|
|
(281 intermediate revisions by 11 users not shown) |
Line 1: |
Line 1: |
− | {{Chapter Template|chaptername=Boulder|extra=The chapter leader is [mailto:owasp@justplainpix.com Andy Lewis]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-boulder|emailarchives=http://lists.owasp.org/pipermail/owasp-boulder}} | + | ===Special Thanks=== |
| + | The continued sponsorship of Aerstone, Applied Trust, and Coalfire keep the chapter running strong. Thank you. |
| + | {| cellpadding="15" |
| + | |- |
| + | | [[Image:BoulderSponsorAerstone.png | 120px | link=https://aerstone.com | alt=Aerstone | Aerstone]] |
| + | | [[Image:AppliedTrust.png | 120px | link=http://www.appliedtrust.com | alt=Applied Trust | Applied Trust]] |
| + | | [[Image:Coalfire.png | 120px | link=http://www.coalfire.com/ | alt=Coalfire | Coalfire]] |
| + | |} |
| | | |
− | == September Meeting == | + | __NOTOC__ |
− | '''First Boulder OWASP Meeting to be held September 20th, 2007'''
| + | <font size="2"> |
| + | =About= |
| + | {{:Boulder/About}} |
| | | |
− | Site: Corporate Express US Headquarters
| + | =Upcoming Events= |
| + | {{:Boulder/Events-Upcoming}} |
| | | |
− | 1 Environmental Way
| + | =Past Events= |
| + | {{:Boulder/Events-Past}} |
| | | |
− | Broomfield, CO 80021 (303) 664-2000
| + | =Chapter Projects= |
| + | {{:Boulder/Projects}} |
| | | |
− | Time: Dinner and beverages will be available starting at 6 PM. Presentation will start at 6:30.
| + | =Chapter Support= |
| + | {{:Boulder/Support}} |
| | | |
− | Speaker: Jeremiah Grossman.
| + | </font> |
| + | <headertabs /> |
| | | |
− | Topic: Top 10 Web Attack Techniques, their Potential Impact, and Strategies to Protect Your Company
| |
| | | |
− | To date, information security has been focused mainly on vulnerabilities at the network and software (OS, web server, etc.) levels. However, a new battleground is quickly developing that poses an even greater threat to companies’ brands/reputations and data. As companies drive more and more business processes to the web, vulnerabilities in their custom Web applications have become the new target for a new class of hackers. And the payoff is now financial gain, not personal notoriety.
| + | == Upcoming Events == |
| | | |
− | Jeremiah Grossman will:
| + | '''Thursday Evenings: ''' We typically (but not always) hold our chapter meetings on the third Thursday of the month. We meet in Lafayette, CO, just outside of Boulder. Newcomers are always welcome! Meeting details can be found on our [http://www.meetup.com/OWASP-Boulder/ MeetUp.com] site. Please RSVP on that site as seating can fill up quickly. |
− | – Reveal the top 10 attacks of 2006 by creativity and scope
| |
− | – Predict what these attacks mean for website vulnerability management in 2007
| |
− | – Present strategies to protect your corporate websites
| |
| | | |
− | Bio: Jeremiah Grossman is the founder and CTO of WhiteHat Security, considered a world-renowned expert in Web security, co-founder of the Web Application Security Consortium, and recently named to InfoWorld's Top 25 CTOs for 2007. Mr. Grossman is a frequent speaker at industry events including the BlackHat Briefings, RSA, ISACA, CSI, OWASP, Vanguard, ISSA, Defcon, and a number of large universities. He has authored dozens of articles and white papers; is credited with the discovery of many cutting-edge attack and defensive techniques; and is a co-author of XSS Attacks. Mr. Grossman is frequently quoted in major media publications such as InfoWorld, USA Today, PCWorld, Dark Reading, SC Magazine, SecurityFocus, Cnet, SC Magazine, CSO, and InformationWeek. Prior to WhiteHat he was an information security officer at Yahoo!
| + | <br><br> |
| | | |
− | | + | [[Category:OWASP Chapter]] |
− | == Local News ==
| + | [[Category:United_States]] |
− | | + | [[Category:Colorado]] |
− | '''Boulder OWASP News - July 26th, 2007'''
| |
− | Al B., Lance R., and Andy L. are getting speakers, places, and sponsors lined up for Sep-Nov. The gameplan is to have meetings on the 3rd Thursday of each month HOWEVER the FIRST meeting's timing is being scheduled around a very special speaker (hint: what's the opposite of Black Hat?). The goal is very simple: understand how one of the OWASP Top 10 is a REAL PROBLEM and (more importantly) '''understand how to CODE BETTER and/or TEST BETTER'''.
| |
− | | |
− | Still need a place that can seat 30+ for the first meeting the 3rd or 4th week of Sept.
| |
− | Still need a sponsor for dinner.
| |
− | | |
− | Likely schedule:
| |
− | | |
− | 6-6:30 eat, socialize
| |
− | 6:30-6:35 chapter business
| |
− | 6:35 - introduce speaker
| |
− | | |
− | Each speaker will be encouraged to cover:
| |
− | - demonstration of the threat ( "look! I got EVERYONE'S credit card #!")
| |
− | - overview/sample of vulnerable code, preferably in PHP, Java, or .Net env.
| |
− | - some details regarding how to correct the code
| |
− | - some thoughts as to how to test for the problem and/or "immunize" against it during a typical SDLC
| |
− | - additional tools and references
| |
− | 7:35'ish - Q & A
| |
− | after Q & A - adjourn to less formal environment
| |
− | | |
− | Thanks!
| |
− | Andy
| |
− | | |
− | PS if you're going to Blackhat/DefCon be sure to catch David Byrne's presentation regarding anti-DNS pinning!
| |
− | | |
− | '''Boulder OWASP News - June 21st, 2007'''
| |
− | While we're getting our act together with the Boulder Chapter I encourage you to attend tonight's Denver OWASP meeting.
| |
− | | |
− | http://www.owasp.org/index.php/Denver
| |
− | | |
− | At this time Boulder OWASP is looking for help with the following:
| |
− | | |
− | 1. Meeting place
| |
− | | |
− | 2. Corporate sponsor(s)
| |
− | | |
− | 3. Topics of interest.
| |
− | | |
− | | |
− | Thanks!
| |
− | Andy
| |
− | | |
− | '''OWASP Moves to MediaWiki Portal - 11:36, 20 May 2006 (EDT)'''
| |
− | | |
− | OWASP is pleased to announce the arrival of OWASP 2.0!
| |
− | | |
− | OWASP 2.0 utilizes the MediaWiki portal to manage and provide
| |
− | the latest OWASP related information. Enjoy!
| |