|
|
| Line 8: |
Line 8: |
| | =2007 MEETINGS= | | =2007 MEETINGS= |
| | | | |
| − | ==APRIL 17th 6pm-9pm EST== | + | ==April 8, Sunday, 10:30am-12:00pm EST== |
| | '''WHERE''' | | '''WHERE''' |
| − |
| |
| − | [http://www.ubs.com UBS] - 499 Washington Ave, Jersey City, NJ [http://tinyurl.com/2k9hnt DIRECTIONS]
| |
| − |
| |
| − | April Event Sponsors: [http://www.whitehatsec.com White Hat Security], [http://www.accessitgroup.com AccessIT Group], [http://www.ubs.com UBS], [http://www.xceedium.com/solutions/Solutions_SecurityContainment.php Xceedium], [http://en.wikipedia.org/wiki/Sponsor Your Company Here], [http://en.wikipedia.org/wiki/Sponsor Your Company Here]
| |
| − |
| |
| − | '''AGENDA'''
| |
| − |
| |
| − | <b><u>6:00pm - 7:00pm Speaker:</u> Marc Maiffret, Founder/CTO & Chief Hacking Officer </b>[http://www.eeye.com eEye Digital Security] As eEye Digital Security’s Co-Founder/CTO and Chief Hacking Officer, Marc Maiffret has been a driving force in the vision and continuous innovation for eEye’s product development and vulnerability research efforts since the company’s inception in 1998. Long regarded as a security expert and thought leader in vulnerability assessment and endpoint security, Marc Maiffret also leads the efforts of eEye’s world renowned Research Team. In addition, Mr. Maiffret speaks regularly on the state of security across the globe, including several appearances before Congress, where he has testified on information policies and security threats posed to both public and private infrastructures. Mr. Maiffret’s role in vulnerability research, education and product innovation has been reflected in the numerous awards and distinguishments that eEye Digital Security continuously receives.
| |
| − |
| |
| − | <b>Abstract: “It’s More Than a Microsoft World.”</b>
| |
| − | In his presentation, he will discuss the state of security and the changing nature of threats as he details why, Software vendors such as Microsoft, Apple, Symantec, IBM and McAfee are increasingly plagued with critical exploits and zero-day attacks. As the window of remediation decreases and the attack target widens, security response teams fall short of the finish line, leaving millions of users vulnerable. Mr. Maiffret will explain the evolution of attack vectors and their impact on the nature of security, the challenge facing software vendors and the overall impact this cycle of events has on network security professionals today.
| |
| − |
| |
| − | --
| |
| − |
| |
| − | <b><u>7:00 - 8:00pm Speaker Tom Brennan </u> - NY/NJ OWASP Metro President/AccessIT Group Risk Practice Manager - [http://www.accessitgroup.com AccessIT]</b>. Tom Brennan specializes in providing business risk assessments and penetration testing of critical IT infrastructures. His technical focus includes web application, VOIP and Wireless. Tom’s assessment methodology is based on the National Security Agency INFOSEC Assessment Methodology and the Open Source Security Testing Methodology Manual (OSSTMM). Tom is has been featured on NYC Channel 5, Channel 7 as a subject matter security expert
| |
| − |
| |
| − | <b>Abstract: OWASP Version 2 Testing Guide</b>
| |
| − | This talk will discuss the co-authored release of the new OWASP Testing Guide. The open-source (free) goal was to create a "best practices" penetration testing framework which users can implement in their own organizations and a "low level" penetration testing guide that describes how to find certain issues. [http://www.owasp.org/index.php/Image:OWASP_Testing_Guide_v2_pdf.zip Get Your Copy NOW]
| |
| − | Tom will also discuss the OWASP chapter goals for 2007 and results of the 2007 member survey.
| |
| − |
| |
| − | --
| |
| − |
| |
| − | <b><u>8:00pm - 9:00pm Speaker</u> Jeremiah Grossman, Founder/CTO - [http://www.whitehatsec.com White Hat]</b>
| |
| − | Mr. Grossman founded WhiteHat Security in 2001. Prior to WhiteHat, Mr. Grossman was an information security officer at Yahoo! responsible for performing security reviews on the company's hundreds of web applications. As one of the world's busiest web properties, with over 17,000 web servers for customer access and 600 web applications, the highest level of security was required. Before Yahoo!, Mr. Grossman worked for Amgen, Inc.
| |
| − |
| |
| − | <b>Abstract: “HACKING INTRANET WEBSITES FROM THE OUTSIDE” </b>
| |
| − | This hour-long presentation will feature Jeremiah Grossman, WhiteHat Security Founder and CTO.
| |
| − | Mr. Grossman will demonstrate: How a user is first infected or attacked using a malicious Web page or Cross-Site Scripting vulnerability; How a Web browser can be completely controlled or monitored remotely. How a Web browser can be used as a stepping stone to perform network reconnaissance on internal networks; and,
| |
| − | How to exploit internal machines using a compromised Web browser
| |
| − |
| |
| − | --
| |
| − |
| |
| − | After the event you are invited to walk several doors down to <b>Dorrians Tavern</b> where we will continue networking with your industry peers over a pint. "Cheers"
| |
| − |
| |
| − | [http://tinyurl.com/2k9hnt DIRECTIONS]
| |
| − |
| |
| − | For Mass transit, the Pavonia Ave Path stop is across the street and the
| |
| − | Pavonia / Newport Mall Light Rail is behind the building.
| |
| − |
| |
| − | Driving Directions to Newport
| |
| − |
| |
| − | From Holland Tunnel - At the first light out of the Tunnel, make a right
| |
| − | (by the Gas Station). At the next light, make a right onto 18th Street.
| |
| − | 18th Street will turn into Washington Boulevard. At the fourth light,
| |
| − | make a right onto 6th Street. Take the next right onto Mall Drive East.
| |
| − | Open parking lot is straight ahead.
| |
| − |
| |
| − | From Lincoln Tunnel - Upon exiting the Tunnel, immediately get into the
| |
| − | far right lane. Follow the Hoboken exit sign and ramp. At the first
| |
| − | light, the street becomes Willow Avenue. Continue straight through the
| |
| − | light. Proceed on Willow Avenue for approximately 1.5 miles. Continue to
| |
| − | the end. Turn right onto Observer Highway. At the first light, Henderson
| |
| − | Avenue, turn left. Stay on Henderson Avenue, under rail tracks, at first
| |
| − | light, 18th Street, turn left. Continue on 18th Street which turns into
| |
| − | Washington Boulevard.
| |
| − |
| |
| − | From New Jersey Turnpike - Take the NJ Turnpike to exit 14C, the Holland
| |
| − | Tunnel. After the toll, continue toward the Holland Tunnel. At the
| |
| − | bottom of the ramp, turn right onto Jersey Avenue. Then immediately bear
| |
| − | left up Newport Centre Mall ramp. Follow signs to the Parking Garage.
| |
| − |
| |
| − | From Garden State Parkway North - Exit at Route 22 Eastbound Exit 140.
| |
| − | Stay on Route 22 East until Route 1&9 North onto the Pulaski Skyway. At
| |
| − | the bottom of ramp, coming off Skyway going to the Holland Tunnel turn
| |
| − | right. Immediately bear left up the ramp to Newport Centre Mall.
| |
| − |
| |
| − | From Garden State Parkway South - Exit at Parkway at Exit 145 onto Route
| |
| − | 280 East. Stay on Route 280 until it ends. Then take Route 508 towards
| |
| − | Jersey City. Route 508 joins Route 7, then after crossing bridges at the
| |
| − | first traffic circle follow Route 1&9 North to Holland Tunnel. At the
| |
| − | bottom of the ramp, turn right onto Jersey Avenue. Then bear to your
| |
| − | left up the ramp to Newport Centre.
| |
| − |
| |
| − | From Route 3 (Eastbound) - Follow Route 3 towards Lincoln Tunnel/NYC.
| |
| − | Stay in the far right lane. Exit at the Weehawken/Hoboken Exit ramp. Go
| |
| − | through first traffic light bear slightly right to proceed down the
| |
| − | hill. At the botton of the hill bear right again proceeding on the
| |
| − | Boulevard. Follow to the end and make a right onto 14th Street. Then
| |
| − | make the first left onto Willow Ave. Proceed on Willow Avenue for
| |
| − | approximately 1.5 miles. Continue to the end. Turn right onto Observer
| |
| − | Highway. At the first light, Henderson Avenue, turn left. Stay on
| |
| − | Henderson Avenue, under rail tracks, at first light, 18th Street, turn
| |
| − | left. Continue on 18th Street which turns into Washington Boulevard.
| |
| − | Stay in right lane and continue on into Newport Centre Mall Parking
| |
| − | Garage.
| |
| − |
| |
| − | From George Washington Bridge - Follow the sign off the bridge for NJ
| |
| − | Turnpike South. Take NJ Turnpike to Route 78 East, Exit 14-14C. Exit
| |
| − | main Turnpike onto Route 78 East for 14C-Holland Tunnel. After the toll
| |
| − | at 14C continue towards the Holland Tunnel. At the bottom of the ramp
| |
| − | going to the Holland Tunnel Plaza, at first light, make right onto
| |
| − | Jersey Avenue. Then immediately bear left up the ramp to Newport Centre
| |
| − | Mall.
| |
| − |
| |
| − | <hr>
| |
| − |
| |
| − | ==JUNE==
| |
| − | '''WHERE'''
| |
| − | TBD [http://maps.google.com DIRECTIONS] - [http://fs19.formsite.com/NJOWASP/RSVP RSVP]
| |
| − |
| |
| − | '''TOPICS'''
| |
| − |
| |
| − | Topic: TBD - Speaker TBD - [mailto:jinxpuppy(at)gmail.com SUBMIT TALK OUTLINE + SPEAKER BIO]
| |
| − |
| |
| − | Topic: TBD - Speaker TBD - [mailto:jinxpuppy(at)gmail.com SUBMIT TALK OUTLINE + SPEAKER BIO]
| |
| − |
| |
| − | Topic: TBD - Speaker TBD - [mailto:jinxpuppy(at)gmail.com SUBMIT TALK OUTLINE + SPEAKER BIO]
| |
| − |
| |
| − | <hr>
| |
| − |
| |
| − | ==SEPTEMBER==
| |
| − | '''WHERE'''
| |
| − | TBD [http://maps.google.com DIRECTIONS] - [http://fs19.formsite.com/NJOWASP/RSVP RSVP]
| |
| − |
| |
| − | '''TOPICS'''
| |
| − |
| |
| − | Topic: TBD - Speaker TBD - [mailto:jinxpuppy(at)gmail.com SUBMIT TALK OUTLINE + SPEAKER BIO]
| |
| − |
| |
| − | Topic: TBD - Speaker TBD - [mailto:jinxpuppy(at)gmail.com SUBMIT TALK OUTLINE + SPEAKER BIO]
| |
| − |
| |
| − | Topic: TBD - Speaker TBD - [mailto:jinxpuppy(at)gmail.com SUBMIT TALK OUTLINE + SPEAKER BIO]
| |
| − |
| |
| − | <hr>
| |
| − |
| |
| − | ==NOVEMBER==
| |
| − | '''WHERE'''
| |
| − | TBD [http://maps.google.com DIRECTIONS] - [http://fs19.formsite.com/NJOWASP/RSVP RSVP]
| |
| − |
| |
| − | '''TOPICS'''
| |
| − |
| |
| − | Topic: TBD - Speaker TBD - [mailto:jinxpuppy(at)gmail.com SUBMIT TALK OUTLINE + SPEAKER BIO]
| |
| − |
| |
| − | Topic: TBD - Speaker TBD - [mailto:jinxpuppy(at)gmail.com SUBMIT TALK OUTLINE + SPEAKER BIO]
| |
| − |
| |
| − | Topic: TBD - Speaker TBD - [mailto:jinxpuppy(at)gmail.com SUBMIT TALK OUTLINE + SPEAKER BIO]
| |
| − |
| |
| − | <hr>
| |
| − |
| |
| − | The chapter mailing address is:
| |
| − | NY/NJ Metro OWASP
| |
| − | 759 Bloomfield Ave #172
| |
| − | West Caldwell, New Jersey 07006
| |
| − | General: 973-202-0122
| |
| − | | |
| − |
| |
| − | ==Sponsors==
| |
| − | [[Image:Proginet_logo_color.gif]]
| |
| − | [[http://www.proginet.com Proginet Corporation]]
| |
| − |
| |
| − | ==External links==
| |
| − | * [http://www.qualityit.net/Resources/WhitePapers/IEEEP1074-2005-RoadmapForOptimizingSecurityInTheSystemAndSoftwareLifeCycle.pdf IEEE considers security as a software lifecycle development requirement]
| |
| − | * [http://usa.visa.com/download/business/accepting_visa/ops_risk_management/cisp_PCI_Data_Security_Standard.pdf OWASP is a recommended secure coding guideline in PCI DSS]
| |
| − | * [http://www.ietf.org/rfc/rfc2828.txt Internet Security Glossary]
| |
| − | * [http://www.cio.com/archive/030107/fea_security.html Bad Neighborhood from CIO magazine]
| |
to this chapter or become a local chapter supporter.
Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? 
