This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Dallas"

From OWASP
Jump to: navigation, search
 
(129 intermediate revisions by 5 users not shown)
Line 1: Line 1:
 
{{Chapter Template|chaptername=Dallas|extra=The chapter leaders are
 
{{Chapter Template|chaptername=Dallas|extra=The chapter leaders are
 
Chapter Lead-[mailto:[email protected] Gene McCormick]
 
 
Hospitality/Facilities Lead-[mailto:[email protected] Rik Jones]
 
 
Membership Lead- [mailto:[email protected] Norm Smith]
 
  
Programs Lead- [mailto:mparsons@parsonsisconsulting. Matt Parsons]
+
Chapter Lead- [mailto:dsheridan@cigital.com Denis Sheridan]
  
Web/Technology Lead- [mailto:mynoralva@gmail.com Mynor Alvarado]  
+
Board Member- [mailto:jeromme.lawler@guggenheimpartners.com Jeromme Lawler]
  
Board Member- [mailto:[email protected] Andrea Wendeln]
 
 
Board Member- [mailto:[email protected] Don McMillian]
 
 
Board Member- [mailto:[email protected] Tim Shelton]
 
<br>
 
 
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-dallas|emailarchives=http://lists.owasp.org/pipermail/owasp-dallas}}  
 
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-dallas|emailarchives=http://lists.owasp.org/pipermail/owasp-dallas}}  
  
 
== Get Connected and Stay Connected  ==
 
== Get Connected and Stay Connected  ==
 
The Dallas OWASP chapter is proud to announce several new ways to keep in touch with the leadership and other members of the chapter and greater organization.
 
  
 
In addition to our [http://bit.ly/fWT3pN Mailing List] we also have a [http://bit.ly/eHEW6O Dallas OWASP Twitter Feed] a [http://on.fb.me/fHr5XY Dallas OWASP Facebook Page] and a [http://linkd.in/g3WxGG Dallas OWASP Linkedin Group]. We invite you to join or follow whichever groups suit you, get involved with your fellow Dallas OWASP Chapter members, and we'll keep them all up to date with the latest official news and announcements from the chapter leadership.  
 
In addition to our [http://bit.ly/fWT3pN Mailing List] we also have a [http://bit.ly/eHEW6O Dallas OWASP Twitter Feed] a [http://on.fb.me/fHr5XY Dallas OWASP Facebook Page] and a [http://linkd.in/g3WxGG Dallas OWASP Linkedin Group]. We invite you to join or follow whichever groups suit you, get involved with your fellow Dallas OWASP Chapter members, and we'll keep them all up to date with the latest official news and announcements from the chapter leadership.  
Line 33: Line 19:
 
| [[Image:Join-us-on-Facebook.jpg|175px|link=http://on.fb.me/fHr5XY]]  
 
| [[Image:Join-us-on-Facebook.jpg|175px|link=http://on.fb.me/fHr5XY]]  
 
| [[Image:Linkedin-button.gif|135px|link=http://linkd.in/g3WxGG]]
 
| [[Image:Linkedin-button.gif|135px|link=http://linkd.in/g3WxGG]]
 +
| [[Image:meetup-button.png|108px|link=https://www.meetup.com/Dallas-The-Open-Web-Application-Security-Project-Meetup/]]
 
|}
 
|}
 +
 +
=== Announcements  ===
 +
 +
== November Meeting ==
 +
 +
 +
 +
'''When:''' Wednesday, November 6, 2019 - 6:30 PM
 +
 +
 +
'''Topic: ''' CMD+CTRL Web Application Cyber Range
 +
 +
 +
Want to test your skills in identifying web app vulnerabilities? Join the Dallas OWASP Chapter and Security Innovation as members compete in CMD+CTRL, a web application cyber range where players exploit their way through hundreds of vulnerabilities that lurk in business applications today. Success means learning quickly that attack and defense is all about thinking on your feet.
 +
 +
 +
For each vulnerability you uncover, you are awarded points. Climb the interactive leaderboard for a chance to win fantastic prizes! CMD+CTRL is ideal for development teams to train and develop skills, but anyone involved in keeping your organization’s data secure can play - from developers and managers and even CISOs.
 +
 +
 +
Prizes will be awarded for first, second, and third place finishes.
 +
 +
 +
'''Who:''' Chad Holmes is a Product Marketing Manager for Security Innovation with a focus on educating customers on emerging Cyber Range technologies and how they can improve security education within organizations. Prior to joining Security Innovation Chad was a Penetration Tester, Product Manager, Security Program Manager and team lead at Cigital, Veracode and Red Hat.
  
  
 +
'''Where:''' Toyota Motor North America, Inc. 6565 Headquarters Drive - Plano
  
==== Announcements  ====
+
Guests may park in the visitors parking area on Headquarters Dr. right outside main lobby in front of W1 and E1 buildings. Enter the main lobby to sign in. Meeting will be in the Corolla W1-0C-18 / Camry W1-0C-30 conference rooms.
  
== March Meeting ==
 
  
'''When:''' March 7, 2012, 11:30am - 1:00pm
+
IMPORTANT Meeting Notes:
  
'''Topic: ''' AAA for Hybrid Cloud Environment
+
This office is a gun-free zone. Please do not attempt to bring in any guns, holsters, ammo, etc. into their office space.
  
During this session, presented by Symplified, we will explore four areas of interest.
+
The meeting food & drinks will be sponsored by TBD.
  
Web, SaaS, Mobile Application Adoption
 
  
Protecting sensitive data
+
=== Previous Meetings  ===
  
WAM for the Public Cloud
+
== October Meeting ==
  
Identity Sprawl
+
'''When:''' Tuesday, October 22, 2019 - 6:00 PM
  
We will take an in depth look at what is driving enterprises to consider and migrate to Web, SaaS and Mobile applications. We then investigate Web Access Management where it started and why we need a new approach to meet the new needs. But we still need to consider the traditional tenants of Authentication, Authorization and Audit. These are still vitally important - even more so. Finally we will explore how identities are increasingly growing with this new paradigm and how we can control those identities.
+
'''Topic: ''' The Pulse of AppSec: 2019 Trends and Insights
  
'''Who:''' Cullen Landrum, CISSP
+
'''Who:''' Phil Guraedy is a Technical Consultant with Micro Focus.
  
With 10+ years of experience in Identity and Access Management, Cullen Landrum is a Senior Systems Engineer at Symplified. Cullen specializes in the areas of Federation and Access Management for Service Providers and Partners. Prior to joining Symplified, Cullen worked most recently for Oracle as a Principal Sales Consultant supporting Federal, State and Local and other government entities. Cullen worked for Sun Microsystems prior to Oracle as a Senior Systems Engineer supporting telecommunications and Federal government organizations. But it all started with a little consulting company based in Plano TX – EDS – where Cullen spent 10+ years as a developer on everything from mainframes to Tandem to Java. Cullen holds a Bachelor of Arts in Computer Science and Mathematics from the University of Colorado, Boulder and is a member of Kappa Mu Epsilon (Mathematics Honor Society).
+
'''Where:''' Epsilon - 6021 Connection Drive - Irving, TX
  
'''Where:'''  
+
== September Meeting ==
North Lake College (Central Campus)
+
 +
'''When:''' Tuesday, September 17, 2019 - 6:00 PM
  
5001 N. MacArthur Blvd.
+
'''Topic: ''' Bug Hunting - An adventure in free time
  
Irving, TX 75038
+
'''Who:'''  Rich Mirch has been in IT for over 21 years; Rich is currently a member of the Red Team at State Farm.
  
Phone: 972-273-3000
+
'''Where:''' State Farm Insurance - 3661 N. Plano Rd. Suite 1000 - Richardson, TX - [[Media:Citylink_map.pdf|Map]]
  
Building: A
+
== July Meeting ==
 +
 +
'''When:''' Tuesday, July 23, 2019 - 6:00 PM
  
Room: 206
+
'''Topic: ''' Cloud, the Hard Way
  
 +
'''Who:''' Will Bengtson is the Director of Cloud Security, Distinguished Engineer at Capital One.
  
Map: http://www.northlakecollege.edu/pages/central-campus-directions.aspx
+
'''Where:''' Toyota Motor North America, Inc. - 6565 Headquarters Drive, Plano, TX
  
'''Cost:''' Always Free
+
[[Media:Cloud_-_The_Hard_Way.pdf]]
  
'''Lunch:''' Bring your own lunch or purchase lunch at cafeteria.
+
== June Meeting ==
 +
 +
'''When:''' Tuesday, June 25, 2019 - 6:00 PM
  
[http://www.eventbrite.com/event/2977940099 RSVP]
+
'''Topic: ''' Anti-Phish Codes -- Addressing credential compromise that lead to Data breaches and Fraud
  
 +
'''Who:''' Dr. Chiruvolu brings in more than two decades of expertise, insights on technology and cyber security in several market verticals such as Finance, Healthcare, Enterprise and Govt./Education.
  
== February Meeting ==
+
'''Where:''' Capital Factory + The DEC - 3102 Oak Lawn Ave - Dallas, TX
 +
 
 +
[[Media:UberPasscodes-AntiPhishing2FA-PresArchive.pdf]]
 +
 
 +
== May Meeting ==
 +
 +
'''When:''' Thursday, May 23, 2019 - 6:00 PM
 +
 
 +
'''Topic: ''' Microservices: What Am I Securing Again?
 +
 
 +
'''Who:'''
 +
Travis Biehn is a Principal Consultant at Synopsys and consulting research lead for the Synopsys Cybersecurity Research Center.
 +
David Bohannon is a Senior Security Consultant at Synopsys.
 +
 
 +
'''Where:''' The Garage at Capital One - 8000 Dominion Pkwy - Plano, TX - Building with TC out front
 +
[[Media:Microservices_OWASP_Preso_Sanitized.pptx]]
 +
 
 +
== March Meeting ==
  
'''When:''' February 1, 2012, 11:30am - 1:00pm
+
'''When:''' Thursday, May 23, 2019 - 6:00 PM
  
'''Topic: ''' Web Application Vulnerability Testing with Nessus
+
'''Topic: ''' Tineola: Taking a Bite Out of Enterprise Blockchain
  
This presentation will demonstrate how to configure and run Tenable Nessus to conduct basic and advanced Web application vulnerability testing including how to review and report the results. It will also include a brief introduction to Nessus so to give a basic understating of how to navigate and use the tool. Come join us on the hunt for Cross Site Scripting, SQL injection and other items in the OWASP Top 10 as well as known vulnerabilities in common Web applications and Web hosting platforms. (No real Web application will be harmed during this presentation.)
+
'''Who:''' Stark Riedesel is a senior consultant at Synopsys with six years of security industry experience.
  
'''Who:''' Rik A. Jones is a Senior Information Security Analyst for the Dallas County Community College District (DCCCD)
+
== February Meeting ==
  
'''Where:'''  
+
'''When:''' Tuesday, February 19, 2019 - 6:00 PM
SMU
 
Caruth Hall
 
Palmer Conference Center / 406 Caruth Hall
 
3145 Dyer Street
 
Dallas, Texas 75205
 
  
The room info is as follow:
+
'''Topic: ''' Threat-modeling legacy Cloud Applications
Palmer Conference Center, 406 Caruth Hall.
 
Here's the link to SMU's Map: (http://smu.edu/maps/campus.asp)
 
Caruth Hall is building 44 on the attached campus map link.
 
  
'''Cost:''' Always Free
+
'''Who:''' Kevin Nassery is a Senior Principal Consultant at Synopsys where he leads the Software Security Initiatives (SSI) practice
  
'''Lunch:''' Bring your own lunch or purchase lunch at cafeteria.
+
'''Where:''' Epsilon - 6021 Connection Drive - Irving, TX
  
[http://www.eventbrite.com/event/2842131893 RSVP]
+
[[Media:Owasp-dallas.pptx]]
  
 
== January Meeting ==
 
== January Meeting ==
  
'''When:''' January 11, 2012, 11:30am - 1:00pm
+
'''When:''' Tuesday, January 15, 2019 - 6:00 PM
  
'''Topic: ''' OWASP TOP 10
+
'''Topic: ''' Container and Container-Aware Security
  
Power point demonstration of OWASP Top Ten Web Application Security Vulnerabilities with actual hacking examples.  This presentation will cover such vulnerabilities as SQL injection, XSS and CSRF.  Discussion, hands on exercise and question and answer session.
+
'''Who:'''
  
'''Who:''' Matt Parsons, VP Parsons Software Security Consulting
+
Travis Stanfield, Senior Director of Software Engineering at Capital One
  
'''Where:'''
+
Liam Randall, President and Co-Founder of Critical Stack
North Lake College (Central Campus)
 
5001 N. MacArthur Blvd.
 
Irving, TX 75038
 
Phone: 972-273-3000
 
Building: G
 
Room: 405
 
  
[http://www.northlakecollege.edu/pages/central-campus-directions.aspx Map]
+
'''Where:''' Capital One - 8000 Dominion Pkwy - Plano, TX
  
'''Cost:''' Always Free
+
[[Media:OWASP_dallas_Jan_2019.zip]]
  
'''Lunch:''' Bring your own lunch or purchase lunch at cafeteria.
+
== November Meeting ==
 +
 +
'''When:''' Tuesday, November 13, 2018 - 6:00 PM
  
'''[http://www.eventbrite.com/event/2842131893 RSVP]'''  
+
'''Topic: ''' Securing Containers on the High Seas
  
==== Presentation Archives  ====
+
'''Who:''' Jack Mannino is the CEO of nVisium.
  
This is a new program, we will start collecting our speakers' presentation materials and make them available for viewing and download here.
+
'''Where:''' Capital One - 8000 Dominion Pkwy - Plano, TX
  
==February 1, 2012==
+
== September Meeting ==
 +
 +
'''When:''' Tuesday, September 18, 2018 - 6:00 PM
  
'''Title''':  Web Application Vulnerability Testing with Nessus
+
'''Topic: ''' Security Shift Left! Enable, Protect, and Execute.
  
'''Speaker''': Rik A. Jones, Senior Information Security Analyst for the Dallas County Community College District (DCCCD)
+
'''Who:''' Teddi Poehls, currently working as a Senior Sales Engineer for Signal Sciences
  
'''Slides''':
+
'''Where:''' Epsilon - 6021 Connection Drive, Irving, TX
[[Media:Web Application Vul Testing with Nessus 2012.02.01.pdf‎]]<br>
 
[[Media:OWASP Broken Web Applications 2012.02.01.pdf‎]]
 
  
 +
== August Meeting ==
  
==January 11, 2012==
+
'''When:''' Tuesday, August 21, 2018 - 6:00 PM
  
'''Title''': OWASP TOP 10
+
'''Topic: ''' Tangled Web
  
'''Speaker''': Matt Parsons, VP Parsons Software Security Consulting
+
'''Who:''' Herb has worked for State Farm for over 26 years. He is currently a member of the Security Analytics/Threat hunting team.
  
'''Slides''': [[Media:OWASPtopTen.pdf‎]]
+
'''Where:''' State Farm Insurance - 3661 N. Plano Rd. Suite 1000, Richardson, TX
  
 +
== July Meeting ==
 +
 +
'''When:''' Tuesday, July 17, 2018 - 6:00 PM
  
==May 4, 2011==
+
'''Topic: ''' Interactive Capture the Flag (CTF) Introduction
  
'''Title''': Using the Mobile Top 10 as a Guide for Mobile Application Security
+
'''Who:''' Gabriel Lawrence is the General Manager of Cyber-Protection at Toyota
  
'''Speaker''': Clint Pollock, VERACODE
+
'''Where:''' Toyota Motor North America, Inc. - 6565 Headquarters Drive, Plano, TX
  
'''Slides''': [[Media:MobileTopTen.pdf‎]]
+
== June Meeting ==
  
==March 2, 2011==
+
'''When:''' Tuesday, June 19, 2018 - 6:00 PM
  
'''Title''': OWASP WTE: Application Pen Testing '''your''' way.
+
'''Topic: ''' Cloud Jacking
  
'''Speaker''': Matt Tesauro, [http://bit.ly/fQGqIk OWASP] Board Member, Project Lead for the [http://bit.ly/hIbx9c OWASP WTE Live CD project], and VP of Services at [http://bit.ly/fNj64E Praetorian]
+
'''Who:''' Bryan McAninch is a cybersecurity professional with over twenty years experience in various disciplines including digital forensics, penetration testing, and security architecture.
  
'''Slides''': [[Media:OWASP-Dallas-Chapter-Mar-2011-1.pdf]]
+
'''Where:''' Toyota Motor North America, Inc. - 6565 Headquarters Drive, Plano, TX
  
==== Past Meetings Archive  ====
+
== April Meeting ==
  
== May 4, 2011  ==
+
'''When:''' Tuesday, April 17, 2018 - 6:00 PM
  
=== Sponsors: ===
+
'''Topic: ''' Viewing the Nodes in the Noise: Leveraging Data Science to Discover Persistent Threats
  
[[Image:Screen_shot_2011-02-24_at_10.47.51_AM.png|link=http://www.smu.edu]]
+
'''Who:''' David Evenden is an experienced offensive security operator/analyst with over 10 years of active work experience inside the Intelligence Community (IC).  
  
===**RECENT&nbsp;UPDATES**===
+
'''Where:''' Allstate - 8711 N. Freeport Parkway - Irving, TX
  
* We're still looking for a sponsor for the May 4th meeting, if your company is interested in sponsoring this or future meetings, please email [mailto:[email protected] [email protected]] - 4/20/2011
+
== March Meeting ==
  
'''Make sure to sign up for any of the social media network links above to get future announcements.'''
+
'''When:''' Tuesday, March 20, 2018 - 6:00 PM
<br>
 
  
'''Title''': Using the Mobile Top 10 as a Guide for Mobile Application Security
+
'''Topic: ''' DevSecOps Unplugged
  
'''Speaker''': Clint Pollock, VERACODE
+
'''Who:''' Vishal Asthana, CISSP has been with Security Compass for over 4 years
  
'''Date''': May 4, 2011
+
'''Where:''' Akamai - 15950 Dallas Parkway - Dallas, TX
  
'''Time''': 11:30AM - 1:00 PM
+
== February Meeting ==
  
'''Location''': <br>Southern Methodist University <br>Dallas TX 75205
+
'''When:''' Tuesday, February 20, 2018 - 6:00 PM
  
'''Room details:'''<br>
+
'''Topic: ''' Bugs in the Blockchain and “Contractual” Vulnerability
'''Building:'''  Hughes-Trigg Student Center
 
'''Room:'''  The Forum (on the first floor)
 
  
'''Directions:'''
+
'''Who:''' Stark Riedesel is a software security consultant working for Synopsys here in the Dallas area.  
For campus direction please visit [http://smu.edu/maps/directions.asp http://smu.edu/maps/directions.asp]
 
  
'''Parking:'''  
+
'''Where:''' Alliance Data Systems - 7500 Dallas Parkway 7th Floor, Plano, TX
For parking, guests have few options, they can use '''Moody Parking Garage for $5''', the machine takes cash or plastic. Otherwise, they can look for free parking spots on '''University Boulevard''' or '''Mcfarlin Boulevard'''.
 
  
'''Campus Map:'''
+
'''Materials''': [[Media:Bugs_in_the_Blockchain.pptx]]
An interactive campus map can be found at [http://smu.edu/maps/flash/ http://smu.edu/maps/flash/]
 
Printable map: 
 
  
'''Cost:''' Always Free
+
== January Meeting ==
 +
 +
'''When:''' Tuesday, January 16, 2018 - 6:00 PM
  
'''RSVP:''' '''[http://owaspdallasmtg.eventbrite.com/ Click here to RSVP for May 4th, 2011 (FREE)]''' or Email [mailto:[email protected] Ryan.Smith@OWASP.org]
+
'''Topic: ''' OWASP Top 10 2017
This will help expedite the check-in process. Thanks.
 
  
'''Abstract:'''
+
'''Who:''' Andrew van der Stock is a Senior Principal Consultant with Synopsys.
  
The Top 10 Mobile Application Risks, or “Mobile App Top 10” for short, is a list of the most prevalent risks to look for in the mobile applications you are developing and consuming.
+
'''Where:''' Toyota Motor North America, Inc. - 6565 Headquarters Drive · Plano
 
Many of the risks in mobile devices are similar to those of traditional spyware, Trojan software, and insecurely designed apps. However, mobile devices are not just small computers. Mobile devices are designed around personal and communication functionality which makes the top mobile applications risks different from the top traditional computing risks.
 
 
The Mobile App Top 10 can be used to determine the coverage of a security solution which can protect against these risks. A mobile app security solution can declare its coverage of the Mobile App Top 10 so customers can understand what risks the solution mitigates. Mobile app security solutions can be used in the development of an app, as part of an app store vetting process, for acceptance testing of an app, or for security software running on a mobile device.
 
 
'''Speaker Bio:'''
 
  
Clint Pollock is a Senior Solutions Architect at Veracode. Since 1997, he has also created security solutions for large-scale enterprise environments on behalf of CREDANT Technologies and Netegrity. In his current role, Clint helps globally distributed organizations evaluate, track, and mitigate their application security risk.  Clint’s greatest strengths are his enthusiasm, experience and determination to help customers succeed in maintaining secure, compliant systems, and avoid the consequences and bad headlines that come with application security breaches.  Clint resides in Chicago, IL.
+
== October Meeting ==
 +
'''When:''' Tuesday, October 10, 2017 - 6:00 PM
  
== April 6, 2011  ==
+
'''Topic: ''' Application Security in the DevOps World
  
=== Sponsors: ===
+
'''Who:''' Apoorva Phadke is a Senior Security Consultant at Synopsys.
  
[[Image:FortifyHP.png‎|link=http://www.fortify.com]]
+
'''Where:''' Akamai - 15950 Dallas Parkway, Dallas, TX
  
We would like to thank Fortify for sponsoring the lunch for this meeting.
+
== September Meeting ==
 +
'''When:''' Wednesday, September 13, 2017 - 6:00 PM
  
[[Image:Screen_shot_2011-02-24_at_10.47.51_AM.png|link=http://www.smu.edu]]
+
'''Topic: ''' Automate All The Things
  
We would like to thank SMU for agreeing to host us until May, 2011
+
'''Who:''' Matt Konda, CEO of Jemurai. Jemurai is a consulting firm specializing in application security.
  
<br>
+
'''Where:''' Epsilon - 6021 Connection Drive, Irving, TX
==Meeting Details:==
 
  
'''Title''': Breaking the Paradigm of AppSec as a Disruptive Cost Center
+
== August Meeting ==
 +
'''When:''' Wednesday, August 15, 2017 - 6:00 PM
  
'''Speaker''': Peter Perfetti, Impact Security
+
'''Topic: ''' Making Vulnerability Management Less Painful with OWASP DefectDojo
  
'''Date''': April 6, 2011
+
'''Who:''' Greg Anderson is a security professional and creator of DefectDojo
  
'''Time''': 11:30AM - 1:00 PM
+
'''Where:''' Intuit
  
'''Location''': <br>Southern Methodist University <br>6425 Boaz Lane<br>Dallas TX 75205
+
'''Materials:''' https://docs.google.com/presentation/d/1DnV-e6TWoH0YexZJpPQeRTD0eeHwWpmsSu-MRjMczwQ/edit?usp=sharing 
  
'''Room details:'''<br>
+
== July Meeting ==
'''Building:''' Hughes-Trigg Student Center
+
'''When:''' Wednesday, July 19, 2017 - 6:00 PM
'''Room:'''  Atrium A&B
 
  
'''Directions:'''
+
'''Topic: ''' IoT Security Landscape: Survey & Analysis
For campus direction please visit [http://smu.edu/maps/directions.asp http://smu.edu/maps/directions.asp]
 
  
'''Parking:'''  
+
'''Who:''' Mark Szewczul, CISSP, is an IoT Security Architect at Zimperium
For parking, guests have few options, they can use '''Moody Parking Garage for $5''', the machine takes cash or plastic. Otherwise, they can look for free parking spots on '''University Boulevard''' or '''Mcfarlin Boulevard'''.
 
  
'''Campus Map:'''
+
'''Where:''' Goldman Sachs - 6011 Connection Drive, Irving, TX 75039, Dallas, TX
An interactive campus map can be found at [http://smu.edu/maps/flash/ http://smu.edu/maps/flash/]
 
Printable map: 
 
  
'''Cost:''' Always Free
+
== June Meeting ==
 +
'''When:''' Tuesday, June 20, 2017 - 6:00 PM
  
'''RSVP:''' '''[http://owaspdallasmtg.eventbrite.com/ Click here to RSVP for April 6th (FREE)]''' or Email [mailto:[email protected] [email protected]]
+
'''Topic: ''' From Hot Rodding to Hacking, Securing the Modern Automobile
This will help expedite the check-in process. Thanks.
 
  
'''Abstract''':
+
'''Who:''' Art Dahnert is a Managing Consultant who has over 19 years of experience in the software industry with over 8 years Application Security experience. 
  
This presentation outlines the primary risk concerns for application security, audit, and compliance then expands on those topics to create a "Checklist for Application Security, Systems, Internetworking, and Engineering". The presentation begins with understanding the types of risks involved, the current pitfalls (and in some cases pratfalls) companies struggle to endure, and what we can do to fix them. The presenter outlines the basic foundation on how to build a program for success, debunking the myth that you can’t have operational stability, security, and compliance while reducing operating costs, and how using this approach helps to achieve this goal.
+
'''Where:''' Toyota - 5360 Legacy Drive, Building 1, 2nd Floor, Plano, TX
  
Applications are currently a major attack vector as well as being difficult to keep stable, secure, and compliant. But securing only the applications, or just the infrastructure can lead to compromise; and audit, compliance, and legal problems. By applying the author's philosophy and  checklists to your organization, staff from support, engineering, application development, up to CISOs can more effectively work together to improve security and meet Executive Management’s tolerance for business risk while achieving business objectives. This presentation highlights the issues, demonstrates how the entire enterprise works together, and finally outlines a basic checklist and a methodology for CISOs, Developers, Administrators, and Engineers alike to ensure business and technology risk management work in concert with all technology areas, including audit and compliance.The method draws its strengths from proven frameworks such as OWASP, SAMM, Visible Ops, FFIEC, CoBIT, and ITIL.
+
'''Materials''': [[media:Hot_Rodding_and_Hacking_v3.pdf]]
  
'''Speaker Bio''':  
+
== May Meeting ==
 +
'''When:''' Tuesday, May 16, 2017 - 6:00 PM
  
Mr. Perfetti has been working in information security for fifteen years. He has been involved in IT Security for the financial services industry for ten years where he has worked as an Information Security Officer as well as having been responsible for vulnerability and threat management, and security engineering. Mr. Perfetti worked for Viacom and MTV as the Manager of Systems Administration and was the Director of IT Risk Management for the National Basketball Association. He has a broad range of experience in both operations and security. Mr. Perfetti provided governance and guidance over risk and compliance issues for the Americas region of ABN AMRO as the Local Information Security Officer for New York. His responsibilities were primarily to manage the risk for infrastructure related technology and operations. Other duties included audit, business continuity, investigations, and security operations oversight. Most recently, he was head of IT Security & Governance at Tygris Commercial Finance. He was formerly the VP of the NY/NJ Metro Chapter of OWASP and is currently a board member of the local chapter. He has served on the IT Security Advisory Board for the Technology Manager’s Forum. Mr. Perfetti’s accomplishments have been discussed in two books on achieving high performing, stable, and secure infrastructure. Currently Mr. Perfetti operates IMPACT Security LLC, a private security contractor firm, that specializes in Vulnerability & Risk Assessment; developing, enhancing, and implementing Security and Risk Management programs; and  Incident & Audit Response, Prevention, and Recovery.
+
'''Topic: ''' OWASP Dallas Social
  
== March 2, 2011  ==
+
'''Who:''' OWASP Dallas
  
===**RECENT&nbsp;UPDATES**===
+
'''Where:''' Dots Hop House & Cocktail Courtyard - 2645 Commerce Street , Dallas, TX (map)
  
* **UPDATE** - Matt Tesauro will be bringing a professionally bound copy of the OWASP 2010 Top 10, signed by the authors Jeff Williams (http://www.owasp.org/index.php/User:Jeff_Williams) and Dave Wichers (http://www.owasp.org/index.php/User:Wichers) that he picked up at the Summit.  We'll raffle this at the end of the meeting for all who've registered*. * must be present to win
+
== April Meeting ==
* We have posted the room and building information below, as well as information about parking and maps of the SMU Campus (2/9/11)
+
'''When:''' Monday, April 17, 2017 - 6:00 PM
* We have added an official EventBright RSVP page.  '''[http://www.eventbrite.com/event/1287249197 Please Click here to RSVP for March 2nd (FREE)]''' (2/8/11)
 
* We have confirmed that Southern Methodist University will host our upcoming meeting on March 2nd. (2/7/11)
 
  
'''Make sure to sign up for any of the social media network links above to get future announcements.'''
+
'''Topic: ''' AWS Security: Staying on Top of the Cloud
<br>
 
  
 +
'''Who:''' Kurtis Miller is a Principal Security Consultant for NCC Group, North America.
  
=== Sponsors: ===
+
'''Where:''' Goldman Sachs - 6011 Connection Drive, Irving, TX 75039, Dallas, TX
[[Image:Veracode_logo_2color_OWASP.jpg|link=http://veracode.com]]
 
  
[[Image:Screen_shot_2011-02-24_at_10.47.51_AM.png|link=http://www.smu.edu]]
+
'''Materials''': [[media:AWS_Security_-_Staying_on_Top_of_the_Cloud.pdf]]  
  
We would like to thanks Veracode for providing a light deli lunch for this meeting, and of course SMU for hosting it. 
+
== March Meeting ==
 +
'''When:''' Tuesday, March 21, 2017 - 6:00 PM
  
===Meeting Details:===
+
'''Topic: ''' Secrets Revealed: How Your Competitors are Scaling Application Security
  
'''Title''': OWASP WTE: Application Pen Testing '''your''' way.  
+
'''Who:''' Nishchal Bhalla, is a noted expert, speaker and a published author who has been in the information security field for two decades.  
  
'''Speaker''': Matt Tesauro, [http://bit.ly/fQGqIk OWASP] Board Member, Project Lead for the [http://bit.ly/hIbx9c OWASP WTE Live CD project], and VP of Services at [http://bit.ly/fNj64E Praetorian]
+
'''Where:''' Intuit, Inc. - 5601 Headquarters Dr, Plano, TX
  
'''Date''': March 2, 2011
+
'''Materials''': [[media:2017.03_OWASP_Dallas_Presentation_v5.pdf ]] [https://www.securitycompass.com/managingapplicationsecurity2017/ (More Info)]
  
'''Time''': 11:30AM - 1:00 PM  
+
== February Meeting ==
 +
'''When:''' Tuesday, February 21, 2017 - 6:00 PM
  
'''Location''': '''**Recently Updated**'''<br>Southern Methodist University <br>6425 Boaz Lane<br>Dallas TX 75205
+
'''Topic: ''' Secure Architecture In The Land of Microservices
  
We will meet at: '''Huitt Zollars room''' located at the '''Embrey building''' at '''SMU Main Campus (Dallas)'''.
+
'''Who:''' Jack is the CEO at nVisium and focuses on building solutions to make security and education scale in fast-paced software development organizations.  
  
'''Directions:'''
+
'''Where:''' 8000 Dominion Pkwy, Plano, TX - Capital One
For campus direction please visit [http://smu.edu/maps/directions.asp http://smu.edu/maps/directions.asp]
 
  
'''Parking:'''
+
'''Materials''': [[Media:Microservice_Security.pdf]]
For parking, guests have few options, they can use '''Moody Parking Garage for $5''', the machine takes cash or plastic. Otherwise, they can look for free parking spots on '''University Boulevard''' or '''Mcfarlin Boulevard'''.
 
  
'''Campus Map:'''
+
== January Meeting ==
An interactive campus map can be found at [http://smu.edu/maps/flash/ http://smu.edu/maps/flash/]
+
'''When:''' January 17 - 6:00 PM
Printable map:
 
  
'''Cost:''' Always Free
+
'''Topic: ''' Helping Developers Embrace Security with OWASP Tools
  
'''RSVP:''' Email [mailto:[email protected] [email protected]] or '''[http://www.eventbrite.com/event/1287249197 Click here to RSVP for March 2nd (FREE)]''' 
+
'''Who:''' Joseph Konieczka is a Lead Technology Solutions Specialist on the Remedy on Demand infrastructure team at BMC Software.  
This will help expedite the check-in process. Thanks.  
 
  
'''Abstract''':
+
'''Where:''' 6011 Connection Drive, Irving, TX 75039, Dallas, TX - Goldman Sachs
  
One of the pain points of application penetration testing is keeping all your tools up to date and installed on whatever computer you happen to have with you. After several successful releases of the OWASP Live CD, I had a bit of a think and decided that there was a better way. After a bunch of re-tooling (the fancy word is refactoring), OWASP WTE is ready for prime time. OWASP Web Testing Environment is a project to package application testing tools and make them available in a variety of ways - you pick what works for you: Live CD, Virtual Machine, ala carte installations on your existing Ubuntu system, or maybe even attack tools in the cloud. The choice is yours with WTE.
+
== November Meeting ==
 +
'''When:''' Tuesday, November 8, 2016 - 5:30 PM
  
In this talk I will cover where OWASP WTE is currently, what features are available and what the future holds. The overall project goal is to make testing tools as widely available and easily usable as possible.
+
'''Topic: ''' Privacy Preserving Big Data Analytics
  
'''Speaker Bio''':
+
'''Who:''' Hassan Takabi is Assistant Professor of Computer Science and Engineering at the University of North Texas, Denton, TX, USA.
  
Matt is currently on the board of the [http://bit.ly/fQGqIk OWASP Foundation] and highly involved in many OWASP projects and committees. Matt is the project leader of the [http://bit.ly/hIbx9c OWASP WTE] (Web Testing Environment) which is the source of theOWASP Live CD Project and Virtual Machines pre-configured with tools and documentation for testing web applications.
+
'''Where:'''  Epsilon - 6021 Connection Drive, Irving, TX
  
Matt has been involved in the Information Technology industry for more than 10 years. Matt is currently serving as the VP of services at [http://bit.ly/fNj64E Praetorian], leveraging his experience in application security and consulting. Prior to joining Praetorian, Matt was a Security Consultant at Trustwave's Spider Labs. Matt's focus has been in application security including testing, code reviews, design reviews and training. His background in web application development and system administration helped bring a holistic focus to Secure SDLC efforts he's driven. He has taught both graduate level university courses and for large financial institutions. Matt has presented and provided training a various industry events including DHS Software Assurance Workshop, AppSec EU, AppSec US, AppSec Academia, and AppSec Brazil.
+
== October Meeting ==
 +
'''When:''' Monday, October 17, 2016 - 5:30 PM
  
Industry designations include the Certified Information Systems Security Professional (CISSP) and Certified Ethical Hacker (CEH). Matt Tesauro has a B.S. in Economics and a M.S in Management Information Systems from Texas A&amp;M University.
+
'''Topic: ''' NoSQL: "No Injections" or "No Security"?
  
Linkedin Profile: http://www.linkedin.com/in/matttesauro 
+
'''Who:''' Stark Riedesel is a Security Consultant for Cigital, an industry leader in application security.  
  
<br> '''======================================================'''
+
'''Where:''' Akamai - 15950 Dallas Parkway, Dallas, TX
  
'''When:''' Tuesday, September 21, 2010 11:30 AM – 1:00 PM  
+
== September Meeting ==
 +
'''When:''' Monday, September 19, 2016 - 5:30 PM
  
'''Topic: ''' Securing the Smart Grid's Software
+
'''Topic: ''' Web Attacker’s Toolkit: An in depth analysis of RFI in the wild
  
'''Who:''' Andy Bochman
+
'''Who:''' Tony Lauro is a Lead Sr. Enterprise Security Architect for Akamai's Web Security division.
  
Andy Bochman is Energy Security Lead for IBM's Rational Division, where the focus is on securing the software that runs the Smart Grid. Andy is a contributor to industry and national security working groups on energy security and cyber security. He lives in Boston, is an active member of the MIT Energy Club, and is the founder of the Smart Grid Security and DOD Energy Blogs.
+
'''Where:'''  Akamai - 15950 Dallas Parkway, Dallas, TX
  
'''Where:''' CoreLogic, 1 CoreLogic Drive, Westlake, TX 76262 (@15 min from DFW Airport)
+
== August Meeting ==
 +
'''When:''' Tuesday, August 16, 2016 - 5:30 PM
  
From Dallas: Take 183-West to 114-West (Toward Grapevine) Exit on Solana/Kirkwood Blvd Turn Left onto Kirkwood Blvd Turn Right onto Campus Circle (You will see the CoreLogic sign)
+
'''Topic: ''' OWASP Dallas August Social
  
From Fort Worth: Take I-35W North Take exit 70 toward Dallas/Bridgeport/Tx-114 Turn Right onto 114 East Exit on Solana Blvd Turn Right onto Kirkwood Blvd Turn Right onto Campus Circle (You will see the CoreLogic sign)
+
'''Who:''' Dallas OWASP Community
  
Link to Directions (Please Note: CoreLogic (formerly First American) is still listed on Google Maps and other applications as “First American”)
+
'''Where:'''  Braindead Brewing - 2625 Main St, Dallas, TX
  
<br> '''Parking:''' Upon arrival at Circle Drive, please pull into the Visitor Kiosk to your right where you will be issued a Visitor’s Parking Pass. Once parked, proceed to Building 5 for your Visitor Badge. The Southlake conference room is located in Building 4, Floor 1.
+
== July Meeting ==
 +
'''When:''' Tuesday, July 19, 2016 - 5:30 PM
  
'''Cost:''' Always Free
+
'''Topic: ''' Pen Testing with Powershell
  
'''Lunch:''' Bring your own lunch or purchase lunch at the Café in Building 7.  
+
'''Who:''' Rajganesh Pandurangan is a Lead Managing Consultant at US Bank and the creator of Web Application Exploitation Distro (http://www.waed.info)
  
'''RSVP:''' [mailto:[email protected] [email protected]] This will help expedite the check-in process. Thanks.
+
'''Where:''' 6011 Connection Drive, Irving, TX 75039, Dallas, TX - Goldman Sachs
  
<br> '''======================================================'''  
+
'''Materials''': [[Media:OWASP-pentest-with-powershell.pptx]]
  
<br> '''When:''' Tuesday, June 29, 2010 11:30 AM – 1:00 PM  
+
== June Meeting ==
 +
'''When:''' Tuesday, June 21, 2016 - 5:30 PM
  
'''Topic: ''' Protecting Your Applications from Backdoors: How to Security Your Business Critical Applications from Time Bombs, BAckdoors &amp; More
+
'''Topic: ''' Web App Testing Stats Compared to The OWASP Top 10
  
With the increasing practice of outsourcing and using 3rd party libraries, it is nearly impossible for an enterprise to identify the pedigree and security of the software running its business critical applications. As a result backdoors and malicious code are increasingly becoming the prevalent attack vector used by hackers. Whether you manage internal development activities, work with third party developers or are developing a COTS application for enterprise, your mandate is clear- safeguard your code and make applications security a priority for internal and external development teams. In this session we will cover; • Prevalence of backdoors and malicious code in third party attacks • Definitions and classifications of backdoors and their impact on your applications • Methods to identify, track and remediate these vulnerabilities
+
'''Who:''' Joel Scambray is a Principal at Cigital.
  
<br> '''Who:''' Clint Pollock, Senior Solutions Architect, Veracode
+
'''Where:''' 8000 Dominion Pkwy, Plano, TX - Capital One
  
Mr. Pollock is a Senior Solutions Architect at Veracode. Since 1997, he has also created security solutions for large-scale enterprise environments on behalf of CREDANT Technologies and Netegrity. In his current role, Clint helps globally distributed organizations evaluate, track, and mitigate their application security risk. Clint’s greatest strengths are his enthusiasm, experience and determination to help customers succeed in maintaining secure, compliant systems, and avoid the consequences and bad headlines that come with application security breaches. Clint resides in Chicago, IL.  
+
'''Materials''': [[Media:Cigital_Top10_DallasOWASP-062116.pdf]]
  
'''Where:''' University of Texas at Dallas Campus - School of Management (SOM), Executive Dining Room A, 800 W. Campbell Rd., Richardson, TX 75080
+
== May Meeting ==
 +
'''When:''' Tuesday, May 17, 2016 - 5:30 PM
  
'''Parking:''' Park in lot M. I will send a permit to those who have RSVP'd by Monday, June 29. Those who do not have the permit will need to stop at the Visitor Center on University Parkway to pick up a pass. Place the permit on the dash.
+
'''Topic: ''' Can we do better than Passwords?
  
'''Cost:''' Always Free
+
'''Who:''' Dr. Girish Chiruvolu, CISSP, CISM is Director, Information security and Risk Management at Thomson Reuters, Carrollton TX.
  
'''Lunch:''' Bring your own lunch or purchase lunch or come early and purchase lunch at one of the many fast-food restaurants located on the top floor of the Student Union. We are meeting in a differnt building than for previous meetings so be sure to check the on-line map for construction changes. http://www.utdallas.edu/maps/
+
'''Where:''' 6011 Connection Drive, Irving, TX 75039 - Goldman Sachs.  
  
'''RSVP:''' [mailto:OWASPDallas@utdallas.edu [email protected]] This will help expedite the check-in process. Thanks.
+
'''Materials''': [[Media:OWASP_May17th_Password-less-logins.pdf]]
  
<br> '''======================================================'''  
+
== April Meeting ==
 +
'''When:''' Tuesday, April 19, 2016 - 5:30 PM
  
'''When:''' Thursday, May 20, 2010 6:00 PM
+
'''Topic: ''' OWASP Happy Hour
  
'''Topic: ''' Spring 2010 Networking Event - Network With Your Peers
+
'''Who:''' OWASP Dallas Members
  
FREE EVENT!!! Your Dallas OWASP Chapter is pleased to host a networking event open to all those involved in OWASP. Our friends at Fortify Software are sponsoring this happy hour.
+
'''Where:''' Humperdinks NW Highway - 2208 W Northwest Hwy, Dallas, TX
  
• Mix and mingle with fellow OWASP chapter members • Bring your business cards and resume • Appetizers will be served, and drinks will be free • Enter to win prizes and great gifts (must be present to win)
+
== March Meeting ==
 +
'''When:''' Tuesday, March 15, 2016 - 5:30 PM
  
Dallas OWASP Website: http://www.owasp.org/index.php/Dallas
+
'''Topic: ''' Integrating Security into the Software/System Development Life Cycle (SDLC) Process—Myths and Facts
  
Don't miss the first Spring 2010 Networking event! We look forward to seeing you there!
+
'''Who:''' Rick Brunner is an Assistant Faculty member at Collin College and is an active member of Collin’s Cyber Security Advisory Board.
  
'''Where:''' Humperdink's at Loop 12 and NW HWY, 2208 W NW Hwy, Dallas, TX 75220, (214) 358-4159
+
'''Where:''' Epsilon - 6021 Connection Drive, Irving, TX.
  
'''Cost:''' Always Free
+
'''Materials''': [[Media:March_2016_OWASP_-_Secure_SDLC_Presentation_and_Related_Material.zip]]
  
'''RSVP:''' [mailto:[email protected] OWASPDallas@utdallas.edu]
+
== February Meeting ==
 +
'''When:''' Wednesday, February 17, 2016 - 5:30 PM
 +
 
 +
'''Topic: ''' DNS Attack Vectors
 +
 
 +
'''Who:''' John Devasia is a Senior Product Manager in the Cloud Security BU at Akamai Technologies.
  
'''======================================================'''  
+
'''Where:''' 6011 Connection Drive, Irving, TX 75039 - Goldman Sachs.
  
'''When:''' Thursday, March 4, 2010 11:30 AM – 1:00 PM  
+
== January Meeting ==
 +
'''When:''' Tuesday, January 19, 2016 - 5:30 PM
  
'''Topic: ''' Technology and Business Risk Management: How Application Security Fits In
+
'''Topic: ''' Bountiful Bugs and DRM Breakage
  
This presentation demonstrates how important application security is to the overall stability and security of the infrastructure and ultimately, the business. Presented from the Information Security Officer/Risk Manager point of view, it shows how a strong information security program reduces levels of reputational, operational, legal, and strategic risk by limiting vulnerabilities, increasing stability, and maintaining customer confidence and trust. It focuses on the top concerns of risk managers and how application security fits into the overall risk management process. The audience will be given recommendations on how to improve cost effectiveness and efficiency to achieve business, security, audit, and compliance objectives relative to applications.  
+
'''Who:'''  Dave Ferguson is a Solution Architect at Qualys and has been a specialist in Application Security since 2006.  
  
'''Who:''' Peter Perfetti, IMPACT Security LLC
+
'''Where:''' 6011 Connection Drive, Irving, TX 75039 - Goldman Sachs.
  
Mr. Perfetti has been working in information security for fifteen years. He has been involved in IT Security for the financial services industry for ten years where he has worked as an Information Security Officer as well as having been responsible for vulnerability and threat management, and security engineering. Mr. Perfetti worked for Viacom and MTV as the Manager of Systems Administration and was the Director of IT Risk Management for the National Basketball Association. He has a broad range of experience in both operations and security. Mr. Perfetti provided governance and guidance over risk and compliance issues for the Americas region of ABN AMRO as the Local Information Security Officer for New York. His responsibilities were primarily to manage the risk for infrastructure related technology and operations. Other duties included audit, business continuity, investigations, and security operations oversight. Most recently, he was head of IT Security &amp; Governance at Tygris Commercial Finance. He was formerly the VP of the NY/NJ Metro Chapter of OWASP and is currently a board member of the local chapter. He has served on the IT Security Advisory Board for the Technology Manager’s Forum. Mr. Perfetti’s accomplishments have been discussed in two books on achieving high-performing, stable, and secure infrastructure. Currently Mr. Perfetti operates IMPACT Security LLC, a private security contractor firm, that specializes in Incident &amp; Audit Response, Prevention, and Recovery; as well as developing, enhancing, and implementing Security and Risk Management programs.
+
== November Meeting ==
 +
'''When:''' Tuesday, November 17th, 2015 from 5:30 PM – ?:?? PM
  
'''Where:''' University of Texas at Dallas Campus - Galaxy Room C of the Student Union, 800 W. Campbell Rd., Richardson, TX 75080
+
'''Topic: ''' OWASP Dallas Happy Hour
  
'''Parking:''' Park in lot C. I will send a permit to those who have RSVP'd by Tuesday, March 2nd. Those who do not have the permit will need to stop at the Visitor Center on University Parkway to pick up a pass. Place the permit on the dash.
+
'''Where:''' Mexican Sugar at Shops at Legacy - 7501 Lone Star Drive, Suite 8150, Plano, TX
  
'''Cost:''' Always Free
+
== October Meeting ==
 +
'''When:''' Wednesday October 7th, 2015 from 11:30 AM – 1:00 PM
  
'''Lunch:''' Bring your own lunch or purchase lunch at one of the many fast-food restaurants located on the top floor of the Student Union.
+
'''Topic: ''' Anatomy of a Logic Flaw
  
'''RSVP:''' [mailto:[email protected] [email protected]] This will help expedite the check-in process. Thanks.  
+
'''Who:''' Charles Henderson is the Vice President of Managed Security Testing at Trustwave.  
  
<br> '''======================================================'''  
+
'''Where:''' 6011 Connection Drive, Irving, TX 75039.
  
<br> '''When:''' September 15, 2009, 11:30am - 1:30pm
+
== September Meeting ==
 +
'''When:''' Thursday September 17th, 2015 from 5:30PM – 6:30 PM
  
'''Topic: ''' Detective Work for Testers. Finding Workflow-based Defects.
+
'''Topic: ''' Application Security Trends
  
Workflow-based security defects in Web applications are especially difficult to identify because they evade traditional, point-and-scan vulnerability detection techniques. Understanding these potential defects and why black-box scanners typically miss them, are key to creating a testing strategy for successful detection and mitigation. Rafal Los describes the critical role that testers play in assessing application work flows and how business process-based testing techniques can uncover these flaws. Rafal demystifies the two main types of workflow-based application vulnerabilities-business process logic vulnerabilities and parameter-based vulnerabilities-and provides you with a sound basis to improve your testing strategies. Become a security testing sleuth and learn to find the workflow-based security defects before your system is compromised.
+
'''Who:'''  Stephen Pasco is a Vice President of Application Risk at Goldman Sachs
  
'''Who:''' Rafal Los, Sr. Web Security Specialist, HP Software
+
'''Where:''' 6011 Connection Drive, Irving, TX 75039.  
  
Senior Security Specialist with Hewlett-Packard’s Application Security Center (ASC), Rafal Los has more than thirteen years of experience in network and system design, security policy and process design, risk analysis, penetration testing, and consulting. For the past eight years, he has focused on information security and risk management, leading security architecture teams, and managing successful enterprise security programs for General Electric and other Fortune 100 companies, as well as SMB enterprises. Previously, Rafal spent three years in-house with GE Consumer Finance, leading its web application security programs.
+
== May Meeting ==
 +
'''When:''' Wednesday May 6, 2015 from 11:30 AM – 1:00 PM
  
'''Where:''' The First American Co, 1 First American Way, Westlake, TX 76262 (@15 min from DFW Airport)
+
'''Topic: ''' The Future of Mobile Payments: Secure Mobile Architecture
  
'''Parking:''' Upon arrival at Circle Drive, please pull into the Visitor Kiosk to your right where you will be issued a Visitor’s Parking Pass. Once parked, proceed to Building 5 for your Visitor Badge. See Map for Directions. [http://maps.google.com/maps?f=q&source=s_q&hl=en&geocode=&q=1+first+american+way,+westlake,+tx&sll=37.0625,-95.677068&sspn=48.641855,78.837891&ie=UTF8&mrt=rblall&ll=32.980777,-97.174437&spn=0.006336,0.009624&z=17&iwloc=A Link to Directions].  
+
'''Who:''' Denis M. Sheridan is a Managing Consultant at Cigital.
  
'''Cost:''' Always Free
+
'''Where:''' North Lake College Central Campus, 5001 North MacArthur Boulevard, Irving, Texas 75038, Room: A-215
  
'''Lunch:''' Bring your own lunch or purchase lunch at the Café in Building 7.
+
== October Meeting ==
 +
'''When:''' Wednesday October 1, 2014 from 11:30 AM – 1:00 PM
  
'''RSVP:''' [mailto:[email protected] [email protected]] This will help expedite the check-in process. Thanks.
+
'''Topic: '''Succeeding with Enterprise Software Security Key Performance Indicators
  
<br> '''======================================================'''  
+
'''Who:''' Rafal Los, Director, Office of the CISO
  
'''When:''' Dallas February 25, 2009 11:30am – 1:30pm
+
'''Where:''' Richland College, 12800 Abrams Road, Dallas, TX 75243, Room: Sabine Hall: SH117
  
'''Topic:''' Vulnerability Management in an Application Security World. Identifying application-level vulnerabilities via penetration tests and code reviews is only the first step in actually addressing the underlying risk. Managing vulnerabilities for applications is more challenging than dealing with traditional infrastructure-level vulnerabilities because they typically require the coordination of security teams with application development teams and require security managers to secure time from developers during already-cramped development and release schedules. In addition, fixes require changes to custom application code and application-specific business logic rather than the patches and configuration changes that are often sufficient to address infrastructure-level vulnerabilities. This presentation details many of the pitfalls organizations encounter while trying to manage application-level vulnerabilities as well as outlines strategies security teams can use for communicating with development teams. Similarities and differences between security teams’ practice of vulnerability management and development teams’ practice of defect management will be addressed in order to facilitate healthy communication between these groups.
+
== March Meeting ==
 +
'''When:''' Wednesday March 5, 2014 from 11:30 AM – 1:00 PM
  
'''Who:''' Dan Cornell, Principal, Denim Group Dan Cornell has over ten years of experience architecting, developing and securing web-based software systems. As a Principal of Denim Group, he leads the organization’s technology team overseeing methodology development and project execution for Denim Group’s customers. He also heads the Denim Group application security research team, investigating the application of secure coding and development techniques to the improvement of web based software development methodologies. He is also the primary author of sprajax, Denim Group’s open source tool for assessing the security of AJAX-enabled web applications.
+
'''Topic: ''' OWASP Dallas basic Python tutorial
  
'''Where:''' UTD Campus - Galaxy Room of the Student Union, Room SU 2.602 Doors open at 11:00 am.
+
'''Who:''' Matt Parsons, CISSP MSM
  
<br> Dallas OWASP Chapter: February 2009 Meeting
+
'''Where:''' Richland College, 12800 Abrams Road, Dallas, TX 75243, Room: Sabine Hall: SH117
  
Topic: "Vulnerability Management in an Application Security World."
+
== September Meeting ==
 +
'''When:''' Wednesday September 11, 2013 from 11:30 AM – 1:00 PM
  
Presenter: Dan Cornell, Principal, Denim Group
+
'''Topic: ''' PCI Mobile Payment Acceptance Security Guidelines for Developers
  
Date: February 25, 2009 11:30am – 1:30pm
+
'''Who:''' Ralph Spencer Poore, Director, Emerging Standards at PCI Security Standards Council
  
Location: UTD Campus - Galaxy Room of the Student Union, Room SU 2.602 Doors open at 11:00 am.
+
'''Where:''' Richland College, 12800 Abrams Road, Dallas, TX 75243, Room: Sabine Hall: SH117
  
Abstract:  
+
'''Slides''': [[Media:Dallas OWASP 9-11-2013.pdf]]
  
Identifying application-level vulnerabilities via penetration tests and code reviews is only the first step in actually addressing the underlying risk. Managing vulnerabilities for applications is more challenging than dealing with traditional infrastructure-level vulnerabilities because they typically require the coordination of security teams with application development teams and require security managers to secure time from developers during already-cramped development and release schedules. In addition, fixes require changes to custom application code and application-specific business logic rather than the patches and configuration changes that are often sufficient to address infrastructure-level vulnerabilities. This presentation details many of the pitfalls organizations encounter while trying to manage application-level vulnerabilities as well as outlines strategies security teams can use for communicating with development teams. Similarities and differences between security teams’ practice of vulnerability management and development teams’ practice of defect management will be addressed in order to facilitate healthy communication between these groups.
+
== May Meeting ==
 +
'''When:''' Wednesday May 8, 2013 from 11:30 AM – 1:00 PM
  
Presenter Bio:  
+
'''Topic: ''' Implementation Patterns for Software Security Programs
  
Dan Cornell has over ten years of experience architecting, developing and securing web-based software systems. As a Principal of Denim Group, he leads the organization’s technology team overseeing methodology development and project execution for Denim Group’s customers. He also heads the Denim Group application security research team, investigating the application of secure coding and development techniques to the improvement of web based software development methodologies. He is also the primary author of sprajax, Denim Group’s open source tool for assessing the security of AJAX-enabled web applications.
+
'''Who:''' Dan Cornell, Principal, Denim Group
  
[[Dallas OWASP Flyer.pdf]]
+
'''Where:''' Richland College, 12800 Abrams Road, Dallas, TX 75243, Room: Sabine Hall: SH117
  
==== Dallas OWASP Chapter Leaders  ====
+
[http://www.richlandcollege.edu/map/ Map]
  
'''The Dallas OWASP chapter leaders are:'''  
+
== February Meeting ==
 +
'''When:''' Wednesday February 6, 2013 from 11:30 AM – 1:00 PM
  
[mailto:[email protected] Gene McCormick]
+
'''Topic: ''' Using Webappsec Vulns to Break Censorship
  
[mailto:andrea.wendeln@gmail.com Andrea Wendeln]
+
'''Who:''' Robert Hansen, a.k.a. rsnake
  
[mailto:[email protected] Mynor Alvarado]
+
'''Where:''' Richland College, 12800 Abrams Road, Dallas, TX 75243, Room: Sabine Hall: SH117
  
[mailto:norm.smith75022@gmail.com Norm Smith]
+
[http://www.richlandcollege.edu/map/ Map]
  
[mailto:[email protected] Rik Jones]
 
  
 
  __NOTOC__
 
  __NOTOC__
<headertabs />
+
<headertabs></headertabs>
  
 
[[Category:Texas]]
 
[[Category:Texas]]

Latest revision as of 21:41, 29 October 2019

OWASP Dallas

Welcome to the Dallas chapter homepage. The chapter leaders are

Chapter Lead- Denis Sheridan

Board Member- Jeromme Lawler


Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

Btn donate SM.gif to this chapter or become a local chapter supporter. Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG


Get Connected and Stay Connected

In addition to our Mailing List we also have a Dallas OWASP Twitter Feed a Dallas OWASP Facebook Page and a Dallas OWASP Linkedin Group. We invite you to join or follow whichever groups suit you, get involved with your fellow Dallas OWASP Chapter members, and we'll keep them all up to date with the latest official news and announcements from the chapter leadership.

Click any of the links below to visit the corresponding Dallas OWASP social networking groups:

Join the list.png Follow-us-on-twitter.png Join-us-on-Facebook.jpg Linkedin-button.gif Meetup-button.png

Announcements

November Meeting

When: Wednesday, November 6, 2019 - 6:30 PM


Topic: CMD+CTRL Web Application Cyber Range


Want to test your skills in identifying web app vulnerabilities? Join the Dallas OWASP Chapter and Security Innovation as members compete in CMD+CTRL, a web application cyber range where players exploit their way through hundreds of vulnerabilities that lurk in business applications today. Success means learning quickly that attack and defense is all about thinking on your feet.


For each vulnerability you uncover, you are awarded points. Climb the interactive leaderboard for a chance to win fantastic prizes! CMD+CTRL is ideal for development teams to train and develop skills, but anyone involved in keeping your organization’s data secure can play - from developers and managers and even CISOs.


Prizes will be awarded for first, second, and third place finishes.


Who: Chad Holmes is a Product Marketing Manager for Security Innovation with a focus on educating customers on emerging Cyber Range technologies and how they can improve security education within organizations. Prior to joining Security Innovation Chad was a Penetration Tester, Product Manager, Security Program Manager and team lead at Cigital, Veracode and Red Hat.


Where: Toyota Motor North America, Inc. 6565 Headquarters Drive - Plano

Guests may park in the visitors parking area on Headquarters Dr. right outside main lobby in front of W1 and E1 buildings. Enter the main lobby to sign in. Meeting will be in the Corolla W1-0C-18 / Camry W1-0C-30 conference rooms.


IMPORTANT Meeting Notes:

This office is a gun-free zone. Please do not attempt to bring in any guns, holsters, ammo, etc. into their office space.

The meeting food & drinks will be sponsored by TBD.


Previous Meetings

October Meeting

When: Tuesday, October 22, 2019 - 6:00 PM

Topic: The Pulse of AppSec: 2019 Trends and Insights

Who: Phil Guraedy is a Technical Consultant with Micro Focus.

Where: Epsilon - 6021 Connection Drive - Irving, TX

September Meeting

When: Tuesday, September 17, 2019 - 6:00 PM

Topic: Bug Hunting - An adventure in free time

Who: Rich Mirch has been in IT for over 21 years; Rich is currently a member of the Red Team at State Farm.

Where: State Farm Insurance - 3661 N. Plano Rd. Suite 1000 - Richardson, TX - Map

July Meeting

When: Tuesday, July 23, 2019 - 6:00 PM

Topic: Cloud, the Hard Way

Who: Will Bengtson is the Director of Cloud Security, Distinguished Engineer at Capital One.

Where: Toyota Motor North America, Inc. - 6565 Headquarters Drive, Plano, TX

Media:Cloud_-_The_Hard_Way.pdf

June Meeting

When: Tuesday, June 25, 2019 - 6:00 PM

Topic: Anti-Phish Codes -- Addressing credential compromise that lead to Data breaches and Fraud

Who: Dr. Chiruvolu brings in more than two decades of expertise, insights on technology and cyber security in several market verticals such as Finance, Healthcare, Enterprise and Govt./Education.

Where: Capital Factory + The DEC - 3102 Oak Lawn Ave - Dallas, TX

Media:UberPasscodes-AntiPhishing2FA-PresArchive.pdf

May Meeting

When: Thursday, May 23, 2019 - 6:00 PM

Topic: Microservices: What Am I Securing Again?

Who: Travis Biehn is a Principal Consultant at Synopsys and consulting research lead for the Synopsys Cybersecurity Research Center. David Bohannon is a Senior Security Consultant at Synopsys.

Where: The Garage at Capital One - 8000 Dominion Pkwy - Plano, TX - Building with TC out front Media:Microservices_OWASP_Preso_Sanitized.pptx

March Meeting

When: Thursday, May 23, 2019 - 6:00 PM

Topic: Tineola: Taking a Bite Out of Enterprise Blockchain

Who: Stark Riedesel is a senior consultant at Synopsys with six years of security industry experience.

February Meeting

When: Tuesday, February 19, 2019 - 6:00 PM

Topic: Threat-modeling legacy Cloud Applications

Who: Kevin Nassery is a Senior Principal Consultant at Synopsys where he leads the Software Security Initiatives (SSI) practice

Where: Epsilon - 6021 Connection Drive - Irving, TX

Media:Owasp-dallas.pptx

January Meeting

When: Tuesday, January 15, 2019 - 6:00 PM

Topic: Container and Container-Aware Security

Who:

Travis Stanfield, Senior Director of Software Engineering at Capital One

Liam Randall, President and Co-Founder of Critical Stack

Where: Capital One - 8000 Dominion Pkwy - Plano, TX

Media:OWASP_dallas_Jan_2019.zip

November Meeting

When: Tuesday, November 13, 2018 - 6:00 PM

Topic: Securing Containers on the High Seas

Who: Jack Mannino is the CEO of nVisium.

Where: Capital One - 8000 Dominion Pkwy - Plano, TX

September Meeting

When: Tuesday, September 18, 2018 - 6:00 PM

Topic: Security Shift Left! Enable, Protect, and Execute.

Who: Teddi Poehls, currently working as a Senior Sales Engineer for Signal Sciences

Where: Epsilon - 6021 Connection Drive, Irving, TX

August Meeting

When: Tuesday, August 21, 2018 - 6:00 PM

Topic: Tangled Web

Who: Herb has worked for State Farm for over 26 years. He is currently a member of the Security Analytics/Threat hunting team.

Where: State Farm Insurance - 3661 N. Plano Rd. Suite 1000, Richardson, TX

July Meeting

When: Tuesday, July 17, 2018 - 6:00 PM

Topic: Interactive Capture the Flag (CTF) Introduction

Who: Gabriel Lawrence is the General Manager of Cyber-Protection at Toyota

Where: Toyota Motor North America, Inc. - 6565 Headquarters Drive, Plano, TX

June Meeting

When: Tuesday, June 19, 2018 - 6:00 PM

Topic: Cloud Jacking

Who: Bryan McAninch is a cybersecurity professional with over twenty years experience in various disciplines including digital forensics, penetration testing, and security architecture.

Where: Toyota Motor North America, Inc. - 6565 Headquarters Drive, Plano, TX

April Meeting

When: Tuesday, April 17, 2018 - 6:00 PM

Topic: Viewing the Nodes in the Noise: Leveraging Data Science to Discover Persistent Threats

Who: David Evenden is an experienced offensive security operator/analyst with over 10 years of active work experience inside the Intelligence Community (IC).

Where: Allstate - 8711 N. Freeport Parkway - Irving, TX

March Meeting

When: Tuesday, March 20, 2018 - 6:00 PM

Topic: DevSecOps Unplugged

Who: Vishal Asthana, CISSP has been with Security Compass for over 4 years

Where: Akamai - 15950 Dallas Parkway - Dallas, TX

February Meeting

When: Tuesday, February 20, 2018 - 6:00 PM

Topic: Bugs in the Blockchain and “Contractual” Vulnerability

Who: Stark Riedesel is a software security consultant working for Synopsys here in the Dallas area.

Where: Alliance Data Systems - 7500 Dallas Parkway 7th Floor, Plano, TX

Materials: Media:Bugs_in_the_Blockchain.pptx

January Meeting

When: Tuesday, January 16, 2018 - 6:00 PM

Topic: OWASP Top 10 2017

Who: Andrew van der Stock is a Senior Principal Consultant with Synopsys.

Where: Toyota Motor North America, Inc. - 6565 Headquarters Drive · Plano

October Meeting

When: Tuesday, October 10, 2017 - 6:00 PM

Topic: Application Security in the DevOps World

Who: Apoorva Phadke is a Senior Security Consultant at Synopsys.

Where: Akamai - 15950 Dallas Parkway, Dallas, TX

September Meeting

When: Wednesday, September 13, 2017 - 6:00 PM

Topic: Automate All The Things

Who: Matt Konda, CEO of Jemurai. Jemurai is a consulting firm specializing in application security.

Where: Epsilon - 6021 Connection Drive, Irving, TX

August Meeting

When: Wednesday, August 15, 2017 - 6:00 PM

Topic: Making Vulnerability Management Less Painful with OWASP DefectDojo

Who: Greg Anderson is a security professional and creator of DefectDojo

Where: Intuit

Materials: https://docs.google.com/presentation/d/1DnV-e6TWoH0YexZJpPQeRTD0eeHwWpmsSu-MRjMczwQ/edit?usp=sharing

July Meeting

When: Wednesday, July 19, 2017 - 6:00 PM

Topic: IoT Security Landscape: Survey & Analysis

Who: Mark Szewczul, CISSP, is an IoT Security Architect at Zimperium

Where: Goldman Sachs - 6011 Connection Drive, Irving, TX 75039, Dallas, TX

June Meeting

When: Tuesday, June 20, 2017 - 6:00 PM

Topic: From Hot Rodding to Hacking, Securing the Modern Automobile

Who: Art Dahnert is a Managing Consultant who has over 19 years of experience in the software industry with over 8 years Application Security experience.

Where: Toyota - 5360 Legacy Drive, Building 1, 2nd Floor, Plano, TX

Materials: media:Hot_Rodding_and_Hacking_v3.pdf

May Meeting

When: Tuesday, May 16, 2017 - 6:00 PM

Topic: OWASP Dallas Social

Who: OWASP Dallas

Where: Dots Hop House & Cocktail Courtyard - 2645 Commerce Street , Dallas, TX (map)

April Meeting

When: Monday, April 17, 2017 - 6:00 PM

Topic: AWS Security: Staying on Top of the Cloud

Who: Kurtis Miller is a Principal Security Consultant for NCC Group, North America.

Where: Goldman Sachs - 6011 Connection Drive, Irving, TX 75039, Dallas, TX

Materials: media:AWS_Security_-_Staying_on_Top_of_the_Cloud.pdf

March Meeting

When: Tuesday, March 21, 2017 - 6:00 PM

Topic: Secrets Revealed: How Your Competitors are Scaling Application Security

Who: Nishchal Bhalla, is a noted expert, speaker and a published author who has been in the information security field for two decades.

Where: Intuit, Inc. - 5601 Headquarters Dr, Plano, TX

Materials: media:2017.03_OWASP_Dallas_Presentation_v5.pdf (More Info)

February Meeting

When: Tuesday, February 21, 2017 - 6:00 PM

Topic: Secure Architecture In The Land of Microservices

Who: Jack is the CEO at nVisium and focuses on building solutions to make security and education scale in fast-paced software development organizations.

Where: 8000 Dominion Pkwy, Plano, TX - Capital One

Materials: Media:Microservice_Security.pdf

January Meeting

When: January 17 - 6:00 PM

Topic: Helping Developers Embrace Security with OWASP Tools

Who: Joseph Konieczka is a Lead Technology Solutions Specialist on the Remedy on Demand infrastructure team at BMC Software.

Where: 6011 Connection Drive, Irving, TX 75039, Dallas, TX - Goldman Sachs

November Meeting

When: Tuesday, November 8, 2016 - 5:30 PM

Topic: Privacy Preserving Big Data Analytics

Who: Hassan Takabi is Assistant Professor of Computer Science and Engineering at the University of North Texas, Denton, TX, USA.

Where: Epsilon - 6021 Connection Drive, Irving, TX

October Meeting

When: Monday, October 17, 2016 - 5:30 PM

Topic: NoSQL: "No Injections" or "No Security"?

Who: Stark Riedesel is a Security Consultant for Cigital, an industry leader in application security.

Where: Akamai - 15950 Dallas Parkway, Dallas, TX

September Meeting

When: Monday, September 19, 2016 - 5:30 PM

Topic: Web Attacker’s Toolkit: An in depth analysis of RFI in the wild

Who: Tony Lauro is a Lead Sr. Enterprise Security Architect for Akamai's Web Security division.

Where: Akamai - 15950 Dallas Parkway, Dallas, TX

August Meeting

When: Tuesday, August 16, 2016 - 5:30 PM

Topic: OWASP Dallas August Social

Who: Dallas OWASP Community

Where: Braindead Brewing - 2625 Main St, Dallas, TX

July Meeting

When: Tuesday, July 19, 2016 - 5:30 PM

Topic: Pen Testing with Powershell

Who: Rajganesh Pandurangan is a Lead Managing Consultant at US Bank and the creator of Web Application Exploitation Distro (http://www.waed.info)

Where: 6011 Connection Drive, Irving, TX 75039, Dallas, TX - Goldman Sachs

Materials: Media:OWASP-pentest-with-powershell.pptx

June Meeting

When: Tuesday, June 21, 2016 - 5:30 PM

Topic: Web App Testing Stats Compared to The OWASP Top 10

Who: Joel Scambray is a Principal at Cigital.

Where: 8000 Dominion Pkwy, Plano, TX - Capital One

Materials: Media:Cigital_Top10_DallasOWASP-062116.pdf

May Meeting

When: Tuesday, May 17, 2016 - 5:30 PM

Topic: Can we do better than Passwords?

Who: Dr. Girish Chiruvolu, CISSP, CISM is Director, Information security and Risk Management at Thomson Reuters, Carrollton TX.

Where: 6011 Connection Drive, Irving, TX 75039 - Goldman Sachs.

Materials: Media:OWASP_May17th_Password-less-logins.pdf

April Meeting

When: Tuesday, April 19, 2016 - 5:30 PM

Topic: OWASP Happy Hour

Who: OWASP Dallas Members

Where: Humperdinks NW Highway - 2208 W Northwest Hwy, Dallas, TX

March Meeting

When: Tuesday, March 15, 2016 - 5:30 PM

Topic: Integrating Security into the Software/System Development Life Cycle (SDLC) Process—Myths and Facts

Who: Rick Brunner is an Assistant Faculty member at Collin College and is an active member of Collin’s Cyber Security Advisory Board.

Where: Epsilon - 6021 Connection Drive, Irving, TX.

Materials: Media:March_2016_OWASP_-_Secure_SDLC_Presentation_and_Related_Material.zip

February Meeting

When: Wednesday, February 17, 2016 - 5:30 PM

Topic: DNS Attack Vectors

Who: John Devasia is a Senior Product Manager in the Cloud Security BU at Akamai Technologies.

Where: 6011 Connection Drive, Irving, TX 75039 - Goldman Sachs.

January Meeting

When: Tuesday, January 19, 2016 - 5:30 PM

Topic: Bountiful Bugs and DRM Breakage

Who: Dave Ferguson is a Solution Architect at Qualys and has been a specialist in Application Security since 2006.

Where: 6011 Connection Drive, Irving, TX 75039 - Goldman Sachs.

November Meeting

When: Tuesday, November 17th, 2015 from 5:30 PM – ?:?? PM

Topic: OWASP Dallas Happy Hour

Where: Mexican Sugar at Shops at Legacy - 7501 Lone Star Drive, Suite 8150, Plano, TX

October Meeting

When: Wednesday October 7th, 2015 from 11:30 AM – 1:00 PM

Topic: Anatomy of a Logic Flaw

Who: Charles Henderson is the Vice President of Managed Security Testing at Trustwave.

Where: 6011 Connection Drive, Irving, TX 75039.

September Meeting

When: Thursday September 17th, 2015 from 5:30PM – 6:30 PM

Topic: Application Security Trends

Who: Stephen Pasco is a Vice President of Application Risk at Goldman Sachs

Where: 6011 Connection Drive, Irving, TX 75039.

May Meeting

When: Wednesday May 6, 2015 from 11:30 AM – 1:00 PM

Topic: The Future of Mobile Payments: Secure Mobile Architecture

Who: Denis M. Sheridan is a Managing Consultant at Cigital.

Where: North Lake College Central Campus, 5001 North MacArthur Boulevard, Irving, Texas 75038, Room: A-215

October Meeting

When: Wednesday October 1, 2014 from 11:30 AM – 1:00 PM

Topic: Succeeding with Enterprise Software Security Key Performance Indicators

Who: Rafal Los, Director, Office of the CISO

Where: Richland College, 12800 Abrams Road, Dallas, TX 75243, Room: Sabine Hall: SH117

March Meeting

When: Wednesday March 5, 2014 from 11:30 AM – 1:00 PM

Topic: OWASP Dallas basic Python tutorial

Who: Matt Parsons, CISSP MSM

Where: Richland College, 12800 Abrams Road, Dallas, TX 75243, Room: Sabine Hall: SH117

September Meeting

When: Wednesday September 11, 2013 from 11:30 AM – 1:00 PM

Topic: PCI Mobile Payment Acceptance Security Guidelines for Developers

Who: Ralph Spencer Poore, Director, Emerging Standards at PCI Security Standards Council

Where: Richland College, 12800 Abrams Road, Dallas, TX 75243, Room: Sabine Hall: SH117

Slides: Media:Dallas OWASP 9-11-2013.pdf

May Meeting

When: Wednesday May 8, 2013 from 11:30 AM – 1:00 PM

Topic: Implementation Patterns for Software Security Programs

Who: Dan Cornell, Principal, Denim Group

Where: Richland College, 12800 Abrams Road, Dallas, TX 75243, Room: Sabine Hall: SH117

Map

February Meeting

When: Wednesday February 6, 2013 from 11:30 AM – 1:00 PM

Topic: Using Webappsec Vulns to Break Censorship

Who: Robert Hansen, a.k.a. rsnake

Where: Richland College, 12800 Abrams Road, Dallas, TX 75243, Room: Sabine Hall: SH117

Map


Retrieved from "https://wiki.owasp.org/index.php?title=Dallas&oldid=255809"