This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Denver August 2009 meeting"
m (Created page with '== Wednesday 26 August 2009, 6pm @ TBD == === Topic: TBD === Presenters: TBD Title: TBD Synopsis: TBD === Agenda === * 6pm: Pizza & pop @ TBD, courtesy of Corporate Spons…') |
(→Wednesday 26 August 2009, 6pm @ TBD) |
||
| Line 1: | Line 1: | ||
| − | == | + | == Thursday 27 August 2009, 6pm @ [http://maps.google.com/maps?f=q&hl=en&q=7400%20S%20Tucson%20Way%2C%20Englewood%2C%20CO Raytheon Polar Services] == |
| − | === Topic: | + | === Topic: Security in the Clouds === |
| − | + | Synopsis: This talk provides a brief overview of cloud computing, and reveals the security risks of moving into the clouds. The concept behind cloud computing is simple: use a hosting provider’s IT resources to expand or shrink to meet your needs, and only for pay what you need when you need it. This architecture appeals to many IT managers as it reduces the initial startup costs, maintenance costs, and overhead required to run systems. Got slashdotted? Not a problem. Your cloud presence will seamlessly expand to push your business to the next level. However, as with all new technology, there are inherent risks. We will discuss the security risks with application code, architecture, the runtime environment, and the development environment. | |
| − | + | Presenter: '''Jon Rose''' | |
| + | Jon Rose is a researcher and pentester within Trustwave's SpiderLabs group. | ||
| + | Jon has close to a decade of experience performing network and | ||
| + | application security assessments, including network penetration testing, | ||
| + | blackbox application testing, and code reviews across a wide range of | ||
| + | programming languages and technologies. Jon has also led IT policy, | ||
| + | standards, and guideline projects, as well as providing IT security | ||
| + | remediation support for commercial and government clients. His security | ||
| + | expertise also includes creating enterprise security programs, providing | ||
| + | guidance in an enterprise security architect role, and building security | ||
| + | into organizations existing software development lifecycle. | ||
| + | |||
| + | Jon also authored the Flex enumeration tool [http://deblaze-tool.appspot.com/ deblaze] which he recently presented at Defcon 17. Also check out Jon's [http://codesearch0day.appspot.com/ presentation] on using Google CodeSearch to find vulnerabilities. | ||
| − | |||
=== Agenda === | === Agenda === | ||
| − | * 6pm: Pizza & pop @ | + | * 6pm: Pizza & pop @ [http://maps.google.com/maps?f=q&hl=en&q=7400%20S%20Tucson%20Way%2C%20Englewood%2C%20CO Raytheon Polar Services], courtesy of [http://www.fishnetsecurity.com/ FishNet Security] |
* 6:30pm: Introduction and Chapter business | * 6:30pm: Introduction and Chapter business | ||
* 6:45pm --> 8pm: Presentation | * 6:45pm --> 8pm: Presentation | ||
| Line 17: | Line 28: | ||
[https://www.owasp.org/index.php/Denver Back to OWASP Denver] | [https://www.owasp.org/index.php/Denver Back to OWASP Denver] | ||
| + | [[http://www.example.com link title]] | ||
Revision as of 18:07, 5 August 2009
Thursday 27 August 2009, 6pm @ Raytheon Polar Services
Topic: Security in the Clouds
Synopsis: This talk provides a brief overview of cloud computing, and reveals the security risks of moving into the clouds. The concept behind cloud computing is simple: use a hosting provider’s IT resources to expand or shrink to meet your needs, and only for pay what you need when you need it. This architecture appeals to many IT managers as it reduces the initial startup costs, maintenance costs, and overhead required to run systems. Got slashdotted? Not a problem. Your cloud presence will seamlessly expand to push your business to the next level. However, as with all new technology, there are inherent risks. We will discuss the security risks with application code, architecture, the runtime environment, and the development environment.
Presenter: Jon Rose
Jon Rose is a researcher and pentester within Trustwave's SpiderLabs group. Jon has close to a decade of experience performing network and application security assessments, including network penetration testing, blackbox application testing, and code reviews across a wide range of programming languages and technologies. Jon has also led IT policy, standards, and guideline projects, as well as providing IT security remediation support for commercial and government clients. His security expertise also includes creating enterprise security programs, providing guidance in an enterprise security architect role, and building security into organizations existing software development lifecycle.
Jon also authored the Flex enumeration tool deblaze which he recently presented at Defcon 17. Also check out Jon's presentation on using Google CodeSearch to find vulnerabilities.
Agenda
- 6pm: Pizza & pop @ Raytheon Polar Services, courtesy of FishNet Security
- 6:30pm: Introduction and Chapter business
- 6:45pm --> 8pm: Presentation
