This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Ottawa"
m (→Next Meeting: Wednesday, November 28th, 2007) |
|||
| Line 7: | Line 7: | ||
Please RSVP to [email protected]. Please include name, company and how many attendees. | Please RSVP to [email protected]. Please include name, company and how many attendees. | ||
| − | == Next Meeting: | + | == Next Meeting: Tuesday, July 15th, 2008 == |
'''Meeting Sponsor: | '''Meeting Sponsor: | ||
| − | [http://www.rigelksecurity.com Rigel Kent Security] [http://www. | + | [http://www.rigelksecurity.com Rigel Kent Security] [http://www.armorize.com]''' |
''' | ''' | ||
| Line 17: | Line 17: | ||
7:15-8:00 Open discussion and questions | 7:15-8:00 Open discussion and questions | ||
| − | '''Speaker: | + | '''Speaker: John Linehan - Armorize Technologies''' |
'''Topic : Make My Day - Just Run a Web Scanner:''' Countering the Faults of Typical Web Scanners Through Byte-Code Injection - Bytecode instrumentation allows a user to inject additional code into an application's binary. This technique has traditionally been used to measure the runtime performance and test coverage of Web applications. However, bytecode instrumentation has other promising uses, including software security. As the overall security space evolves from the outside-in approach we saw with Web Application Firewalls in the 1990s, bytecode instrumentation provides the perfect opportunity to embed security into the application itself. This talk will provide an overview of bytecode instrumentation, demonstrate how the technology works, and show some concrete ways it can be used to inject security features into an application after it has been developed | '''Topic : Make My Day - Just Run a Web Scanner:''' Countering the Faults of Typical Web Scanners Through Byte-Code Injection - Bytecode instrumentation allows a user to inject additional code into an application's binary. This technique has traditionally been used to measure the runtime performance and test coverage of Web applications. However, bytecode instrumentation has other promising uses, including software security. As the overall security space evolves from the outside-in approach we saw with Web Application Firewalls in the 1990s, bytecode instrumentation provides the perfect opportunity to embed security into the application itself. This talk will provide an overview of bytecode instrumentation, demonstrate how the technology works, and show some concrete ways it can be used to inject security features into an application after it has been developed | ||
| Line 23: | Line 23: | ||
'''Speaker Notes:''' [https://www.owasp.org/images/7/7d/Erik_-_Byte_Code_Injection_Security_Seminar.ppt Download Here] | '''Speaker Notes:''' [https://www.owasp.org/images/7/7d/Erik_-_Byte_Code_Injection_Security_Seminar.ppt Download Here] | ||
| + | |||
| + | [[November 28th, 2007 - Eric Klien - Make my day]] | ||
Revision as of 16:08, 17 June 2008
OWASP Ottawa
Welcome to the Ottawa chapter homepage. The chapter leaders are Mike Sues and Sherif Koussa
Participation
OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.
Sponsorship/Membership
to this chapter or become a local chapter supporter.
Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? 
Meetings Location
Elytra Enterprises: 2625 Queensview Drive, Suite 105. Map
RSVP
Please RSVP to [email protected]. Please include name, company and how many attendees.
Next Meeting: Tuesday, July 15th, 2008
Meeting Sponsor: Rigel Kent Security [1]
Meeting schedule:
6:00-6:30 Food and drinks
6:30-7:30 Main presentation
7:15-8:00 Open discussion and questions
Speaker: John Linehan - Armorize Technologies
Topic : Make My Day - Just Run a Web Scanner: Countering the Faults of Typical Web Scanners Through Byte-Code Injection - Bytecode instrumentation allows a user to inject additional code into an application's binary. This technique has traditionally been used to measure the runtime performance and test coverage of Web applications. However, bytecode instrumentation has other promising uses, including software security. As the overall security space evolves from the outside-in approach we saw with Web Application Firewalls in the 1990s, bytecode instrumentation provides the perfect opportunity to embed security into the application itself. This talk will provide an overview of bytecode instrumentation, demonstrate how the technology works, and show some concrete ways it can be used to inject security features into an application after it has been developed
Speaker Notes: Download Here
