This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Los Angeles Presentation Archive"

From OWASP
Jump to: navigation, search
 
(43 intermediate revisions by 4 users not shown)
Line 1: Line 1:
 
This page contains slides from OWASP Los Angeles Chapter Meetings:
 
This page contains slides from OWASP Los Angeles Chapter Meetings:
  
 +
==2018==
 +
* December -
 +
* November -
 +
* October -
 +
* September - Brian Knopf: [https://www.owasp.org/images/6/67/OWASP_LA_Hunting_For_The_Next_IoT-Your_Vulns_Are_Not_A_Paradigm_Shift_Brian_Knopf_2018_09.pdf Hunting for the next IoT - Your Vulns are not a Paradigm Shift] 
 +
* August - Jim Manico: Why are we still talking about Cross Site Scripting in 2018? [https://www.owasp.org/images/c/ce/OWASP_LA_The_Last_XSS_Defense_Talk_Jim_Manico_2018_08.pdf The Last XSS Defense Talk]
 +
* July - Kevin Gosschalk: How Bots Decide What You Can Buy and How Much You'll Pay
 +
* June - Anant Kadiyala: Blockchain as Security Mechanism for Real World IoT
 +
* May - Pieter Danheiux: Improving Software Security in an Agile Environment
 +
* April - Jason Patterson: Cloud Security/Containers
 +
* March - Ira Winkler: Incorporating Security Practices into Business Processes 
 +
* February - Justin Regele: Better Git Hacking; Extracting “deleted” secrets from Git databases with Grawler
 +
* January - [https://2018.appseccalifornia.org Appsec California 2018]
 +
 +
==2017==
 +
* December - Joint Holiday Celebration with ISSA-LA & CSA LA: Infosec Trivia Night
 +
* November - Robert Lee: Detect and Contain: [//www.owasp.org/images/a/af/OWASP_LA_Robert_Lee_Combating_Account_Takeover_2017_11.pdf Combating Account Takeover]
 +
* October - Mahesh Babu: [https://www.owasp.org/images/5/5b/OWASP_LA_Struts%2C_OSS_and_You_Mahesh_Babu_2017_10.pdf Struts, OSS & You]
 +
* September -  Scott Stender: [https://www.owasp.org/images/0/0e/OWASP_LA_Securely_Deploying_TLS_1.3_Scott_Stender_2017_09.pdf Securely Deploying TLS 1.3]
 +
* August - Mike Milner: Law & Order: Observing and Protecting Web Applications ('''''Coming Soon''''')
 +
* July - David Caissy: [https://www.owasp.org/images/6/6a/OWASP_LA_New_OWASP_Top_10_David_Caissy_2017_07.pdf The New and Improved OWASP Top 10]
 +
* June - Panel Discussion: [[Media:OWASP LA Panel - Produce Secure Software 2017 06.pdf|What DOES it Take to Produce Secure Software]]
 +
* May - Shane MacDougall: [[:Media:OWASP LA Threat Intel Shane MacDougall 2017 05.pdf|Threat Intelligence on the Cheap]]; Stuart Schwartz: [[Media:OWASP LA Security News Stuart Schwartz 2017 05.pdf|Security in the News]]
 +
* April - Jack Mannino: Security In The Land of Microservices ('''''please contact speaker for a copy''''') 
 +
* March -  Jeff Williams: [[Media: Jeff.Williams 2017-03 OWASP Cali Chapters.pdf | Turning Security into Code with Dynamic Binary Instrumentation]]
 +
* February - Eli Mezei: [[:Media:OWASP LA Hacking Hospitals Eli Mezei 2017 02.pdf|Hacking Healthcare]]
 +
* January - [https://2017.appseccalifornia.org Appsec California 2017]
 +
 +
==2016==
 +
* December -
 +
* November -
 +
* October -
 +
* September -
 +
* August -
 +
* July -
 +
* June -
 +
* May -
 +
* April - 
 +
* March -
 +
* February -
 +
* January -
 +
 +
==2015==
 +
* December -
 +
* November -
 +
* October -
 +
* September -
 +
* August -
 +
* July -
 +
* June -
 +
* May -
 +
* April - 
 +
* March -  Jeff Williams: [[Media: Jeff.Williams_2015-03_OWASP_Cali_Chapters.pdf | Why Your AppSec Experts Are Killing You]]
 +
* February -
 +
* January -
 +
 +
==2014==
 +
* December -
 +
* November -
 +
* October - Virginia Mushkatblat: [[Media:OWASP_virginia.talk.pptx | Data Privacy Emerging Technologies]]
 +
* September -
 +
* August -
 +
* July -
 +
* June -
 +
* May -
 +
* April - Jeff Williams: [[Media:2014-04OWASPSoCalContinuous1.pptx| Stop Chasing Vulnerabilities – Getting Started with Continuous Application Security PPTX]]
 +
* March -
 +
* February -
 +
* January -
 +
 +
==2013==
 +
* December -
 +
* November -
 +
* October -
 +
* September -
 +
* August -
 +
* July - Edward Bonver: [[Media:Security of Mobile Ad Hoc and Wireless Sensor Networks.pdf| Security_of_Mobile_Ad_Hoc_and_Wireless_Sensor_Networks PDF]]
 +
* June -
 +
* May -
 +
* April -
 +
* March -
 +
* February -
 +
* January -
 +
 +
==2012==
 +
* January - Robert Zigweid:  Security in the Cloud
 +
 +
<p></p>
 
==2011==
 
==2011==
  
* December
+
* June - Brian Chess:  [[Media:Gray,_the_new_black.pptx‎|Gray, the new Black: Gray-Box Web Vulnerability Testing pptx]]
* November
+
* May - Justin Collins:  [[Media:Justin Collins-OWASPLA-Brakeman.pdf| Automated Detection of Security Flaws in Ruby on Rails Code]]
* October
+
* April - Bryan Sullivan: NoSQL Security
* September
+
* March -  Liam O Murchu: STUXNET
* August
+
* February - Scott Sutherland: Database Security in the Real World
* July
+
* January - Samy Kamkar: [http://samy.pl/evercookie/ Evercookie: the Persistent Cookie]
* June
 
* May
 
* April
 
* March
 
* February
 
* January
 
 
 
  
 
==2010==
 
==2010==
 
+
* December - Brian Robison and Sven Schrecker: Deep Dive into Web Application Scanning
* December
+
* November - Al Huizenga and Kyle Adams: Baking It In: Abuse-Resistant Web Applications
* November
+
* October - Todd Calvert: Identity Management: federation and authorization
* October
+
* October - Manoranjan (Mano) Paul: Sharks and Security
* September
+
* September - Mike O. Villegas: Secure Coding Practices and Procedures, and Threat Modeling
* August
+
* September - Edward Bonver: Threat Modeling at Symantec
* July
+
* August - Dr. Jelena Mirkovic: DETER Project: Scientific, Safe and Simple&nbsp;CyberSecurity Research
* June
+
* July - Samy Kamkar:  How I Met Your Girlfriend: Entirely New Classes of Web Attacks
* May
+
* June -  Brendan Bellina: Shibboleth implementation at USC
* April
+
* May - Neil Matatall: OWASP Top 10 and Enterprise Security API (ESAPI)
* March
+
* April - Mike Bailey and Mike Murray:  The intersection of social and technical attacks in Web 2.0 applications
* February
+
* March - Michael Schrenk: BOOK PREVIEW: Webbots, Spiders, and Screen Scrapers SECOND EDITION
* January
+
* February - Alex Stamos: Cloud Computing Security: Raining on the Trendy New Parade
 +
* January - David M. N. Bryan: Do VLANs allow for good application security?
  
  
 
==2009==
 
==2009==
*December - Michael Sutton: [[Media:Sutton_-_Pulling_The_Plug-Security_Risks_in_Next_Generation_Offline_Web_Apps_-_OWASP_LA_OC.pdf|Pulling the Plug: Security Risks in the Next Generation of Offline Web Applications PDF]]
+
*December - Michael Sutton: [[Media:Sutton - Pulling The Plug-Security Risks in Next Generation Offline Web Apps - OWASP LA OC.pdf|Pulling the Plug: Security Risks in the Next Generation of Offline Web Applications PDF]]
*November - Brian Chess: [[Media:Watching_software_run_11.18.09.pptx| Watching Software Run pptx]]
+
*November - Brian Chess: [[Media:Watching software run 11.18.09.pptx| Watching Software Run pptx]]
* October - Shankar Subramaniyan: [[Media:ISO27001_OWASPLA_Shankar_10212009.pdf|Enabling Compliance Requirements using Information Security Management System (ISMS) Framework (ISO27001) PDF]]
+
* October - Shankar Subramaniyan: [[Media:ISO27001 OWASPLA Shankar 10212009.pdf|Enabling Compliance Requirements using Information Security Management System (ISMS) Framework (ISO27001) PDF]]
 
* September - Marco Morana and Tony UcedaVelez: The Rise of Threat Analysis and the Fall of Compliance, Policies, and Standards in mitigating Web Application Security Risks
 
* September - Marco Morana and Tony UcedaVelez: The Rise of Threat Analysis and the Fall of Compliance, Policies, and Standards in mitigating Web Application Security Risks
 
* August - Matt Tesauro: OWASP Live CD Demo and Q&A
 
* August - Matt Tesauro: OWASP Live CD Demo and Q&A
Line 43: Line 125:
 
* June - Mikhael Felker: Information Warfare: Past, Present and Future
 
* June - Mikhael Felker: Information Warfare: Past, Present and Future
 
* May - Jeremiah Grossman: [http://video.google.com/videoplay?docid=2875886330538461390 Top Ten Web Hacking Techniques of 2008]
 
* May - Jeremiah Grossman: [http://video.google.com/videoplay?docid=2875886330538461390 Top Ten Web Hacking Techniques of 2008]
* April - David Campbell: [[Media:DC_ED_OWASP_XSS_MAY2008_v1.0.pdf| XSS, Exploits and Defenses PDF]]
+
* April - David Campbell: [[Media:DC ED OWASP XSS MAY2008 v1.0.pdf| XSS, Exploits and Defenses PDF]]
 
* March -  NETWORK SECURITY DINNER WITH ISSA - CISO'S Security Dashboard Panel
 
* March -  NETWORK SECURITY DINNER WITH ISSA - CISO'S Security Dashboard Panel
* February - Alex Stamos:  [[Media:Cloud_Computing_Security.pdf| Cloud Computing and Security PDF]]
+
* February - Alex Stamos:  [[Media:Cloud Computing Security.pdf| Cloud Computing and Security PDF]]
 
* January -  Ben Walther: Building Security into the Test Organization
 
* January -  Ben Walther: Building Security into the Test Organization
  
 
==2008==
 
==2008==
 
+
* December - Samy Kamkar: [[Media:OWASP-WASCAppSec2007SanJose SamyWorm.ppt| The MySpace Worm ppt]]
* December - Samy Kamkar: [[Media:OWASP-WASCAppSec2007SanJose_SamyWorm.ppt| The MySpace Worm ppt]]
 
 
* November - Stephan Chenette: A new web attack vector: Script Fragmentation
 
* November - Stephan Chenette: A new web attack vector: Script Fragmentation
 
* October - Jonathan Gershater: Entitlements Management: Security and policies for SOA using XML appliances
 
* October - Jonathan Gershater: Entitlements Management: Security and policies for SOA using XML appliances
 
* September -  Ryan C. Barnett:  The Web Hacking Incident Database (WHID) 2007 Report
 
* September -  Ryan C. Barnett:  The Web Hacking Incident Database (WHID) 2007 Report
 
* August -  Jeff Williams: Don't Write Your Own Security Code
 
* August -  Jeff Williams: Don't Write Your Own Security Code

Latest revision as of 04:31, 3 October 2018

This page contains slides from OWASP Los Angeles Chapter Meetings:

2018

  • December -
  • November -
  • October -
  • September - Brian Knopf: Hunting for the next IoT - Your Vulns are not a Paradigm Shift
  • August - Jim Manico: Why are we still talking about Cross Site Scripting in 2018? The Last XSS Defense Talk
  • July - Kevin Gosschalk: How Bots Decide What You Can Buy and How Much You'll Pay
  • June - Anant Kadiyala: Blockchain as Security Mechanism for Real World IoT
  • May - Pieter Danheiux: Improving Software Security in an Agile Environment
  • April - Jason Patterson: Cloud Security/Containers
  • March - Ira Winkler: Incorporating Security Practices into Business Processes
  • February - Justin Regele: Better Git Hacking; Extracting “deleted” secrets from Git databases with Grawler
  • January - Appsec California 2018

2017

2016

  • December -
  • November -
  • October -
  • September -
  • August -
  • July -
  • June -
  • May -
  • April -
  • March -
  • February -
  • January -

2015

2014

2013

2012

  • January - Robert Zigweid: Security in the Cloud

2011

2010

  • December - Brian Robison and Sven Schrecker: Deep Dive into Web Application Scanning
  • November - Al Huizenga and Kyle Adams: Baking It In: Abuse-Resistant Web Applications
  • October - Todd Calvert: Identity Management: federation and authorization
  • October - Manoranjan (Mano) Paul: Sharks and Security
  • September - Mike O. Villegas: Secure Coding Practices and Procedures, and Threat Modeling
  • September - Edward Bonver: Threat Modeling at Symantec
  • August - Dr. Jelena Mirkovic: DETER Project: Scientific, Safe and Simple CyberSecurity Research
  • July - Samy Kamkar: How I Met Your Girlfriend: Entirely New Classes of Web Attacks
  • June - Brendan Bellina: Shibboleth implementation at USC
  • May - Neil Matatall: OWASP Top 10 and Enterprise Security API (ESAPI)
  • April - Mike Bailey and Mike Murray: The intersection of social and technical attacks in Web 2.0 applications
  • March - Michael Schrenk: BOOK PREVIEW: Webbots, Spiders, and Screen Scrapers SECOND EDITION
  • February - Alex Stamos: Cloud Computing Security: Raining on the Trendy New Parade
  • January - David M. N. Bryan: Do VLANs allow for good application security?


2009

2008

  • December - Samy Kamkar: The MySpace Worm ppt
  • November - Stephan Chenette: A new web attack vector: Script Fragmentation
  • October - Jonathan Gershater: Entitlements Management: Security and policies for SOA using XML appliances
  • September - Ryan C. Barnett: The Web Hacking Incident Database (WHID) 2007 Report
  • August - Jeff Williams: Don't Write Your Own Security Code