This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Los Angeles Presentation Archive"
From OWASP
Sarah Baso (talk | contribs) |
|||
(43 intermediate revisions by 4 users not shown) | |||
Line 1: | Line 1: | ||
This page contains slides from OWASP Los Angeles Chapter Meetings: | This page contains slides from OWASP Los Angeles Chapter Meetings: | ||
+ | ==2018== | ||
+ | * December - | ||
+ | * November - | ||
+ | * October - | ||
+ | * September - Brian Knopf: [https://www.owasp.org/images/6/67/OWASP_LA_Hunting_For_The_Next_IoT-Your_Vulns_Are_Not_A_Paradigm_Shift_Brian_Knopf_2018_09.pdf Hunting for the next IoT - Your Vulns are not a Paradigm Shift] | ||
+ | * August - Jim Manico: Why are we still talking about Cross Site Scripting in 2018? [https://www.owasp.org/images/c/ce/OWASP_LA_The_Last_XSS_Defense_Talk_Jim_Manico_2018_08.pdf The Last XSS Defense Talk] | ||
+ | * July - Kevin Gosschalk: How Bots Decide What You Can Buy and How Much You'll Pay | ||
+ | * June - Anant Kadiyala: Blockchain as Security Mechanism for Real World IoT | ||
+ | * May - Pieter Danheiux: Improving Software Security in an Agile Environment | ||
+ | * April - Jason Patterson: Cloud Security/Containers | ||
+ | * March - Ira Winkler: Incorporating Security Practices into Business Processes | ||
+ | * February - Justin Regele: Better Git Hacking; Extracting “deleted” secrets from Git databases with Grawler | ||
+ | * January - [https://2018.appseccalifornia.org Appsec California 2018] | ||
+ | |||
+ | ==2017== | ||
+ | * December - Joint Holiday Celebration with ISSA-LA & CSA LA: Infosec Trivia Night | ||
+ | * November - Robert Lee: Detect and Contain: [//www.owasp.org/images/a/af/OWASP_LA_Robert_Lee_Combating_Account_Takeover_2017_11.pdf Combating Account Takeover] | ||
+ | * October - Mahesh Babu: [https://www.owasp.org/images/5/5b/OWASP_LA_Struts%2C_OSS_and_You_Mahesh_Babu_2017_10.pdf Struts, OSS & You] | ||
+ | * September - Scott Stender: [https://www.owasp.org/images/0/0e/OWASP_LA_Securely_Deploying_TLS_1.3_Scott_Stender_2017_09.pdf Securely Deploying TLS 1.3] | ||
+ | * August - Mike Milner: Law & Order: Observing and Protecting Web Applications ('''''Coming Soon''''') | ||
+ | * July - David Caissy: [https://www.owasp.org/images/6/6a/OWASP_LA_New_OWASP_Top_10_David_Caissy_2017_07.pdf The New and Improved OWASP Top 10] | ||
+ | * June - Panel Discussion: [[Media:OWASP LA Panel - Produce Secure Software 2017 06.pdf|What DOES it Take to Produce Secure Software]] | ||
+ | * May - Shane MacDougall: [[:Media:OWASP LA Threat Intel Shane MacDougall 2017 05.pdf|Threat Intelligence on the Cheap]]; Stuart Schwartz: [[Media:OWASP LA Security News Stuart Schwartz 2017 05.pdf|Security in the News]] | ||
+ | * April - Jack Mannino: Security In The Land of Microservices ('''''please contact speaker for a copy''''') | ||
+ | * March - Jeff Williams: [[Media: Jeff.Williams 2017-03 OWASP Cali Chapters.pdf | Turning Security into Code with Dynamic Binary Instrumentation]] | ||
+ | * February - Eli Mezei: [[:Media:OWASP LA Hacking Hospitals Eli Mezei 2017 02.pdf|Hacking Healthcare]] | ||
+ | * January - [https://2017.appseccalifornia.org Appsec California 2017] | ||
+ | |||
+ | ==2016== | ||
+ | * December - | ||
+ | * November - | ||
+ | * October - | ||
+ | * September - | ||
+ | * August - | ||
+ | * July - | ||
+ | * June - | ||
+ | * May - | ||
+ | * April - | ||
+ | * March - | ||
+ | * February - | ||
+ | * January - | ||
+ | |||
+ | ==2015== | ||
+ | * December - | ||
+ | * November - | ||
+ | * October - | ||
+ | * September - | ||
+ | * August - | ||
+ | * July - | ||
+ | * June - | ||
+ | * May - | ||
+ | * April - | ||
+ | * March - Jeff Williams: [[Media: Jeff.Williams_2015-03_OWASP_Cali_Chapters.pdf | Why Your AppSec Experts Are Killing You]] | ||
+ | * February - | ||
+ | * January - | ||
+ | |||
+ | ==2014== | ||
+ | * December - | ||
+ | * November - | ||
+ | * October - Virginia Mushkatblat: [[Media:OWASP_virginia.talk.pptx | Data Privacy Emerging Technologies]] | ||
+ | * September - | ||
+ | * August - | ||
+ | * July - | ||
+ | * June - | ||
+ | * May - | ||
+ | * April - Jeff Williams: [[Media:2014-04OWASPSoCalContinuous1.pptx| Stop Chasing Vulnerabilities – Getting Started with Continuous Application Security PPTX]] | ||
+ | * March - | ||
+ | * February - | ||
+ | * January - | ||
+ | |||
+ | ==2013== | ||
+ | * December - | ||
+ | * November - | ||
+ | * October - | ||
+ | * September - | ||
+ | * August - | ||
+ | * July - Edward Bonver: [[Media:Security of Mobile Ad Hoc and Wireless Sensor Networks.pdf| Security_of_Mobile_Ad_Hoc_and_Wireless_Sensor_Networks PDF]] | ||
+ | * June - | ||
+ | * May - | ||
+ | * April - | ||
+ | * March - | ||
+ | * February - | ||
+ | * January - | ||
+ | |||
+ | ==2012== | ||
+ | * January - Robert Zigweid: Security in the Cloud | ||
+ | |||
+ | <p></p> | ||
==2011== | ==2011== | ||
− | + | * June - Brian Chess: [[Media:Gray,_the_new_black.pptx|Gray, the new Black: Gray-Box Web Vulnerability Testing pptx]] | |
− | + | * May - Justin Collins: [[Media:Justin Collins-OWASPLA-Brakeman.pdf| Automated Detection of Security Flaws in Ruby on Rails Code]] | |
− | + | * April - Bryan Sullivan: NoSQL Security | |
− | + | * March - Liam O Murchu: STUXNET | |
− | + | * February - Scott Sutherland: Database Security in the Real World | |
− | + | * January - Samy Kamkar: [http://samy.pl/evercookie/ Evercookie: the Persistent Cookie] | |
− | * June | ||
− | * May | ||
− | * April | ||
− | * March | ||
− | * February | ||
− | * January | ||
− | |||
==2010== | ==2010== | ||
− | + | * December - Brian Robison and Sven Schrecker: Deep Dive into Web Application Scanning | |
− | * December | + | * November - Al Huizenga and Kyle Adams: Baking It In: Abuse-Resistant Web Applications |
− | * November | + | * October - Todd Calvert: Identity Management: federation and authorization |
− | * October | + | * October - Manoranjan (Mano) Paul: Sharks and Security |
− | * September | + | * September - Mike O. Villegas: Secure Coding Practices and Procedures, and Threat Modeling |
− | * August | + | * September - Edward Bonver: Threat Modeling at Symantec |
− | * July | + | * August - Dr. Jelena Mirkovic: DETER Project: Scientific, Safe and Simple CyberSecurity Research |
− | * June | + | * July - Samy Kamkar: How I Met Your Girlfriend: Entirely New Classes of Web Attacks |
− | * May | + | * June - Brendan Bellina: Shibboleth implementation at USC |
− | * April | + | * May - Neil Matatall: OWASP Top 10 and Enterprise Security API (ESAPI) |
− | * March | + | * April - Mike Bailey and Mike Murray: The intersection of social and technical attacks in Web 2.0 applications |
− | * February | + | * March - Michael Schrenk: BOOK PREVIEW: Webbots, Spiders, and Screen Scrapers SECOND EDITION |
− | * January | + | * February - Alex Stamos: Cloud Computing Security: Raining on the Trendy New Parade |
+ | * January - David M. N. Bryan: Do VLANs allow for good application security? | ||
==2009== | ==2009== | ||
− | *December - Michael Sutton: [[Media: | + | *December - Michael Sutton: [[Media:Sutton - Pulling The Plug-Security Risks in Next Generation Offline Web Apps - OWASP LA OC.pdf|Pulling the Plug: Security Risks in the Next Generation of Offline Web Applications PDF]] |
− | *November - Brian Chess: [[Media: | + | *November - Brian Chess: [[Media:Watching software run 11.18.09.pptx| Watching Software Run pptx]] |
− | * October - Shankar Subramaniyan: [[Media: | + | * October - Shankar Subramaniyan: [[Media:ISO27001 OWASPLA Shankar 10212009.pdf|Enabling Compliance Requirements using Information Security Management System (ISMS) Framework (ISO27001) PDF]] |
* September - Marco Morana and Tony UcedaVelez: The Rise of Threat Analysis and the Fall of Compliance, Policies, and Standards in mitigating Web Application Security Risks | * September - Marco Morana and Tony UcedaVelez: The Rise of Threat Analysis and the Fall of Compliance, Policies, and Standards in mitigating Web Application Security Risks | ||
* August - Matt Tesauro: OWASP Live CD Demo and Q&A | * August - Matt Tesauro: OWASP Live CD Demo and Q&A | ||
Line 43: | Line 125: | ||
* June - Mikhael Felker: Information Warfare: Past, Present and Future | * June - Mikhael Felker: Information Warfare: Past, Present and Future | ||
* May - Jeremiah Grossman: [http://video.google.com/videoplay?docid=2875886330538461390 Top Ten Web Hacking Techniques of 2008] | * May - Jeremiah Grossman: [http://video.google.com/videoplay?docid=2875886330538461390 Top Ten Web Hacking Techniques of 2008] | ||
− | * April - David Campbell: [[Media: | + | * April - David Campbell: [[Media:DC ED OWASP XSS MAY2008 v1.0.pdf| XSS, Exploits and Defenses PDF]] |
* March - NETWORK SECURITY DINNER WITH ISSA - CISO'S Security Dashboard Panel | * March - NETWORK SECURITY DINNER WITH ISSA - CISO'S Security Dashboard Panel | ||
− | * February - Alex Stamos: [[Media: | + | * February - Alex Stamos: [[Media:Cloud Computing Security.pdf| Cloud Computing and Security PDF]] |
* January - Ben Walther: Building Security into the Test Organization | * January - Ben Walther: Building Security into the Test Organization | ||
==2008== | ==2008== | ||
− | + | * December - Samy Kamkar: [[Media:OWASP-WASCAppSec2007SanJose SamyWorm.ppt| The MySpace Worm ppt]] | |
− | * December - Samy Kamkar: [[Media:OWASP- | ||
* November - Stephan Chenette: A new web attack vector: Script Fragmentation | * November - Stephan Chenette: A new web attack vector: Script Fragmentation | ||
* October - Jonathan Gershater: Entitlements Management: Security and policies for SOA using XML appliances | * October - Jonathan Gershater: Entitlements Management: Security and policies for SOA using XML appliances | ||
* September - Ryan C. Barnett: The Web Hacking Incident Database (WHID) 2007 Report | * September - Ryan C. Barnett: The Web Hacking Incident Database (WHID) 2007 Report | ||
* August - Jeff Williams: Don't Write Your Own Security Code | * August - Jeff Williams: Don't Write Your Own Security Code |
Latest revision as of 04:31, 3 October 2018
This page contains slides from OWASP Los Angeles Chapter Meetings:
2018
- December -
- November -
- October -
- September - Brian Knopf: Hunting for the next IoT - Your Vulns are not a Paradigm Shift
- August - Jim Manico: Why are we still talking about Cross Site Scripting in 2018? The Last XSS Defense Talk
- July - Kevin Gosschalk: How Bots Decide What You Can Buy and How Much You'll Pay
- June - Anant Kadiyala: Blockchain as Security Mechanism for Real World IoT
- May - Pieter Danheiux: Improving Software Security in an Agile Environment
- April - Jason Patterson: Cloud Security/Containers
- March - Ira Winkler: Incorporating Security Practices into Business Processes
- February - Justin Regele: Better Git Hacking; Extracting “deleted” secrets from Git databases with Grawler
- January - Appsec California 2018
2017
- December - Joint Holiday Celebration with ISSA-LA & CSA LA: Infosec Trivia Night
- November - Robert Lee: Detect and Contain: Combating Account Takeover
- October - Mahesh Babu: Struts, OSS & You
- September - Scott Stender: Securely Deploying TLS 1.3
- August - Mike Milner: Law & Order: Observing and Protecting Web Applications (Coming Soon)
- July - David Caissy: The New and Improved OWASP Top 10
- June - Panel Discussion: What DOES it Take to Produce Secure Software
- May - Shane MacDougall: Threat Intelligence on the Cheap; Stuart Schwartz: Security in the News
- April - Jack Mannino: Security In The Land of Microservices (please contact speaker for a copy)
- March - Jeff Williams: Turning Security into Code with Dynamic Binary Instrumentation
- February - Eli Mezei: Hacking Healthcare
- January - Appsec California 2017
2016
- December -
- November -
- October -
- September -
- August -
- July -
- June -
- May -
- April -
- March -
- February -
- January -
2015
- December -
- November -
- October -
- September -
- August -
- July -
- June -
- May -
- April -
- March - Jeff Williams: Why Your AppSec Experts Are Killing You
- February -
- January -
2014
- December -
- November -
- October - Virginia Mushkatblat: Data Privacy Emerging Technologies
- September -
- August -
- July -
- June -
- May -
- April - Jeff Williams: Stop Chasing Vulnerabilities – Getting Started with Continuous Application Security PPTX
- March -
- February -
- January -
2013
- December -
- November -
- October -
- September -
- August -
- July - Edward Bonver: Security_of_Mobile_Ad_Hoc_and_Wireless_Sensor_Networks PDF
- June -
- May -
- April -
- March -
- February -
- January -
2012
- January - Robert Zigweid: Security in the Cloud
2011
- June - Brian Chess: Gray, the new Black: Gray-Box Web Vulnerability Testing pptx
- May - Justin Collins: Automated Detection of Security Flaws in Ruby on Rails Code
- April - Bryan Sullivan: NoSQL Security
- March - Liam O Murchu: STUXNET
- February - Scott Sutherland: Database Security in the Real World
- January - Samy Kamkar: Evercookie: the Persistent Cookie
2010
- December - Brian Robison and Sven Schrecker: Deep Dive into Web Application Scanning
- November - Al Huizenga and Kyle Adams: Baking It In: Abuse-Resistant Web Applications
- October - Todd Calvert: Identity Management: federation and authorization
- October - Manoranjan (Mano) Paul: Sharks and Security
- September - Mike O. Villegas: Secure Coding Practices and Procedures, and Threat Modeling
- September - Edward Bonver: Threat Modeling at Symantec
- August - Dr. Jelena Mirkovic: DETER Project: Scientific, Safe and Simple CyberSecurity Research
- July - Samy Kamkar: How I Met Your Girlfriend: Entirely New Classes of Web Attacks
- June - Brendan Bellina: Shibboleth implementation at USC
- May - Neil Matatall: OWASP Top 10 and Enterprise Security API (ESAPI)
- April - Mike Bailey and Mike Murray: The intersection of social and technical attacks in Web 2.0 applications
- March - Michael Schrenk: BOOK PREVIEW: Webbots, Spiders, and Screen Scrapers SECOND EDITION
- February - Alex Stamos: Cloud Computing Security: Raining on the Trendy New Parade
- January - David M. N. Bryan: Do VLANs allow for good application security?
2009
- December - Michael Sutton: Pulling the Plug: Security Risks in the Next Generation of Offline Web Applications PDF
- November - Brian Chess: Watching Software Run pptx
- October - Shankar Subramaniyan: Enabling Compliance Requirements using Information Security Management System (ISMS) Framework (ISO27001) PDF
- September - Marco Morana and Tony UcedaVelez: The Rise of Threat Analysis and the Fall of Compliance, Policies, and Standards in mitigating Web Application Security Risks
- August - Matt Tesauro: OWASP Live CD Demo and Q&A
- August - Pravir Chandra: The Software Assurance Maturity Model (SAMM)
- July - David Bryan: Lock picks, BumpKeys, and Hackers oh my! How secure is your application?
- June - Mikhael Felker: Information Warfare: Past, Present and Future
- May - Jeremiah Grossman: Top Ten Web Hacking Techniques of 2008
- April - David Campbell: XSS, Exploits and Defenses PDF
- March - NETWORK SECURITY DINNER WITH ISSA - CISO'S Security Dashboard Panel
- February - Alex Stamos: Cloud Computing and Security PDF
- January - Ben Walther: Building Security into the Test Organization
2008
- December - Samy Kamkar: The MySpace Worm ppt
- November - Stephan Chenette: A new web attack vector: Script Fragmentation
- October - Jonathan Gershater: Entitlements Management: Security and policies for SOA using XML appliances
- September - Ryan C. Barnett: The Web Hacking Incident Database (WHID) 2007 Report
- August - Jeff Williams: Don't Write Your Own Security Code