|
|
(22 intermediate revisions by 5 users not shown) |
Line 1: |
Line 1: |
− | {{Chapter Template|chaptername=NY/NJ |extra= | mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-newjersey|emailarchives=http://lists.owasp.org/pipermail/owasp-newjersey}}
| + | = OWASP Northern New Jersey = |
| | | |
− | ==OCTOBER 25th 2007 MEETING==
| + | <h2>[https://www.meetup.com/owaspnycnj/ https://www.owasp.org/images/8/82/Meetup_logo3.jpg] [https://www.meetup.com/owaspnycnj/ New Jersey Chapter] |
− | Full Day, information security summit happening in New Jersey on October 25th. At this all day event, learn from industry experts on topics of information security. There is no charge for this event however <b> YOU MUST RSVP </b> if you are not on the RSVP list or have Photo ID, Verizon Security will NOT PERMIT YOU IN THE BUILDING.
| |
− | | |
− | ===PRIMARY SPONSOR: [http://aboutus.vzw.com/aboutusoverview.html VERIZON WIRELESS]===
| |
− | COSPONSORS: <b>[http://www.mcafee.com McAfee] --- [http://intrepidusgroup.com Intrepidus Group] --- [http://www.accessitgroup.com/services/security.php AccessIT Group] --- [http://www.symantec.com Symantec] --- [http://www.mandiant.com Mandiant] --- [http://www.whitehatsec.com WhiteHat] --- [http://www.cenzic.com Cenzic] </b>
| |
− | | |
− | <b>Meeting Address:</b> 295 N Maple Ave, Basking Ridge, NJ 07920 ~ [http://tinyurl.com/2vuh7f Directions]
| |
− | <b><u>October 25th 8:30am-5:00pm </u></b>
| |
− | | |
− | --
| |
− | | |
− | 8:30am - 9:00am - Security Check-In / Breakfast / TechExpo / Peer-to-Peer Networking ;)
| |
− | | |
− | ---
| |
− | | |
− | 9:00am - 09:30am - What is OWASP? Speakers: <b>Board Members OWASP NYC Metro</b>
| |
− | | |
− | ---
| |
− | | |
− | 09:30am - 10:00am - Keynote Speaker: <b>Renato Delatorre</b>, Verizon
| |
− | | |
− | ---
| |
− | | |
− | 10:30am - 11:30am - TOPIC: <b>Ready...Set...Click </b> We can no longer think about consumer interaction and security as two different topics on opposite ends of the spectrum. They're two very important and very inter-related topics that affect everyone. The speech will describe real world flaws, poorly designed security and what hackers are doing to exploit today's websites. Lastly, it will show some forward thinking mitigation tactics.
| |
− | | |
− | SPEAKER: <b>Robert "RSnake" Hansen</b>
| |
− | Robert has worked in the security industry since the mid 1990s and helped pioneer leading banner advertising and click fraud detection solutions. During his tenure at eBay, Mr. Hansen worked on anti-cross site scripting, anti-phishing, anti-virus and web application intrusion detection and countermeasures and was directly responsible for the company's entire authentication architecture. For many years he ran the managed security services product lines for Cable & Wireless. He has spoken at Blackhat, Microsoft's Bluehat, the Rotary, OWASP, the Gartner security round table and at Networld+Interop. He is a member of WASC, OWASP, ISC2, APWG and ISSA.
| |
− | | |
− | ---
| |
− | | |
− | 11:45 - 12:15pm - TOPIC: <b>Dig Your Own Hole: 12 Ways to Go Wrong with Java Security</b> This session explores 12 of the most common security traps in Java. This session doesn’t include a review of 10–year–old guidelines for writing secure applets with JDK 1.1. Instead, it looks at causes of security failures in modern Java–based applications. Approaching security with an “outside in” style, it looks at vulnerabilities from a developer’s perspective, focusing on the source code.
| |
− | | |
− | SPEAKER: <b>Eric Cabetas</b>
| |
− | | |
− | ---
| |
− | | |
− | 12:15pm - 1:00pm LUNCH / Peer-to-Peer Networking / RAFFLES
| |
− | | |
− | ---
| |
− | | |
− | 1:00pm - 1:30pm TOPIC: <b>Network Based Infection Detection</b> This talk will focus on new techniques developed at Polytechnic as a research project.
| |
− | | |
− | SPEAKER: <b>Professor Nasir Memon </b> Department of Computer and Information Science of Polytechnic Univ.
| |
− | | |
− | ---
| |
− | | |
− | 1:45pm - 2:15pm TOPIC: <b>Mobile Phone Security: Past, Present, and Future</b>
| |
− | | |
− | SPEAKER: <b>Corey Benninger</b>
| |
− | | |
− | ---
| |
− | | |
− | 2:30pm - 3:00 TOPIC: <b>VOIP - Can you hear me now?</b> This talk will focus on VOIP and its security. This talk will educate you concerning SIP and scare you at the same time ;) as seen by many at Blackhat 2007'
| |
− | | |
− | SPEAKER: <b>Paul Rohmeyer Ph.D.</b>
| |
− | | |
− | ---
| |
− | | |
− | 3:15 - 3:45pm TOPIC: <b>Cutting Edge Application Analysis</b> New techniques to test web applications will be discussed
| |
− | | |
− | SPEAKER: <b> Frank Gardner </b>
| |
− | | |
− | ---
| |
− | | |
− | 4:00 - 4:30pm TOPIC: <b>Web Application Threats</b> This talk will demostrate application security falws (hehe) commonly found in web applications and the reasons for them. SQL Injection, Cross Site Scripting and more as outlined in the [http://www.owasp.org/index.php/Top_10_2007 OWASP-Top 10]
| |
− | | |
− | SPEAKER: <b>Dennis Hurst</b>
| |
− | | |
− | ---
| |
− | | |
− | 4:45 - 5:15pm TOPIC: <b>BS7799/ISO17799/ISO27001 What is it... Why do you care?</b> Organizations may be certified compliant with ISO 27001 by a number of accredited certification bodies worldwide. Certification against any of the recognized national variants of ISO 27001 (e.g. the Japanese version) by an accredited certification body is functionally equivalent to certification against ISO 27001 itself. Certification audits are usually led/conducted by ISO 27001 Lead Auditors.
| |
− | | |
− | SPEAKER: <b>Mahi Dontamsetti</b>
| |
− | | |
− | <b><CENTER> [http://fs7.formsite.com/OWASP/form185709121/index.html RSVP NOW] </CENTER></b>
| |
− | | |
− | <hr>
| |
− | | |
− | To submit educational topic for upcoming meeting please provide submit your powerpoint using the [http://www.owasp.org/images/5/54/Presentation_template.ppt OWASP Template] and include a speaker BIO. If you wish to become a sponsor or co-sponsor please click on one of the below email addresses of our active board members.
| |
− | | |
− | = NY/NJ OWASP Chapter Leaders =
| |
− | <ul>
| |
− | Officers
| |
− | *<b>President:</b> [mailto:jinxpuppy(at)gmail.com Tom Brennan]
| |
− | *<b>Vice President:</b> [mailto:pperfetti(at)nba.com Pete Perfetti]
| |
− | *<b>Secretary:</b> [mailto:santoniewicz(at)net2s.com Steve Antoniewicz]
| |
− | *<b>Treasurer:</b> [mailto:mdontamsetti(at)gmail.com Mahi Dontamsetti]
| |
− | Board of Directors
| |
− | *<b>Board Member:</b> [mailto:tom.ryan(at)providesecurity.com Tom Ryan]
| |
− | *<b>Board Member:</b> [mailto:pstern100(at)gmail.com Peter Stern]
| |
− | *<b>Board Member:</b> [mailto:KReiter(at)insidefsi.net Kevin Reiter]
| |
− | *<b>Board Member:</b> [mailto:BrianPei(at)yahoo.com Brian Peister]
| |
− | *<b>Board Member:</b> [mailto:dougshin(at)gmail.com Douglas Shin]
| |
− | Educational Advisors
| |
− | *<b>New Jersey Institute of Technology:</b> [mailto:oe2(at)njit.edu Osama Eljabiri]
| |
− | *<b>Polytechnic University:</b> [mailto:memon(at)poly.edu Nasir Memon]
| |
− | </ul>
| |
− | | |
− | | |
− | The chapter mailing address is:
| |
− | | |
− | NY/NJ Metro OWASP
| |
− | 759 Bloomfield Ave #172
| |
− | West Caldwell, New Jersey 07006 <br>
| |
− | 973-202-0122
| |
− | <br>
| |
− | <br>
| |
− | [https://fs7.formsite.com/OWASP/form945832292/secure_index.html ONLINE PAYMENT OWASP NYC]
| |
− | <br>
| |
− | <br>
| |
− | <br>
| |
− | <br>
| |
− | <br>
| |
− | <br>
| |
− | <br>
| |
− | <br>
| |
− | <br>
| |
− | <br>
| |
− | <br>
| |
− | [http://www.proactiverisk.com ~]
| |