting Web applications from universal PDF XSS (Ivan Ristic)]] ||Ivan Ristic's Universal XSS PDF presentation at 6th OWASP AppSec conference in Milan, Italy in May 2007. || Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan SoftwareSecurity.ppt | Software Security (Rudolph Araujo)]] ||Rudolph Araujo's presentation on Application Security best practices at the 6th OWASP AppSec conference in Milan Italy, May 2007. || Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan WebGoatv5.ppt | WebGoat v5 (Dave Wichers)]] ||WebGoat v5 presentation by Dave Wichers at the 6th OWASP AppSec Conference in Milan, Italy, May 2007. || Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan WebScarabNG.ppt | WebScarab NG (Dave Wichers)]] ||Description of the new WebScarab-NG efforts presented by Dave Wichers at the 6th OWASP AppSec conference in Milan, Italy in May 2007.|| Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan SANS SPSA Initiative.ppt | SANS SPSA Initiative (Dave Wichers)]] ||Description of the SANS Secure Coding Exam Initiative presented by Dave Wichers at the 6th OWASP AppSec conference in Milan Italy, May 2007.|| Novice || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan OWASPItalyActivities.ppt | OWASP Italy Activities (Raoul Chiesa)]] ||Raoul Chiesa's keynote for day 2 of the 6th OWASP AppSec conference on the state of application security in Italy including OWASP's activities in that country.|| Novice || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan SecurityEngineeringInVista.ppt | Security engineering in Vista (Alex Lucas)]] ||Alex Lucas' from Microsoft's keynote presentation for Day 1 of the 6th OWASP AppSec conference in Milan on the benefits of Microsoft's SDL to the security of Vista. || Intermediate || 2007-05-16
|-valign="top"
|[http://www.owasp.org/images/5/5f/OWASPAppSec2006Seattle_SecurityEngineeringInVista.ppt How the Security Development Lifecycle(SDL) Improved Windows Vista (Michael Howard)] || Michael Howard's talk on SDL from the OWASP Seattle AppSec Conference in 2006 || Intermediate || 2006-10-18
|-valign="top"
|[http://www.owasp.org/images/3/34/OWASPAppSecEU2006_Bootstrapping_the_Application_Assurance_Process.ppt Bootstrapping the Application Assurance Process (Sebastien Deleersnyder)] || Presentation given during the European 2006 AppSec conference on the application assurance process || Novice || 2006-05-30
|-valign="top"
|[http://www.owasp.org/images/8/8b/OWASPAppSecEU2006_InlineApproachforSecureSOAPRequests.ppt Inline Approach for Secure SOAP Requests and Early Validation (Mohammad Ashiqur Rahaman, Maartin Rits and Andreas Schaad SAP Research, Sophia Antipolis, France)] || Presentation given at the European 2006 AppSec conference about security and soap message structure issues || Intermediate || 2006-05-31
|-valign="top"
|[http://www.owasp.org/images/9/9c/OWASPAppSecEU2006_WAFs_WhenAreTheyUseful.ppt Web Application Firewalls:When Are They Useful? (Ivan Ristic)] || Presentation about Web Application Firewalls || Novice || 2006-05-31
|-valign="top"
|[http://www.owasp.org/images/1/1a/OWASPAppSecEU2006_HTTPMessageSplittingSmugglingEtc.ppt HTTP Message Splitting, Smuggling and Other Animals (Amit Klein)] || A presentation about Message splitting other attacks around the HTTP protocol || Intermediate || 2006-05-31
|-valign="top"
|[http://www.owasp.org/images/f/f6/OWASPAppSec2006Seattle_WebAppForensics.ppt Web Application Incident Response & Forensics: A Whole New Ball Game! (Rohyt Belani & Chuck Willis)] || Talk about Web Application Security incident handling and forensics given at the OWASP 2006 Seattle AppSec conference || Intermediate || 2006-10-18
|-valign="top"
|[http://www.owasp.org/images/d/d2/OWASPAppSecEU2006_CanTestingToolsReallyFindOWASPTop10.ppt Can (Automated) Testing Tools Really Find the OWASP Top 10? (Erwin Geirnaert) ] || A talk about how automated testing tools stack up against the OWASP top 10 || Intermediate || 2006-05-30
|-valign="top"
|[http://www.owasp.org/images/2/28/OWASPAppSecEU2006_RequestRodeo.ppt RequestRodeo: Client Side Protection against Session Riding (Martin Johns / Justus Winter)] || Presentation given about how Sessions can be hi-jacked, etc... || Novice || 2006-05-31
|-valign="top"
|[http://www.owasp.org/images/6/62/OWASPAppSecEU2006_SecurityTestingthruAutomatedSWTests.ppt Security Testing through Automated Software Tests (Stephen de Vries)] || Presentation given at the 2006 EuSec conference || Intermediate || 2006-05-31
|-valign="top"
|[http://www.owasp.org/images/0/0e/AppSec2005DC-Jeremy_Poteet-In_the_Line_of_Fire.ppt In the Line of Fire: Defending Highly Visible Targets (Jeremy Poteet)] || Conference given at the 2005 DC AppSec conference || Novice || 2005-10-1
|-valign="top"
|[http://www.owasp.org/images/9/93/AppSec2005DC-Matt_Fisher-Google_Hacking_and_Worms.ppt Google Hacking and Web Application Worms (Matt Fisher)] || Talk given at the 2005 DC AppSec conference || Novice || 2005-10-01
|-valign="top"
|[http://www.owasp.org/images/0/05/AppSec2005DC-Anthony_Canike-Enterprise_AppSec_Program.ppt Establishing an Enterprise Application Security Program (Tony Canike)] || Talk given at the 2005 DC AppSec Conference || Novice || 2005-10-01
|-valign="top"
|[https://owasp.org/images/0/0d/OWASPAppSec2006Seattle_Why_AJAX_Applications_More_Likely_Insecure.ppt Why AJAX Applications Are Far More Likely To Be Insecure (And What To Do About It) (Dave Wichers)] || Dave's talk on AJAX given at the Seattle 2006 AppSec conference || Intermediate || 2006-10-01
|-valign="top"
|Example (include link) || Fill in your comments || Novice/Intermediate/Expert || yyyy-mm-dd
|}

 

== Web Application Security Presentations ==
{|class="wikitable sortable" style="text-align: top;" border="1" cellpadding="2"
|+ Web Application Security Presentations
!width="30%" |Title
!width="40%" |Comment
!width="15%" |Level
!width="15%" |Date (yyyy-mm-dd)
|-valign="top"
|[[:Image:Protecting Web Applications from Universal PDF XSS.ppt| Universal PDF XSS by Ivan Ristic]] || Protecting Web Applications from Universal PDF XSS || Intermediate || 2007-06-28
|-valign="top"
|[[:Image:IdM-OWASP.v.0.2.14.pdf|Identity Management Basics (Derek Brown)]] ||Identity Management Basics|| Novice || 2007-05-09
|-valign="top"
|[[http://www.owasp.org/images/7/74/Advanced_SQL_Injection.ppt Advanced SQL Injection (Victor Chapela)] || Detailed methodology for analyzing applications for SQL injection vulnerabilities || Expert || 2005-11-04
|-valign="top"
|[[http://www.owasp.org/images/7/7d/Advanced_Topics_on_SQL_Injection_Protection.ppt Advanced Topics on SQL Injection Protection (Sam NG)] || 7 methods to prevent SQL injection attacks correctly and in a more integrated approach. Methods 1 to 3 are applicable during design or development life cycle. Method 4 is mainly from QA’s perspective. Methods 5 and 6 can be applied to production environment and are applicable even if you do not have access to or if you cannot change the source code. Other non-main stream technology are discussed in Method 7. || Intermediate || 2006-02-27
|-valign="top"
|[[http://www.owasp.org/images/d/d1/AppSec2005DC-Alex_Stamos-Attacking_Web_Services.ppt Attacking Web Services (Alex Stamos)] || Web Services Introduction and Attacks || Intermediate || 2005-10-11
|-valign="top"
|[http://www.owasp.org/images/7/72/MMS_Spoofing.ppt MMS Spoofing (Matteo Meucci)] || A Case-study of a vulnerable web application || Intermediate
|-valign="top"
|[http://www.owasp.org/images/f/f9/OWASPAppSecEU2006_AJAX_Security.ppt Ajax Security (Andrew van der Stock)] || Presentation on Ajax security for OWASP AppSec Europe 2006 || Intermediate || 2006-05-30
|-valign="top"
|[http://www.owasp.org/images/3/3a/OWASPAppSec2006Seattle_Web_Services_Security.ppt Advanced Web Services Security & Hacking (Justin Derry)] || Presentation given on Webservice security at the Seattle 2006 AppSec conference || Intermediate || 2006-10-18
|-valign="top"
|[http://www.owasp.org/images/f/f6/Integration_into_the_SDLC.ppt Integration into the SDLC (Eoin Keary)] || A presentation about why and how to integrate the SDLC. || Novice || 2005-04-09
|-valign="top"
|Example (include link) || Fill in your comments || Novice/Intermediate/Expert || yyyy-mm-dd
|}

 

== Chapter Presentations ==
{|class="wikitable sortable" style="text-align: top;" border="1" cellpadding="2"
|+ Chapter Presentations
!width="30%" |Title
!width="30%" |Comment
!width="10%" |Level
!width="10%" |Month (Mon-yyyy)
!width="10%" |Chapter

|-valign="top"
|[[:Image:OWASP_CMH_SQLInjection__20080707.zip| 7/7/2008 SQL Injection (Columbus, OH)]] || SQL Injection Presentation given at the Columbus, OH OWASP Chapter Meeting. Powerpoint, derby DB, and applicable java code. || Novice / Intermediate || July 2008 || [[Columbus]]
|-valign="top"
|[[:Image:OWASP_ellak-Greece.ppt| Detecting Web Application Vulnerabilities Using Open Source Means (Konstantinos Papapanagiotou) ]] ||OWASP Greek Chapter presentation given at the Open Source Software (FLOSS) Conference in Athens|| Novice ||May 2008 || [[Greece]]
|-valign="top"
|[[:Image:Hacking_The_World_With_Flash.ppt| Hacking The World With Flash (Paul Craig) ]] ||OWASP New Zealand chapter presentation on Flash security|| Intermediate ||April 2008 || [[New Zealand]]
|-valign="top"
|[[:Image:Web_spam_techniques.ppt| Web Spam Techniques (Roberto Suggi Liverani) ]] ||OWASP New Zealand chapter presentation on Web Spam Techniques|| Intermediate ||April 2008 || [[New Zealand]]
|-valign="top"
|[[:Image:Xpath_Injection.ppt| Xpath Injection Overview (Roberto Suggi Liverani) ]] ||OWASP New Zealand chapter presentation on Xpath Injection|| Intermediate ||February 2008 || [[New Zealand]]
|-valign="top"
|[[:Image:Owasp security4mobileJava.pdf| Dependability for Java Mobile Code (Pierre Parrend) ]] ||OWASP Swiss chapter presentation on Mobile Java Security || Expert ||July 2007 || [[Switzerland]]
|-valign="top"
|[[:Image:Trust Security Usability - v1.0.pdf|Trust, Security and Usability (Roger Carhuatocto) in Spanish]]||OWASP Spain chapter meeting (July'07) || Intermediate ||July 2007 || [[Spain]]
|-valign="top"
|[[:Image:OWASP-tratamiento_de_datos.pdf|Tratamiento seguro de datos en aplicaciones in Spanish]]||OWASP Spain chapter meeting (July'07) || Intermediate ||July 2007 || [[Spain]]
|-valign="top"
|[[:Image:Conferencia_OWASP.pdf|Ataques DoS en aplicaciones Web (Jaime Blasco Bermejo) in Spanish]]||OWASP Spain chapter meeting (July'07) || Intermediate ||July 2007 || [[Spain]]
|-valign="top"
|[[:Image:Seguridad en entornos financieros.pdf|Seguridad en entornos financierosPedro (Pedro Sánchez) in Spanish]]||OWASP Spain chapter meeting (July'07) || Intermediate ||July 2007 || [[Spain]]
|-valign="top"
|[[:Image:Java_Open_Review.ppt|Brian Chess from Fortify shared what's going on with the Java Open Source review project at the June NoVA OWASP meeting]] || Java Open Review || Intermediate ||June 2007 || [[Virginia (Northern Virginia)]]
|-valign="top"
|[[:Image:Bytecode_injection.ppt|Brian Chess from Fortify, presentation to NoVA OWASP chapter in June 2007.]] || Bytecode injection || Expert ||June 2007 || [[Virginia (Northern Virginia)]]
|-valign="top"
|[[:Image:Security at the VMM Layer - OWASP.ppt|Security at the VMM Layer by Ted Winograd]] || Security at the VMM Layer || Expert ||June 2007 || [[Virginia (Northern Virginia)]]
|-valign="top"
|[[:Image:KC June 2007 Evaluating and Tuning WAFs.pdf|Evaluating and Tuning Web Application Firewalls (Barry Archer)]] ||Presentation given at Kansas City June 2007 chapter meeting|| Intermediate ||June 2007 || [[Kansas City]]
|-valign="top"
|[[:Image:OWASP_SDL-IT.pdf|Microsoft Security Development Lifecycle for IT (Rob Labbé)]] ||Presentation by Rob Labbe at Ottawa OWASP Chapter|| Novice ||May 2007|| [[Ottawa]]
|-valign="top"
|[[:Image:OWASP_IL_7_Application_DOS.pdf|Application Denial of Service (Shaayy Cheen)]] ||Is it Really That Easy? Presentation given at the Israel Mini Conference in May 2007|| Intermediate ||May 2007 || [[Israel]]
|-valign="top"
|[[:Image:OWASP_IL_7_FuzzGuru.pdf|Fuzzing in Microsoft and FuzzGuru framework (John Neystadt)]] ||Presentation given at the Israel Mini Conference in May 2007|| Intermediate ||May 2007 || [[Israel]]
|-valign="top"
|[[:Image:OWASP_IL_7_AppSec_and_Beyond.pdf|Application Security, not just development (David Lewis)]] ||Presentation given at the Israel Mini Conference in May 2007|| Intermediate ||May 2007 || [[Israel]]
|-valign="top"
|[[:Image:OWASP IL 7 Overtaking Google Desktop.pdf|Overtaking Google Desktop, Leveraging XSS to Raise Havoc (Yair Amit)]] ||Presentation given at the Israel Mini Conference in May 2007|| Intermediate ||May 2007 || [[Israel]]
|-valign="top"
|[[:Image:OWASP IL 7 UnregisterAttackInSip.pdf|Unregister Attack in SIP (Anat Bremler-Barr, Ronit Halachmi-Bekel and Jussi Kangasharju)]] ||Presentation given at the Israel Mini Conference in May 2007|| Intermediate ||May 2007 || [[Israel]]
|-valign="top"
|[[:Image:OWASP IL 7 WAF Positive Security.pdf|Positive Security Model for Web Applications, Challenges and Promise (Ofer Shezaf)]] ||Presentation given at the Israel Mini Conference in May 2007|| Intermediate ||May 2007 || [[Israel]]
|-valign="top"
|[[:Image:OWASP IL 7 DOT NET Reverse Engineering.pdf|.NET Reverse Engineering (Erez Mettulla)]] ||Presentation given at the Israel Mini Conference in May 2007|| Expert ||May 2007 || [[Israel]]
|-valign="top"
|[[:Image:OWASP IL 7 OWASP Introduction.pdf|OWASP introduction (Ofer Shezaf)]] ||2nd OWASP IL mini conference at the Interdisciplinary Center (IDC) Herzliya|| Intermediate ||May 2007 || [[Israel]]
|-valign="top"
|[[:Image:OWASP BeLux 2007-06-22 Update on Internet Attack Statistics for Belgium in 2006.ppt|Update on Internet Attack Statistics for Belgium in 2006 by Hilar Leoste (Zone-H)]] || Update on Internet Attack Statistics for Belgium in 2006 || Novice ||May 2007 || [[Belgium]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:InfoSec_World_2007_-_Web_services_gateways.ppt Securing Web Services using XML Security Gateways by Tim Bond] || Securing Web Services using XML Security Gateways || Intermediate ||May 2007 || [[Virginia (Northern Virginia)]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:SwA_Acquisition_WG_-_Overview.ppt Software Assurance in the Acquisition Process by Stan Wisseman] || Software Assurance in the Acquisition Process || Intermediate ||May 2007 || [[Virginia (Northern Virginia)]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:OWASP_BeLux_2007-05-10_Legal_Aspects_Jos_Dumortier.zip Legal Aspects of (Web) Application Security by Jos Dumortier] || Legal Aspects of (Web) Application Security || Intermediate ||May 2007 || [[Belgium|Belgium]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:OWASP_BeLux_2007-05-10_AppSec_Research_Lieven_Desmet.zip AppSec Research (University Leuven Belgium)] || Formal absence of implementation bugs in web applications: a case study on indirect data sharing by Lieven Desmet || Expert ||May 2007 || [[Belgium|Belgium]]
|-valign="top"
|[[:Image:Scanner-Sparkly.ppt|A Scanner Sparkly]] || A Scanner Sparkly, taken from the Phoenix OWASP presentations on Application Security Tools, May 2007 || Intermediate ||May 2007 || [[Phoenix]]
|-valign="top"
|[[:Image:Owasp-lessonslearned.ppt|Grey Box Assessment Lessons Learned]] || "Grey Box Assessment Lessons Learned", taken from the Phoenix OWASP presentations, Application Security Tools, May 2007 || Intermediate ||May 2007 || [[Phoenix]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:OWASP_BeLux_2007-05-10_OWASP_Update.zip OWASP Update and OWASP BeLux Board Presentation (Seba)] || OWASP Update and OWASP BeLux Board Presentation || Novice||May 2007 || [[Belgium|Belgium]]
|-valign="top"
|[[:Image:Security Metics- What can we measure- Zed Abbadi.pdf|Metics- What can we measure (Zed Abbadi)]] ||19 April NoVa chapter meeting presentation on Security Metrics || Novice ||April 2007 || [[Virginia (Northern Virginia)]]
|-valign="top"
|[[:Image:Web Services Hacking and Hardening.pdf| Web Services Hacking and Hardening (Adam Vincent) ]] ||3/8/07 NoVA chapter meeting, Adam Vincent from Layer7 || Expert ||March 2007 || [[Virginia (Northern Virginia)]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:OWASP_BE_2007-01-23_OWASP_Update.zip OWASP Update (Seba)] || OWASP Update || Novice||Jan 2007 || [[Belgium|Belgium]]
|-valign="top"
|[http://www.owasp.org/images/f/fe/Pres_20070206_04_svetsch_xss_worms_owasp.zip XSS Worms (Sven Vetsch)] || XSS Worms || Intermediate ||Feb 2007 || [[Switzerland|Switzerland]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:OWASP_BE_2007-01-23_OWASP_Update.zip OWASP Update (Seba)] || OWASP Update || Novice||Jan 2007 || [[Belgium|Belgium]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:OWASP_BE_2007-01-23_WebGoat-Pantera.zip WebGoat and Pantera presentation (Philippe Bogaerts)] || WebGoat and Pantera presentation || Novice || Jan 2007 || [[Belgium|Belgium]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:OWASP_BE_2007-01-23_AOP_security.zip Security implications of AOP for secure software (Bart De Win)] || Security implications of AOP for secure software || Expert || Jan 2007 || [[Belgium|Belgium]]
|-valign="top"
|[http://www.owasp.org/images/1/12/OWASP_Denver_Nov-06_presentation.ppt testing for common security flaws (David Byrne)] || testing for common security flaws || Intermediate || Nov 2006 || [[Denver|Denver]]
|-valign="top"
|[http://www.owasp.org/images/7/7c/Owasp-olli.pdf 40-ish slides on analyzing threats (Olli)] || Analyzing Threats || Novice || Dec 2006 || [[Helsinki|Helsinki]]
|-valign="top"
|[http://www.owasp.org/images/2/2c/KC_Dec2006_Attacking_The_App.pdf Attacking the Application (Dave Ferguson)] || Vulnerabilities, attacks and coding suggestions || Intermediate || Dec 2006 || [[Kansas City|Kansas City]]
|-valign="top"
|[http://www.owasp.org/images/6/6a/KC_Dec2006_Ajax_Security_Concerns.pdf Ajax Security Concerns (Rohini Sulatycki)] || Ajax Security Concerns || Intermediate ||Dec 2006 || [[Kansas City|Kansas City]]
|-valign="top"
|[http://www.owasp.org/images/8/8c/Anatomy_of_2_Web_App_Testing.zip Anatomy of 2 Web Application Testing (Matteo Meucci)] || Anatomy of 2 Web Application Testing || Intermediate || Mar 2006 || [[Italy|Italy]]

|-valign="top"
|Example (include link) || Fill in your comments || Novice/Intermediate/Expert || Mon Year || Chapter
|}

[[Category:OWASP Education Project]]
[[Category:OWASP Presentations]]
[[Category:Chapter Resources]]

File:OWASP CMH SQLInjection 20080707.zip

2008-07-08T20:27:20Z

Echo5haiz: Columbus, OH Chapter Meeting. SQL Injection. Zip file contains PPT as well as a derby database, a few.java files and the SQL injection strings. This is somewhat basic. Demo was performed in Rationale and emphasis was placed on watching the transaction. Th

Columbus, OH Chapter Meeting. SQL Injection. Zip file contains PPT as well as a derby database, a few.java files and the SQL injection strings. This is somewhat basic. Demo was performed in Rationale and emphasis was placed on watching the transaction. This was more about prevention then types of SQL injection.

Columbus

2008-07-01T17:56:12Z

Echo5haiz: /* Local News */

Columbus

2008-07-01T17:55:32Z

Echo5haiz:

Columbus

2008-05-20T02:01:34Z

Echo5haiz: /* July 2008 Meeting */

Columbus

2008-05-20T01:57:35Z

Echo5haiz: /* Local News */

{{Chapter Template|chaptername=Columbus, OH|extra=The chapter leader is [mailto:owasp(at)hayesdf.com Chris Hayes]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-columbus|emailarchives=http://lists.owasp.org/pipermail/owasp-columbus}}

== Local News ==
'''– NOTICE – Next chapter meeting - 7/7/2008; details below'''
We are still seeking one or two more board members and to get the local community involved by publicizing the chapter. We are currently planning activities for the remainder of 2008; at least one chapter meeting per quarter - more if interest warrants.

To submit educational topics for upcoming meetings, please submit your powerpoint using the
[http://www.owasp.org/images/5/54/Presentation_template.ppt OWASP Template] and include a speaker BIO. Any inquiries regarding chapter or meeting sponsors can be directed to [mailto:owasp(at)hayesdf.com Chris Hayes]. Please begin the subject header with: [OWASP COLUMBUS].

Thank you!

== March 2008 Meeting ==

'''When:''' March 24th, 2008, 6:00 PM - 7:30 PM, Doors open at 5:30 PM

'''Where:''' Heritage Room, One Nationwide Plaza, Columbus, OH 43215

'''Parking:''' Recommend parking in the Front St. Garage; take the Skywalk from the garage over to the Nationwide Plazas. Signs will be posted.

'''*** General Session Topic: Introduction to OWASP ***'''

'''Who:''' Chris Hayes (Nationwide Insurance, CISSP, OWASP Columbus, OH Chapter Leader)

OWASP plays a special role in the application security ecosystem, is vehicle for sharing knowledge and lead best practices across organizations. As an example, OWASP is a community of people passionate about application security. We all share a vision of a world where you can confidently trust the software you use. One of our primary missions is to make application security visible so that people can make informed decisions about risk.
OWASP is the most authoritative and resourceful application security organization to share and open source tools, documents, basic information, guidelines, presentations projects worldwide. The OWASP Top Ten list includes a reference for most critical web application security flaws compiled by a variety of security experts from around the world. The list is recommended by U.S. Federal Trade Commission, the U.S. Defense Information Systems Agency and is adopted by Payment Card Industry (PCI) as a requirement for security code reviews.
Through OWASP you’ll find a rich community of people to connect through mailing lists, participating in the local chapters, and attending conferences.
The people involved in OWASP recognize the world’s software is most likely getting less and less secure. As we increase our interconnections and use more and more powerful computing technologies, the likelihood of introducing vulnerabilities increases exponentially.
Whatever the internet becomes, OWASP can play a key role in making sure that it is a place we can trust. This meeting will provide an opportunity to meet local OWASP affiliates and members and know more about how to contribute to OWASP.

'''*** Specific Session Topic: Web Session Token Security (OWASP Top 10 - Broken Authentication and Session Management) ***'''

'''Who:''' Greg Green (CISSP, Senior Security Consultant, Nationwide Insurance)

During this presentation we will briefly cover web application sessions. Attendees will be introduced to the OWASP WebGoat application and the session management flaw exercise labeled “Spoof an Authentication Cookie”. Besides WebGoat, attendees will also be exposed to the OWASP tool WebScarab (intercepting proxy), and some simple JAVA code.

[[Category:OWASP Chapter]]

OWASP on the Move

2008-04-27T21:09:51Z

Echo5haiz:

This new program allows local chapter or application security conferences to have OWASP presenters on site.

This page will allow 3 parties to find each other:

* OWASP speakers to entertain OWASP presentations and that want to see the world
* Local chapters or application security events that want to attract an OWASP speaker
* OWASP sponsors that want to support spreading the OWASP message

Owasp on the Move (OotM) is now also a project. Visit the project [[:Category:OWASP_on_the_Move_Project|page]] to see what the future holds for OotM.

==OWASP On the Move Rules:==

The following rules apply for the OotM project:

*The normal maximum amount per speaker is 500 USD
*Only in special circumstances the maximum amount per speaker can be raised to a maximum of $1000 USD
*There is a proposed limit of 2,000 USD on the amount of $ provided to any individual per year (*see 'further funding' below)
*There is a proposed limit of 1,000 USD on the amount of $ provided to any event per year(*see 'further funding' below)
*There is a proposed limit of 2,000 USD on the amount of $ provided to any chapter per year(*see 'further funding' below)
*The program will run for 1 year or 30,000 USD (whichever comes first) and then will be reviewed for the value and ROI for OWASP and its community;

So, a chapter can use the sponsorship 4 times a year, with the max of 2 speakers sponsored by OotM for one single event.

*Further funding: for active chapters or speakers who have reach the proposed financial limits, further funding is possible but will depend on available budget, since priority would be given to chapters below these thresholds

== Current demand ==
Add your demand here:

* [[Helsinki]] is looking for OWASP speakers on the SDLC topic for a mini-conference. Expected timing is sometime in May . Sponsors and potential speakers are requested to contact Antti.

* [[Edmonton]] is looking for an OWASP speaker on any topic to coincide with the CIPS Edmonton ICE Conference[http://www.iceconference.com/iceSpeakers.aspx]. The talk would be during November 5 - 7, 2007. Looking for a quick reply if possible as we are trying to finalize the conference program very shortly. Keynotes at the conference include Bruce Schneier and Jim Christy, so this could be a great opportunity to showcase OWASP to an interested audience.

== Current offerings ==
If you want to (re)do an OWASP related presentation, propose them here with your availability boundaries (timing/geographical)
* Marc Curphey will happily speak about the WebAppSec industry, SDLC etc. around Europe. You can see him in action at [http://video.hitb.org/2006.html HITB with John Viega] (big download)
* [mailto:thesp0nge@owasp.org Paolo Perego] is available to talk about [http://www.owasp.org/index.php/Category:OWASP_Orizon_Project Orizon project], safe coding and code review issues around Europe in the near October-December.
* [mailto:marc.m.morana@gmail.org Marco Morana] is available to talk about [http://iac.dtic.mil/iatac/download/security.pdf Software Security Frameworks]and Secure Code Reviews [https://www.cmpevents.com/CSI33/a.asp?option=G&V=3&id=443342 see 07 CSI conference as reference] in USA around November-December and in Europe around January-February.
* [mailto:sebastien.gioria@owasp.fr Sébastien Gioria] is available to talk about WebAppSec, educational purpose on AppSec in French or at least in english around France/Europe/Canada from middle of March 08. You can find some Talk on the [http://www.owasp.fr Owasp France Chapter]
* you?

== Upcoming OWASP on the Move Events ==

== Past OWASP on the Move Events ==

* 8th Sep 2007: [[Belgium]] Mark Curphey, pdp (Architect), Simon Roses Femerling and David Kierznowski presented as part of the OWASP Day worldwide conference.
* 14th July 2007: [[Turkey]] Dinis joined the first Turkey Mini-Conference
* 22nd June 2007: [[Belgium]] Ivan Ristic and Dinis Cruz came to the chapter meeting (sponsored by F5 Networks locally).

== Sponsors ==
Currently the OotM is sponsored by banners on the OWASP home page.

We are looking for sponsors that specifically want to sponsor the OotM project.

Past local sponsors were:
* F5 Networks in [[Belgium]]

Columbus

2008-03-05T01:15:21Z

Echo5haiz:

{{Chapter Template|chaptername=Columbus, OH|extra=The chapter leader is [mailto:owasp(at)hayesdf.com Chris Hayes]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-columbus|emailarchives=http://lists.owasp.org/pipermail/owasp-columbus}}

== Local News ==
'''– NOTICE – First local chapter meeting - 3/24/2008; details below'''
The chapter has just started! We are currently seeking board members and to get the local community involved by publicizing the chapter. We are currently planning activities for the remainder of 2008; at least one chapter meeting per quarter - more if interest warrants.

To submit educational topics for upcoming meetings, please submit your powerpoint using the
[http://www.owasp.org/images/5/54/Presentation_template.ppt OWASP Template] and include a speaker BIO. Any inquiries regarding chapter or meeting sponsors can be directed to [mailto:owasp(at)hayesdf.com Chris Hayes]. Please begin the subject header with: [OWASP COLUMBUS].

Thank you!

== March 2008 Meeting ==

'''When:''' March 24th, 2008, 6:00 PM - 7:30 PM, Doors open at 5:30 PM

'''Where:''' Heritage Room, One Nationwide Plaza, Columbus, OH 43215

'''Parking:''' Recommend parking in the Front St. Garage; take the Skywalk from the garage over to the Nationwide Plazas. Signs will be posted.

'''*** General Session Topic: Introduction to OWASP ***'''

'''Who:''' Chris Hayes (Nationwide Insurance, CISSP, OWASP Columbus, OH Chapter Leader)

OWASP plays a special role in the application security ecosystem, is vehicle for sharing knowledge and lead best practices across organizations. As an example, OWASP is a community of people passionate about application security. We all share a vision of a world where you can confidently trust the software you use. One of our primary missions is to make application security visible so that people can make informed decisions about risk.
OWASP is the most authoritative and resourceful application security organization to share and open source tools, documents, basic information, guidelines, presentations projects worldwide. The OWASP Top Ten list includes a reference for most critical web application security flaws compiled by a variety of security experts from around the world. The list is recommended by U.S. Federal Trade Commission, the U.S. Defense Information Systems Agency and is adopted by Payment Card Industry (PCI) as a requirement for security code reviews.
Through OWASP you’ll find a rich community of people to connect through mailing lists, participating in the local chapters, and attending conferences.
The people involved in OWASP recognize the world’s software is most likely getting less and less secure. As we increase our interconnections and use more and more powerful computing technologies, the likelihood of introducing vulnerabilities increases exponentially.
Whatever the internet becomes, OWASP can play a key role in making sure that it is a place we can trust. This meeting will provide an opportunity to meet local OWASP affiliates and members and know more about how to contribute to OWASP.

'''*** Specific Session Topic: Web Session Token Security (OWASP Top 10 - Broken Authentication and Session Management) ***'''

'''Who:''' Greg Green (CISSP, Senior Security Consultant, Nationwide Insurance)

During this presentation we will briefly cover web application sessions. Attendees will be introduced to the OWASP WebGoat application and the session management flaw exercise labeled “Spoof an Authentication Cookie”. Besides WebGoat, attendees will also be exposed to the OWASP tool WebScarab (intercepting proxy), and some simple JAVA code.

[[Category:OWASP Chapter]]

Columbus

2008-03-04T14:27:12Z

Echo5haiz:

{{Chapter Template|chaptername=Columbus, OH|extra=The chapter leader is [mailto:owasp(at)hayesdf.com Chris Hayes]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-columbus|emailarchives=http://lists.owasp.org/pipermail/owasp-columbus}}

== Local News ==
'''– NOTICE – First local chapter meeting - 3/24/2008; details below'''
The chapter has just started! We are currently seeking board members and to get the local community involved by publicizing the chapter. We are currently planning activities for the remainder of 2008; at least one chpater meeting per quarter - more if interest warrants.

To submit educational topics for upcoming meetings, please submit your powerpoint using the
[http://www.owasp.org/images/5/54/Presentation_template.ppt OWASP Template] and include a speaker BIO. Any inquiries regarding chapter or meeting sponsors can be directed to [mailto:owasp(at)hayesdf.com Chris Hayes]. Please begin the subject header with: [OWASP COLUMBUS].

Thank you!

== March 2008 Meeting ==

'''When:''' March 24th, 2008, 6:00 PM - 7:30 PM, Doors open at 5:30 PM

'''Where:''' Heritage Room, One Nationwide Plaza, Columbus, OH 43215

'''Parking:''' Recommend parking in the Front St. Garage; take the Skywalk from the garage over to the Nationwide Plazas. Signs will be posted.

'''*** General Session Topic: Introduction to OWASP ***'''

'''Who:''' Chris Hayes (Nationwide Insurance, CISSP, OWASP Columbus, OH Chapter Leader)

OWASP plays a special role in the application security ecosystem, is vehicle for sharing knowledge and lead best practices across organizations. As an example, OWASP is a community of people passionate about application security. We all share a vision of a world where you can confidently trust the software you use. One of our primary missions is to make application security visible so that people can make informed decisions about risk.
OWASP is the most authoritative and resourceful application security organization to share and open source tools, documents, basic information, guidelines, presentations projects worldwide. The OWASP Top Ten list includes a reference for most critical web application security flaws compiled by a variety of security experts from around the world. The list is recommended by U.S. Federal Trade Commission, the U.S. Defense Information Systems Agency and is adopted by Payment Card Industry (PCI) as a requirement for security code reviews.
Through OWASP you’ll find a rich community of people to connect through mailing lists, participating in the local chapters, and attending conferences.
The people involved in OWASP recognize the world’s software is most likely getting less and less secure. As we increase our interconnections and use more and more powerful computing technologies, the likelihood of introducing vulnerabilities increases exponentially.
Whatever the internet becomes, OWASP can play a key role in making sure that it is a place we can trust. This meeting will provide an opportunity to meet local OWASP affiliates and members and know more about how to contribute to OWASP.

'''*** Specific Session Topic: Web Session Token Security (OWASP Top 10 - Broken Authentication and Session Management) ***'''

'''Who:''' Greg Green (CISSP, Senior Security Consultant, Nationwide Insurance)

During this presentation we will briefly cover web application sessions. Attendees will be introduced to the OWASP WebGoat application and the session management flaw exercise labeled “Spoof an Authentication Cookie”. Besides WebGoat, attendees will also be exposed to the OWASP tool WebScarab (intercepting proxy), and some simple JAVA code.

[[Category:OWASP Chapter]]

OWASP on the Move

2008-03-03T01:28:07Z

Echo5haiz: /* Current demand */

This new program allows local chapter or application security conferences to have OWASP presenters on site.

This page will allow 3 parties to find each other:

* OWASP speakers to entertain OWASP presentations and that want to see the world
* Local chapters or application security events that want to attract an OWASP speaker
* OWASP sponsors that want to support spreading the OWASP message

Owasp on the Move (OotM) is now also a project. Visit the project [[:Category:OWASP_on_the_Move_Project|page]] to see what the future holds for OotM.

== Current demand ==
Add your demand here:

* [[Columbus]] , OH is looking for an OWASP speaker on any topic to coincide with our first chapter meeting on March 24th, 2008. Any inquiries regarding speakers or chapter / meeting sponsors can contact [mailto:owasp(at)hayesdf.com Chris Hayes]. Please begin the subject header with: [OWASP COLUMBUS].

* [[Helsinki]] is looking for OWASP speakers on the SDLC topic for a mini-conference. Expected timing is sometime in May . Sponsors and potential speakers are requested to contact Antti.

* [[Edmonton]] is looking for an OWASP speaker on any topic to coincide with the CIPS Edmonton ICE Conference[http://www.iceconference.com/iceSpeakers.aspx]. The talk would be during November 5 - 7, 2007. Looking for a quick reply if possible as we are trying to finalize the conference program very shortly. Keynotes at the conference include Bruce Schneier and Jim Christy, so this could be a great opportunity to showcase OWASP to an interested audience.

== Current offerings ==
If you want to (re)do an OWASP related presentation, propose them here with your availability boundaries (timing/geographical)
* Marc Curphey will happily speak about the WebAppSec industry, SDLC etc. around Europe. You can see him in action at [http://video.hitb.org/2006.html HITB with John Viega] (big download)
* [mailto:thesp0nge@owasp.org Paolo Perego] is available to talk about [http://www.owasp.org/index.php/Category:OWASP_Orizon_Project Orizon project], safe coding and code review issues around Europe in the near October-December.
* [mailto:marc.m.morana@gmail.org Marco Morana] is available to talk about [http://iac.dtic.mil/iatac/download/security.pdf Software Security Frameworks]and Secure Code Reviews [https://www.cmpevents.com/CSI33/a.asp?option=G&V=3&id=443342 see 07 CSI conference as reference] in USA around November-December and in Europe around January-February.
* [mailto:sebastien.gioria@owasp.fr Sébastien Gioria] is available to talk about WebAppSec, educational purpose on AppSec in French or at least in english around France/Europe/Canada from middle of March 08. You can find some Talk on the [http://www.owasp.fr Owasp France Chapter]
* you?

== Upcoming OWASP on the Move Events ==

== Past OWASP on the Move Events ==

* 8th Sep 2007: [[Belgium]] Mark Curphey, pdp (Architect), Simon Roses Femerling and David Kierznowski presented as part of the OWASP Day worldwide conference.
* 14th July 2007: [[Turkey]] Dinis joined the first Turkey Mini-Conference
* 22nd June 2007: [[Belgium]] Ivan Ristic and Dinis Cruz came to the chapter meeting (sponsored by F5 Networks locally).

== Sponsors ==
Currently the OotM is sponsored by banners on the OWASP home page.

We are looking for sponsors that specifically want to sponsor the OotM project.

Past local sponsors were:
* F5 Networks in [[Belgium]]

Columbus

2008-03-03T01:23:47Z

Echo5haiz: /* Local News */

{{Chapter Template|chaptername=Columbus, OH|extra=The chapter leader is [mailto:owasp(at)hayesdf.com Chris Hayes]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-columbus|emailarchives=http://lists.owasp.org/pipermail/owasp-columbus}}

== Local News ==
'''– NOTICE – First local chapter meeting - 3/24/2008; details below'''
The chapter has just started! We are currently seeking board members and to get the local community involved by publicizing the chapter. We are currently planning activities for the remainder of 2008; at least one chpater meeting per quarter - more if interest warrants.

To submit educational topics for upcoming meetings, please submit your powerpoint using the
[http://www.owasp.org/images/5/54/Presentation_template.ppt OWASP Template] and include a speaker BIO. Any inquiries regarding chapter or meeting sponsors can be directed to [mailto:owasp(at)hayesdf.com Chris Hayes]. Please begin the subject header with: [OWASP COLUMBUS].

Thank you!

== March 2008 Meeting ==

'''When:''' March 24th, 2008, 6:00 PM - 7:30 PM, Doors open at 5:30 PM

'''Where:''' Heritage Room, One Nationwide Plaza, Columbus, OH 43215

'''Parking:''' Recommend parking in the Front St. Garage; take the Skywalk from the garage over to the Nationwide Plazas. Signs will be posted.

'''General Session Topic: Introduction to OWASP'''

'''Who:''' Chris Hayes (Nationwide, CISSP, OWASP Columbus, OH Chapter Leader)

OWASP plays a special role in the application security ecosystem, is vehicle for sharing knowledge and lead best practices across organizations. As an example, OWASP is a community of people passionate about application security. We all share a vision of a world where you can confidently trust the software you use. One of our primary missions is to make application security visible so that people can make informed decisions about risk.
OWASP is the most authoritative and resourceful application security organization to share and open source tools, documents, basic information, guidelines, presentations projects worldwide. The OWASP Top Ten list includes a reference for most critical web application security flaws compiled by a variety of security experts from around the world. The list is recommended by U.S. Federal Trade Commission, the U.S. Defense Information Systems Agency and is adopted by Payment Card Industry (PCI) as a requirement for security code reviews.
Through OWASP you’ll find a rich community of people to connect through mailing lists, participating in the local chapters, and attending conferences.
The people involved in OWASP recognize the world’s software is most likely getting less and less secure. As we increase our interconnections and use more and more powerful computing technologies, the likelihood of introducing vulnerabilities increases exponentially.
Whatever the internet becomes, OWASP can play a key role in making sure that it is a place we can trust. This meeting will provide an opportunity to meet local OWASP affiliates and members and know more about how to contribute to OWASP.

'''Specific Session Topic: Details Forthcoming'''

[[Category:OWASP Chapter]]

Columbus

2008-03-03T01:18:44Z

Echo5haiz:

{{Chapter Template|chaptername=Columbus, OH|extra=The chapter leader is [mailto:owasp(at)hayesdf.com Chris Hayes]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-columbus|emailarchives=http://lists.owasp.org/pipermail/owasp-columbus}}

== Local News ==
'''– NOTICE – First local chapter meeting - 3/24/2008; details below'''
The chapter has just started! We are currently seeking board members and to get the local community involved by publicizing the chapter. We are currently planning activities for the remainder of 2008; at least one chpater meeting per quarter - more if interest warrants.

To submit educational topic upcoming meetings please submit your powerpoint using the
[http://www.owasp.org/images/5/54/Presentation_template.ppt OWASP Template] and include a speaker BIO. Any inquiries regarding chapter or meeting sponsors can be directed to [mailto:owasp(at)hayesdf.com Chris Hayes]. Please begin the subject header with: [OWASP COLUMBUS].

Thank you!

== March 2008 Meeting ==

'''When:''' March 24th, 2008, 6:00 PM - 7:30 PM, Doors open at 5:30 PM

'''Where:''' Heritage Room, One Nationwide Plaza, Columbus, OH 43215

'''Parking:''' Recommend parking in the Front St. Garage; take the Skywalk from the garage over to the Nationwide Plazas. Signs will be posted.

'''General Session Topic: Introduction to OWASP'''

'''Who:''' Chris Hayes (Nationwide, CISSP, OWASP Columbus, OH Chapter Leader)

OWASP plays a special role in the application security ecosystem, is vehicle for sharing knowledge and lead best practices across organizations. As an example, OWASP is a community of people passionate about application security. We all share a vision of a world where you can confidently trust the software you use. One of our primary missions is to make application security visible so that people can make informed decisions about risk.
OWASP is the most authoritative and resourceful application security organization to share and open source tools, documents, basic information, guidelines, presentations projects worldwide. The OWASP Top Ten list includes a reference for most critical web application security flaws compiled by a variety of security experts from around the world. The list is recommended by U.S. Federal Trade Commission, the U.S. Defense Information Systems Agency and is adopted by Payment Card Industry (PCI) as a requirement for security code reviews.
Through OWASP you’ll find a rich community of people to connect through mailing lists, participating in the local chapters, and attending conferences.
The people involved in OWASP recognize the world’s software is most likely getting less and less secure. As we increase our interconnections and use more and more powerful computing technologies, the likelihood of introducing vulnerabilities increases exponentially.
Whatever the internet becomes, OWASP can play a key role in making sure that it is a place we can trust. This meeting will provide an opportunity to meet local OWASP affiliates and members and know more about how to contribute to OWASP.

'''Specific Session Topic: Details Forthcoming'''

[[Category:OWASP Chapter]]

Columbus

2008-02-16T13:54:56Z

Echo5haiz:

{{Chapter Template|chaptername=Columbus, OH|extra=The chapter leader is [mailto:owasp(at)hayesdf.com Chris Hayes]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-columbus|emailarchives=http://lists.owasp.org/pipermail/owasp-columbus}}

== Local News ==
'''– NOTICE – First local chapter meeting - 3/24/2008; details below'''
The chapter has just started! We are currently seeking board members and to get the local community involved by publicizing the chapter. We are currently planning activities for the remainder of 2008; at least one chpater meeting per quarter - more if interest warrants.

To submit educational topic upcoming meetings please submit your powerpoint using the
[http://www.owasp.org/images/5/54/Presentation_template.ppt OWASP Template] and include a speaker BIO. Any inquiries regarding chapter or meeting sponsors can be directed to [mailto:owasp(at)hayesdf.com Chris Hayes]. Please begin the subject header with: [OWASP COLUMBUS].

Thank you!

== March 2008 Meeting ==

'''When:''' March 24th, 2008, 6:00 PM - 7:30 PM, Doors open at 5:30 PM

'''Where:''' Heritage Room, One Nationwide Plaza, Columbus, OH 43215

'''Parking:''' Recommend parking the Front St. Garage; take the Skywalk from the garage over to the Nationwide Plazas. Signs will be posted.

'''General Session Topic: Introduction to OWASP'''

'''Who:''' Chris Hayes (Nationwide, CISSP, OWASP Columbus, OH Chapter Leader)

OWASP plays a special role in the application security ecosystem, is vehicle for sharing knowledge and lead best practices across organizations. As an example, OWASP is a community of people passionate about application security. We all share a vision of a world where you can confidently trust the software you use. One of our primary missions is to make application security visible so that people can make informed decisions about risk.
OWASP is the most authoritative and resourceful application security organization to share and open source tools, documents, basic information, guidelines, presentations projects worldwide. The OWASP Top Ten list includes a reference for most critical web application security flaws compiled by a variety of security experts from around the world. The list is recommended by U.S. Federal Trade Commission, the U.S. Defense Information Systems Agency and is adopted by Payment Card Industry (PCI) as a requirement for security code reviews.
Through OWASP you’ll find a rich community of people to connect through mailing lists, participating in the local chapters, and attending conferences.
The people involved in OWASP recognize the world’s software is most likely getting less and less secure. As we increase our interconnections and use more and more powerful computing technologies, the likelihood of introducing vulnerabilities increases exponentially.
Whatever the internet becomes, OWASP can play a key role in making sure that it is a place we can trust. This meeting will provide an opportunity to meet local OWASP affiliates and members and know more about how to contribute to OWASP.

'''Specific Session Topic: Details Forthcoming'''

[[Category:OWASP Chapter]]

Columbus

2008-02-16T12:59:35Z

Echo5haiz:

Columbus

2007-12-29T00:48:22Z

Echo5haiz:

Columbus

2007-12-28T12:16:06Z

Echo5haiz:

{{Chapter Template|chaptername=Columbus, OH|extra=The chapter leader is [mailto:HAYESC8(at)nationwide.com Chris Hayes]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-columbus|emailarchives=http://lists.owasp.org/pipermail/owasp-columbus}}

== Local News ==
'''12/28/2007 – NOTICE – The Columbus OWASP chapter is just now getting started!'''
The chapter web page will be updated in the coming weeks with new information. In the meantime, please subscribe to the [http://lists.owasp.org/mailman/listinfo/owasp-columbus mailing list] to get meeting announcements and other chapter updates as they become available. Tentatively, we are targeting our first meeting to occur between late Feb and mid-March 2008. Stay tuned!

[[Category:OWASP Chapter]]

Columbus

2007-12-28T01:55:09Z

Echo5haiz: