OWASP - User contributions [en]

Detroit

2013-12-04T18:37:57Z

Josh Little:

{{Chapter Template|chaptername=Detroit|extra=The chapter leaders are [mailto:josh.little@owasp.org Josh Little] and [mailto:jwgoerlich@owasp.org J. Wolfgang Goerlich].|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-detroit|emailarchives=http://lists.owasp.org/pipermail/owasp-detroit}}

== Local News ==

=== Meetings ===

Our next meeting is on '''December 12th'''. That meeting will be held at the First Center Building, 26911 Northwestern Highway
Southfield, MI 48033 starting at 7pm.

This month presenter is Jeremy Neilson (@jeremyneilson) who will be discussing applying SEIM/IDS defenses to web applications:

Susie the Useful SOC Puppet: A blue-team bedtime story.

Susie spends her days looking at logs. Lots and lots of logs. But one day Susie discovered there was more to being a SOC puppet than just looking for APT1. Follow Susie and her team of puppets as we cover a couple of real-world attack scenarios and how we can apply our IDS alert findings to securing our vulnerable web applications.

This month's OWASP Meeting Space was provided by:

[[File:VioPoint_Logo.png|link=http://www.viopoint.com]]

=== Previous Meetings ===

March 4th:

* Introductions
* Chapter and OWASP Updates
* Presentation: Will Vandevanter: Amazon S3 Bucket Security
* Discussion and Questions

December 13th:

* Introductions
* Chapter and OWASP Global Updates
* Presentation: Introducing Security into SDLC, Kevin Poniatowski
* Discussion and Questions

'''Video:''' [http://www.youtube.com/watch?v=jH3TfYvraOQ http://www.youtube.com/watch?v=jH3TfYvraOQ]

September 13th:

* Introductions
* Chapter and OWASP Global Updates
* Presentation: Covert Channels and Controls in .NET, J Wolfgang Goerlich
* Discussion and Questions

'''Video:''' [http://www.youtube.com/watch?v=BgpwNeLg3aI Covert Channels and Controls in .NET]

June 14th Agenda:

* Introductions
* Chapter and OWASP Global Updates
* Presentation: SQL Methadone: A guide on not becoming the web equivalent of a gutter punk, Brad McMahon
* Discussion and Questions

March 8th Agenda:

*Introductions
*Overview of OWASP & Chapter Direction
*Presentation: Finding, Exploiting, and Eliminating XSS Flaws, Josh Little
*Discussion and Questions

'''Video:''' [http://youtu.be/k5mEYxn9ehs XSS Files Video] <-- Note: The audio did not come out that clear in this recording. We apologize for that.

'''Slides:''' [http://michsec.org/wp-content/uploads/2012/03/OWASP-XSS.pptx XSS Files PPTX]

===Social Media===

To keep up with the Detroit Chapter, please subscribe to our mailing list above. You can also follow us on Twitter ([https://twitter.com/#!/OWASPDetroit @OWASPDetroit]).

[[Category:OWASP Chapter]]
[[Category:Michigan]]

File:VioPoint Logo.png

2013-12-04T18:36:04Z

Josh Little:

Detroit

2013-03-05T16:35:19Z

Josh Little:

{{Chapter Template|chaptername=Detroit|extra=The chapter leaders are [mailto:josh.little@owasp.org Josh Little] and [mailto:jwgoerlich@owasp.org J. Wolfgang Goerlich].|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-detroit|emailarchives=http://lists.owasp.org/pipermail/owasp-detroit}}

== Local News ==

=== Meetings ===

Our next meeting is on '''March 14th'''. That meeting will again be held at Liberty Center One, 4815 Delemere Avenue, Royal Oak starting at 7pm.

This month we've got some hot topics that our presenter isn't even able to talk about yet! Will Vandevanter will be presenting on some original research surronding Amazon's S3 services. What he can say is:

"This presentation will discuss a recent research project analyzing Amazon S3 Bucket security. It will review common misconfigurations ultimately leading to large amounts of exposed data along with best practice for securing data in the Amazon S3 cloud."

Will Vandevanter is a Lead Penetration Tester at Rapid7. He enjoys a good web app pen test and beers of the cold variety. He has previously spoken at Defcon, BSides, SOURCE, and local meetups. He'll be going us over the magic of modern telecommunications. This event WILL NOT be recorded, so see it or regret it.

'''Workshop''': On March 16th, as part of the MiSec/OWASP Detroit monthly workshop series, Josh Little will be presenting an hands-on workshop on the basics of web application assessment. Registration is required (and limited), but the workshop itself is free. Registration is available at [http://www.eventbrite.com/event/5680869634 Eventbrite].

=== Previous Meetings ===

December 13th:

* Introductions
* Chapter and OWASP Global Updates
* Presentation: Introducing Security into SDLC, Kevin Poniatowski
* Discussion and Questions

'''Video:''' [http://www.youtube.com/watch?v=jH3TfYvraOQ http://www.youtube.com/watch?v=jH3TfYvraOQ]

September 13th:

* Introductions
* Chapter and OWASP Global Updates
* Presentation: Covert Channels and Controls in .NET, J Wolfgang Goerlich
* Discussion and Questions

'''Video:''' [http://www.youtube.com/watch?v=BgpwNeLg3aI Covert Channels and Controls in .NET]

June 14th Agenda:

* Introductions
* Chapter and OWASP Global Updates
* Presentation: SQL Methadone: A guide on not becoming the web equivalent of a gutter punk, Brad McMahon
* Discussion and Questions

March 8th Agenda:

*Introductions
*Overview of OWASP & Chapter Direction
*Presentation: Finding, Exploiting, and Eliminating XSS Flaws, Josh Little
*Discussion and Questions

'''Video:''' [http://youtu.be/k5mEYxn9ehs XSS Files Video] <-- Note: The audio did not come out that clear in this recording. We apologize for that.

'''Slides:''' [http://michsec.org/wp-content/uploads/2012/03/OWASP-XSS.pptx XSS Files PPTX]

===Social Media===

To keep up with the Detroit Chapter, please subscribe to our mailing list above. You can also follow us on Twitter ([https://twitter.com/#!/OWASPDetroit @OWASPDetroit]).

[[Category:OWASP Chapter]]
[[Category:Michigan]]

Detroit

2012-12-14T14:22:53Z

Josh Little:

{{Chapter Template|chaptername=Detroit|extra=The chapter leaders are [mailto:josh.little@owasp.org Josh Little] and [mailto:jwgoerlich@owasp.org J. Wolfgang Goerlich].|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-detroit|emailarchives=http://lists.owasp.org/pipermail/owasp-detroit}}

== Local News ==

=== Meetings ===

Our next meeting is on '''December 13th'''. That meeting will again be held at Liberty Center One, 4815 Delemere Avenue, Royal Oak starting at 7pm.

This month's speaker is Kevin Poniatowski who will be presenting on integrating security into SDLC processes, for both small and large development teams:

Adding security into your SDLC can be an intimidating task for a development team that is asking, "Where do we start?". This talk will introduce some of the most beneficial security practices that can be added to an SDLC, how they can be implemented within a large or small development team, and describe their time footprint within a development schedule.

Kevin Poniatowski began his information technology career by working for over eleven years as an application developer in the defense industry. Focusing on safety of flight issues for pilots and navigators within our armed forces led him into the application security field where he has spent the last five years teaching application security to developers, testers, and project managers from some of the largest organizations in the world. Kevin is currently the Director of Instructor led Services for Safelight Security.

'''Update:''' The video from the Dec 13th meeting is available at [http://www.youtube.com/watch?v=jH3TfYvraOQ http://www.youtube.com/watch?v=jH3TfYvraOQ]

=== Previous Meetings ===

September 13th:

* Introductions
* Chapter and OWASP Global Updates
* Presentation: Covert Channels and Controls in .NET, J Wolfgang Goerlich
* Discussion and Questions

'''Video:''' [http://www.youtube.com/watch?v=BgpwNeLg3aI Covert Channels and Controls in .NET]

June 14th Agenda:

* Introductions
* Chapter and OWASP Global Updates
* Presentation: SQL Methadone: A guide on not becoming the web equivalent of a gutter punk, Brad McMahon
* Discussion and Questions

March 8th Agenda:

*Introductions
*Overview of OWASP & Chapter Direction
*Presentation: Finding, Exploiting, and Eliminating XSS Flaws, Josh Little
*Discussion and Questions

'''Video:''' [http://youtu.be/k5mEYxn9ehs XSS Files Video] <-- Note: The audio did not come out that clear in this recording. We apologize for that.

'''Slides:''' [http://michsec.org/wp-content/uploads/2012/03/OWASP-XSS.pptx XSS Files PPTX]

===Social Media===

To keep up with the Detroit Chapter, please subscribe to our mailing list above. You can also follow us on Twitter ([https://twitter.com/#!/OWASPDetroit @OWASPDetroit]).

[[Category:OWASP Chapter]]
[[Category:Michigan]]

Detroit

2012-11-30T15:51:34Z

Josh Little:

{{Chapter Template|chaptername=Detroit|extra=The chapter leaders are [mailto:josh.little@owasp.org Josh Little] and [mailto:jwgoerlich@owasp.org J. Wolfgang Goerlich].|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-detroit|emailarchives=http://lists.owasp.org/pipermail/owasp-detroit}}

== Local News ==

=== Meetings ===

Our next meeting is on '''December 13th'''. That meeting will again be held at Liberty Center One, 4815 Delemere Avenue, Royal Oak starting at 7pm.

This month's speaker is Kevin Poniatowski who will be presenting on integrating security into SDLC processes, for both small and large development teams:

Adding security into your SDLC can be an intimidating task for a development team that is asking, "Where do we start?". This talk will introduce some of the most beneficial security practices that can be added to an SDLC, how they can be implemented within a large or small development team, and describe their time footprint within a development schedule.

Kevin Poniatowski began his information technology career by working for over eleven years as an application developer in the defense industry. Focusing on safety of flight issues for pilots and navigators within our armed forces led him into the application security field where he has spent the last five years teaching application security to developers, testers, and project managers from some of the largest organizations in the world. Kevin is currently the Director of Instructor led Services for Safelight Security.

=== Previous Meetings ===

September 13th:

* Introductions
* Chapter and OWASP Global Updates
* Presentation: Covert Channels and Controls in .NET, J Wolfgang Goerlich
* Discussion and Questions

'''Video:''' [http://www.youtube.com/watch?v=BgpwNeLg3aI Covert Channels and Controls in .NET]

June 14th Agenda:

* Introductions
* Chapter and OWASP Global Updates
* Presentation: SQL Methadone: A guide on not becoming the web equivalent of a gutter punk, Brad McMahon
* Discussion and Questions

March 8th Agenda:

*Introductions
*Overview of OWASP & Chapter Direction
*Presentation: Finding, Exploiting, and Eliminating XSS Flaws, Josh Little
*Discussion and Questions

'''Video:''' [http://youtu.be/k5mEYxn9ehs XSS Files Video] <-- Note: The audio did not come out that clear in this recording. We apologize for that.

'''Slides:''' [http://michsec.org/wp-content/uploads/2012/03/OWASP-XSS.pptx XSS Files PPTX]

===Social Media===

To keep up with the Detroit Chapter, please subscribe to our mailing list above. You can also follow us on Twitter ([https://twitter.com/#!/OWASPDetroit @OWASPDetroit]).

[[Category:OWASP Chapter]]
[[Category:Michigan]]

Detroit

2012-10-29T17:05:50Z

Josh Little:

Detroit

2012-08-07T16:50:13Z

Josh Little:

Detroit

2012-08-07T16:47:33Z

Josh Little:

Detroit

2012-05-15T16:42:01Z

Josh Little:

Detroit

2012-05-14T16:47:26Z

Josh Little:

Detroit

2012-03-15T16:27:37Z

Josh Little:

Detroit

2012-02-24T20:49:01Z

Josh Little:

Detroit

2012-02-05T21:42:00Z

Josh Little:

Detroit

2012-01-25T21:37:14Z

Josh Little:

Detroit

2012-01-25T21:33:00Z

Josh Little: