This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Los Angeles"
(→Main Presentation) |
(→Main Presentation) |
||
| Line 17: | Line 17: | ||
== Main Presentation == | == Main Presentation == | ||
<br> | <br> | ||
| − | * <b>A new web attack vector: Script Fragmentation</b><br><br> | + | * <b>A new web attack vector: [http://www.eweek.com/c/a/Security/Security-Researcher-to-Reveal-New-Web-Attack-Vector/ Script Fragmentation]</b><br><br> |
This presentation will introduce a new web-based attack vector which | This presentation will introduce a new web-based attack vector which | ||
Revision as of 00:26, 18 November 2008
OWASP Los Angeles
Welcome to the Los Angeles chapter homepage. The chapter leader is Cassio Goldschmidt
Participation
OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.
Sponsorship/Membership
to this chapter or become a local chapter supporter.
Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? 
<paypal>LosAngeles</paypal>
Local News
Upcoming Chapter Meeting
- Date: Wednesday November 19th 2008 6:30PM
Meeting Location Symantec Corporation 900 Corporate Pointe Culver City, CA 90230 Laguna Conference Room
Main Presentation
- A new web attack vector: Script Fragmentation
This presentation will introduce a new web-based attack vector which
utilizes client-side scripting to fragment malicious web content.
This involves distributing web exploits in a asynchronous manner to
evade signature detection. Similar to TCP fragmentation attacks, which
are still an issue in current IDS/IPS products, This attack vector
involves sending any web exploit in fragments and uses the already
existing components within the web browser to reassemble and execute
the exploit.
Our presentation will discuss this attack vector used to evade both
gateway and client side detection. We will show several proof of
concepts containing common readily available web exploits.
Stephan Chenette is a Senior Security Researcher who helps lead Websense Security
Labs working on malcode detection techniques. Mr. Chenette specializes
in research tools ranging from kernel-land sandboxes, to static
analysis scanners. He has released public analyses on various
vulnerabilities and malware. Prior to joining Websense, Stephan was a
security software engineer for 4 years working in research and product
development at eEye Digital Security.
Please sign up to our Los Angeles OWASP mailing list.
Everyone is welcome to join us at our chapter meetings. Meeting agenda will be sent to the Los Angeles OWASP mailing list prior to the meeting. List archives are also available for members who want to take a look at the latest discussion topics prior to the event.
Would you like to speak at an OWASP Los Angeles Meeting?
Call for Papers (CFP) is NOW OPEN ~ to submit educational topic for upcoming meeting please submit your BIO and talk abstract via email to Cassio Goldschmidt. When accepted it will be required to use the following powerpoint OWASP Template
This page provides a list of previous presentations conducted at the Los Angeles Chapter.
