|
|
| (207 intermediate revisions by 8 users not shown) |
| Line 1: |
Line 1: |
| − | __NOTOC__ | + | __NOTOC__ {{Chapter Template|chaptername=Minneapolis-St. Paul (OWASP MSP)|extra=The chapter leadership [mailto:alex.bauert@owasp.org Alex Bauert].<br> |
| − | {{Chapter Template|chaptername=Minneapolis-St. Paul (OWASP MSP)|extra=The chapter leader is [mailto:adam.baso@owasp.org Adam Baso].<br><br>The OWASP Minneapolis-St. Paul (OWASP MSP) chapter held '''[[OWASP Minneapolis St Paul 2009_Conference | an afternoon of information security presentations on August 24, 2009]]''' at the [http://www1.umn.edu/twincities/maps/StCen/StCen-map.html St. Paul Student Center] [http://www.spsc.umn.edu/about/directory/lower.php Auditorium/Theater] on the [http://www1.umn.edu/twincities/index.php University of Minnesota - Twin Cities] campus. '''Audio, video, and slides to be posted soon.'''<br><br>'''Up Next:''' Monday, September 21, 2009 - Ryan Barnett: The Web Hacking Incident Database (WHID) - 2009 Analysis (room opens at 5:30 PM Central Time, speaker at 6:30 PM Central Time, meeting location TBD)<br><br>|mailinglistsite=https://lists.owasp.org/mailman/listinfo/owasp-twincities|emailarchives=https://lists.owasp.org/pipermail/owasp-twincities}} | |
| | | | |
| | + | We use [http://www.meetup.com/OWASP-MSP-Meetup/?scroll=true Meetup.com] for announcements and sometimes, depending on the event [https://www.eventbrite.com Eventbrite.com] for RSVP's to organize events and meetings. |
| | | | |
| − | == Sponsorship/Membership == | + | |mailinglistsite=https://lists.owasp.org/mailman/listinfo/owasp-twincities|emailarchives=https://lists.owasp.org/pipermail/owasp-twincities}} |
| − | <paypal>Minneapolis St Paul</paypal> | + | <br><br> |
| | | | |
| − | Or consider the value of [http://www.owasp.org/index.php/Membership Individual, Organization, or Accredited University Supporter membership].
| + | == Corporate Sponsors == |
| | + | <!-- |
| | + | <table border="0"> |
| | + | <tr><td> |
| | + | <div style="background:#FFFFFF;padding:10px;width:340px;"> [[Image:Advance it minnesota logo.png|120px|link=http://advanceitmn.org]] </div> |
| | + | </td> |
| | + | <td> |
| | + | <div style="background:#FFFFFF;padding:10px; width:290px"> [[Image:Best Buy logo.jpg|link=http://www.bestbuy.com/]]</div> |
| | + | </td> |
| | + | --> |
| | + | <table border="0"> |
| | + | <tr> |
| | + | <td> |
| | + | <div style="background:#FFFFFF;padding:10px; width:290px"> FICO</div> |
| | + | </td> |
| | + | </tr> |
| | + | <table> |
| | + | <br> |
| | | | |
| | + | = Upcoming Meetings and Events = |
| | + | == OWASP-MSP Upcoming Chapter Meeting == |
| | | | |
| − | == Platinum Sponsors == | + | '''When:''' Reference [http://www.meetup.com/OWASP-MSP-Meetup/?scroll=true Meetup.com] for announcements. |
| | + | <!-- |
| | + | '''Where:''' |
| | + | Ewald Conference Center |
| | + | 1000 Westgate Drive #252 |
| | + | St. Paul, MN |
| | | | |
| − | [[Image:Best_Buy_logo.jpg|link=http://www.bestbuy.com/]] [[Image:Center_for_strategic_it_n_security.png|60px|link=http://www.strategicit.org/]] [[Image:Integral_logo.png|90px|link=http://www.go-integral.net/]]
| + | '''Presentation:''' Red Team |
| | | | |
| | + | '''Presenter:''' Ryan Manship |
| | + | --> |
| | + | <!-- |
| | + | '''Not sure if you are a current member?''' [https://docs.google.com/spreadsheets/d/142z7ByBQYMrszB1CGD30UC_XHpVX6zwvrkOgse5VO1Y/edit?usp=sharing Member Directory] |
| | + | --> |
| | + | <!-- |
| | + | '''REGISTRATION LINK:''' [https://www.eventbrite.com/e/owasp-msp-september-2016-chapter-meeting-tickets-27533084196 Eventbrite Signup Link for Event] |
| | + | --> |
| | + | <!-- |
| | + | == OWASP-MSP Upcoming Chapter meeting == |
| | | | |
| − | The OWASP MSP chapter is very thankful for
| |
| | | | |
| − | * generous financial support from [[Membership#Categories_of_Membership_.26_Supporters|Organization Supporter]] and Local Chapter Supporter '''[http://www.bestbuy.com/ Best Buy]'''.
| + | '''When:''' Wednesday, May 11th @ 6:00 - 8:00 PM |
| − | * reliable monthly meeting locations from Local Chapter Supporter '''[http://www.strategicit.org Center for Strategic Information Technology and Security (MnSCU)]'''.
| |
| − | * sustained booth sponsorship, monthly meeting sponsorship, and more from Local Chapter Supporter '''[http://www.go-integral.net/ Integral]'''.
| |
| | | | |
| | + | '''Title:''' Evil Twin Attack with Wifiphisher |
| | | | |
| − | == Meetings and More ==
| + | This presentation will revolve around Wifiphisher, a security tool which automates the process of Evil Twin attack in order to mount fast phishing attacks against Wi-Fi networks. It is an open-source software that is heavily used by the wireless hacking community and comes with |
| | + | its community-built templates for different phishing scenarios. |
| | | | |
| − | ==== Upcoming Meetings and Events ====
| |
| | | | |
| − | === Monday, September 21, 2009 - Ryan Barnett<br/>The Web Hacking Incident Database (WHID) - 2009 Analysis ===
| + | Common defenses for reducing the associated risk will also be discussed, including Wireless Intrusion Detection & Prevention Systems, 802.1X Port Access Control for robust mutual authentication and security awareness |
| | + | training. |
| | | | |
| − | '''Room opens at 5:30 PM Central Time, speaker at 6:30 PM Central Time, meeting location TBD''' | + | '''Speaker:''' George Chatzisofroniou (@_sophron) is a security engineer at CENSUS S.A. His research interests include cryptography, Wi-Fi hacking, network security and web security. He is the lead developer of the popular open-source wireless hacking tool "Wifiphisher". |
| | | | |
| − | ''' Preview''' | + | '''Location:''' Best Buy - Headquarters 7601 Penn Ave S, Richfield, MN (Use the Visitor parking off Penn and the Visitor Entrance) |
| | | | |
| − | The [http://www.webappsec.org/projects/whid/ Web Hacking Incident Database (WHID)] (MSNBC news segment with WHID splash [http://www.msnbc.msn.com/id/3032619/ns/nightly_news_with_brian_williams-nightly_news_with_brian_williams/#32467751 here]) is a [http://www.webappsec.org/ Web Application Security Consortium] project dedicated to maintaining a list of web application related security incidents. WHID's goal is to serve as a tool for raising awareness of the web application security problem and provide information for statistical analysis of web application security incidents. The database is unique in tracking only media reported security incidents that can be associated with a web application security vulnerability. This presentation will highlight the statistics gathered from January 2009 - August 2009 and provide insight into categories such as: 1) Top Attack Methods, 2) Top Compromise Outcomes, 3) Top Target Geographic Region, and 4) Top Vertical Markets Hit. The presenter will also provide some in depth analysis for emerging threats/attack techniques such as planting of malware on websites and reflected cross-site scripting through SQL injection.
| + | '''RSVP:''' |
| | | | |
| − | ''' Speaker Bio'''
| + | at Eventbrite [http://bit.ly/1TaCKb8] |
| | | | |
| − | Ryan Barnett is the Director of Application Security Research at [http://www.breach.com/ Breach Security] where he leads [http://www.breach.com/resources/breach-security-labs/index.html Breach Security Labs]. He is a Member of the Web Application Security Consortium (WASC) where he leads the [http://projects.webappsec.org/Distributed-Open-Proxy-Honeypots Distributed Open Proxy Honeypot Project]. He is also the leader of the OWASP ModSecurity Core Rule Set (CRS) Project ([[:Category:OWASP ModSecurity Core Rule Set Project]]) which provides web application firewall rules to the public. Mr. Barnett is a frequent speaker at industry conferences such as [http://www.blackhat.com/ Black Hat] and he has also authored a web security book for Pearson Publishing titled [http://www.pearsonhighered.com/educator/product/Preventing-Web-Attacks-with-Apache/9780321321282.page Preventing Web Attacks with Apache].
| + | '''Agenda:''' <br/> |
| | + | 5:30 PM Room opens for networking and CPE signup<br/> |
| | + | 6:00 PM Welcome: OWASP chapter update and Chapter Presentation<br/> |
| | + | 7:45 PM Wrap-up<br/> |
| | + | --> |
| | + | <!-- Thank You OWASP Chapter Budget for sponsoring our meeting location. --> |
| | | | |
| − | === Stay Updated ===
| + | <!-- '''Follow''' OWASP MSP on your favorite social media sites: |
| | | | |
| − | '''[https://lists.owasp.org/mailman/listinfo/owasp-twincities Click here to join the local chapter mailing list]'''
| |
| − |
| |
| − | '''Follow''' OWASP MSP on your favorite social media sites:
| |
| | | | |
| | [[Image:Linkedin_mini.png|link=http://www.linkedin.com/groupInvitation?groupID=2184116]] | | [[Image:Linkedin_mini.png|link=http://www.linkedin.com/groupInvitation?groupID=2184116]] |
| − | [[Image:Twitter_mini.png|link=http://twitter.com/owaspmsp]] [[Image:Facebook_mini.png|link=http://www.facebook.com/pages/OWASP-Minneapolis-St-Paul-OWASP-MSP-OWASPMSP/113583361381]] [[Image:Digg_mini.png|link=http://digg.com/users/owaspmsp]] [[Image:Delicious_mini.png|link=http://delicious.com/owaspmsp]] [[Image:Reddit_mini.png|link=http://www.reddit.com/user/owaspmsp]] [[Image:Myspace_mini.png|link=http://www.myspace.com/owaspmsp]] | + | [[Image:Twitter_mini.png|link=http://twitter.com/owaspmsp]] [[Image:Facebook_mini.png|link=http://www.facebook.com/pages/OWASP-Minneapolis-St-Paul-OWASP-MSP-OWASPMSP/113583361381]] |
| | | | |
| | + | <br> --> |
| | | | |
| − | '''Share''' OWASP MSP on your favorite social media sites:
| |
| | | | |
| − | [[Image:Linkedin_mini.png|link=http://www.linkedin.com/shareArticle?mini=true&url=http%3A%2F%2Fwww.owasp.org%2Findex.php%2FMinneapolis_St_Paul&title=OWASP%20Minneapolis-St.%20Paul%20(OWASP%20MSP)%20Home%20Page&summary=Official%20OWASP%20Minneapolis-St.%20Paul%20(OWASP%20MSP)%20home%20page.%20Video%2C%20audio%2C%20slides%2C%20and%20other%20information%20on%20previous%20and%20upcoming%20chapter%20meetings%2C%20events%2C%20and%20conferences.&source=OWASPMSP]]
| |
| − | [[Image:Twitter_mini.png|link=http://twitter.com/home?status=Checking%20out%20OWASP%20MSP%20at%20http%3A%2F%2Fwww.owasp.org%2Findex.php%2FMinneapolis_St_Paul.]] [[Image:Facebook_mini.png|link=http://www.facebook.com/sharer.php?u=http%3A%2F%2Fwww.owasp.org%2Findex.php%2FMinneapolis_St_Paul&t=OWASP%20Minneapolis-St.%20Paul%20(OWASP%20MSP)%20Home%20Page]] [[Image:Digg_mini.png|link=http://digg.com/submit?phase=2&url=http%3A%2F%2Fwww.owasp.org%2Findex.php%2FMinneapolis_St_Paul&title=OWASP%20Minneapolis-St.%20Paul%20(OWASP%20MSP)%20Home%20Page&bodytext=Official%20OWASP%20Minneapolis-St.%20Paul%20(OWASP%20MSP)%20home%20page.%20Video%2C%20audio%2C%20slides%2C%20and%20other%20information%20on%20previous%20and%20upcoming%20chapter%20meetings%2C%20events%2C%20and%20conferences.]] [[Image:Delicious_mini.png|link=http://del.icio.us/post?url=http%3A%2F%2Fwww.owasp.org%2Findex.php%2FMinneapolis_St_Paul&title=OWASP%20Minneapolis-St.%20Paul%20(OWASP%20MSP)%20Home%20Page]] [[Image:Reddit_mini.png|link=http://reddit.com/submit?url=http%3A%2F%2Fwww.owasp.org%2Findex.php%2FMinneapolis_St_Paul&title=OWASP%20Minneapolis-St.%20Paul%20(OWASP%20MSP)%20Home%20Page]] [[Image:Myspace_mini.png|link=http://www.myspace.com/Modules/PostTo/Pages/?l=1&u=http%3A%2F%2Fwww.owasp.org%2Findex.php%2FMinneapolis_St_Paul&t=OWASP%20Minneapolis-St.%20Paul%20(OWASP%20MSP)%20Home%20Page]]
| |
| | | | |
| − | === Secure360 === | + | <!-- = Media and Documents = --> |
| − | [http://www.secure360.org/ Secure360] is an annual | + | <!-- |
| − | conference providing high quality educational sessions and networking
| + | Videos of past meetings are available at the [[OWASPMSP Videos]] node, the [http://vimeo.com/channels/owaspmsp OWASP MSP Vimeo Channel], and [http://vimeo.com/owasp http://vimeo.com/owasp]. |
| − | opportunities while working to identify developing trends in risk
| + | --> |
| − | management, physical security, governance, audit, information security,
| + | <!-- === Content === --> |
| − | contingency planning and human capital.
| |
| | | | |
| − | === DC612 Meetings ===
| |
| − | DC612 meets the 2nd Thursday of the month<br />
| |
| − | http://www.dc612.org/
| |
| | | | |
| − | ==== Video/Audio/Slides/Handouts ====
| |
| | | | |
| − | Videos of several past meetings are available at https://www.owasp.org/index.php/Category:OWASP_Video#Videos | + | <!-- You can find our Chapter Videos at https://vimeo.com/user56799697 --> |
| | | | |
| − | === Most Recent Content ===
| |
| | | | |
| − | Robert Sullivan - Open This First: A job-oriented guide to software security resources - OWASP (MSP) - 27 July 2009 (68 minutes) [http://www.comotheory.com/owasp/20090727-Robert_Sullivan-Open_This_First_-_A_job-oriented_guide_to_software_security_resources.mp3 MP3] | [[Media:20090727-Robert_Sullivan-Open_This_First_-_A_job-oriented_guide_to_software_security_resources.pdf|PDF]] | [http://www.comotheory.com/owasp/20090727-Robert_Sullivan-Open_This_First_-_A_job-oriented_guide_to_software_security_resources.mp4 MP4...please right click and save] | [http://mspsullivan.home.mchsi.com More Material]
| |
| | | | |
| − | Cassio Goldschmidt - Tracking the Progress of an SDL Program: Lessons from the Gym - OWASP (MSP) - 29 June 2009 (55 minutes) [http://www.slideshare.net/webappsecguy/tracking-the-progress-of-an-sdl-program-lessons-from-the-gym-1684512 Slidecast] | [http://www.comotheory.com/owasp/20090629-Cassio_Goldschmidt-Tracking_the_Progress_of_an_SDL_Program_-_Lessons_from_the_Gym.mp3 MP3] | [[Media:20090629-Cassio_Goldschmidt-Tracking_the_Progress_of_an_SDL_Program_-_Lessons_from_the_Gym.pptx| PPTX]] | [http://www.comotheory.com/owasp/20090629-Cassio_Goldschmidt-Tracking_the_Progress_of_an_SDL_Program_-_Lessons_from_the_Gym.mp4 MP4...please right click and save]
| + | <!-- |
| | + | Igor Matlin - Warning: Security Storms are Brewing in Your JavaScript - OWASP (MSP) - May 2015 |
| | | | |
| − | Gunnar Peterson - OWASP Top Ten Web Services - OWASP (MSP) - 27 April 2009 (1 hour, 27 minutes) [http://www.comotheory.com/owasp/20090427-Gunnar_Peterson_-_OWASP_Top_Ten_Web_Services.mp4 MP4...please right click and save] | Slides Forthcoming
| + | Gene Kim - Rugged DevOps - OWASP (MSP) - 7 November 2011 (61 minutes) [http://vimeo.com/36342207 Vimeo Video] |
| | | | |
| − | Dan Cornell - Vulnerability Management in an Application Security World - OWASP (MSP) - 16 March 2009 (1 hour, 52 minutes) [http://video.google.com/videoplay?docid=3200887090385342211&hl=en Google Video] | [[Media:VulnerabilityManagementInAnApplicaitonSecurityWorld_OWASPMSP_20090316.pdf|PDF]]
| + | Michael Coates - Attack Aware Applications (AppSensor) - OWASP (MSP) - 18 April 2011 (75 minutes) [https://owasp.webex.com/owasp/ldr.php?AT=pb&SP=MC&rID=87764002&rKey=14191b8f8c73dabc WebEx Replay] |
| | | | |
| − | Rick Ensenbach - Proactive Lifecycle Security Management - OWASP (MSP) - 16 February 2009 (69 minutes) [http://video.google.com/videoplay?docid=2838721966098123222&hl=en Part 1 Google Video] | [http://video.google.com/videoplay?docid=1766766374336659744&hl=en Part 2 Google Video] | [[Media:Proactive_Lifecycle_Security_Management_Presentation_for_OWASP_Mpls-Stp_Chapter_Meeting_-_2-16-09.ppt|PPT]] | [[Media:Generic_System_Security_Plan.doc|Handout: Service/System Security Plan template (DOC)]]
| + | Dan Cornell - Smart Phones, Dumb Apps - OWASP (MSP) - 7 December 2010 (93 minutes) [http://vimeo.com/17692646 Vimeo Video] |
| | | | |
| − | ==== Previous Events ====
| + | Gunnar Peterson - Audit Logging Done Right - OWASP (MSP) - 20 September 2010 (55 minutes) [http://vimeo.com/15423426 Vimeo Video] |
| | | | |
| − | === OWASP Minneapolis-St. Paul 2009 Half Day Conference - August 24, 2009 ===
| + | Dinis Cruz - How OWASP Works - OWASP (MSP) - 10 August 2010 (55 minutes) [http://vimeo.com/14343350 Vimeo Video] |
| | | | |
| − | Thanks again for another year to all who joined us for '''[[OWASP Minneapolis St Paul 2009_Conference | an afternoon of information security presentations on August 24, 2009]]''' at the [http://www1.umn.edu/twincities/maps/StCen/StCen-map.html St. Paul Student Center] [http://www.spsc.umn.edu/about/directory/lower.php Auditorium/Theater] on the [http://www1.umn.edu/twincities/index.php University of Minnesota - Twin Cities] campus. '''Audio, video, and slides to be posted soon.'''
| + | Dinis Cruz - O2 - OWASP (MSP) - 10 August 2010 (110 minutes) [http://vimeo.com/14392060 Vimeo Video] |
| | + | --> |
| | | | |
| − | === OWASP & FLOSS Application Security Mini-Conference 2008 - October 21, 2008 === | + | = Security Associates = |
| | | | |
| − | Thanks to all who joined us on October 21, 2008 for a '''[[OWASP_Minneapolis_St_Paul_2008_Conference | mini conference in October 2008]]''' at University of Minnesota's Saint Paul campus. Our first conference was a great success, with around 150 people attending! We were fortunate to have even higher attendance in 2009.
| + | === Secure360 === |
| | | | |
| − | ==== Chapter Leaders/Contacts ====
| + | [http://www.secure360.org/ Secure360] is an annual conference providing high quality educational sessions and networking opportunities while working to identify developing trends in risk management, physical security, governance, audit, information security, contingency planning and human capital. |
| − | '''President:''' [mailto:adam.baso@owasp.org Adam Baso]
| |
| | | | |
| − | | + | === DC612 Meetings === |
| | | | |
| − | '''Board Member and Former OWASP MSP President:''' [mailto:kuai.hinojosa@owasp.org Kuai Hinojosa] | + | DC612 meets the 2nd Thursday of the month.<br> [http://www.dc612.org/ http://www.dc612.org/] |
| | + | = Chapter Contacts = |
| | + | |
| | + | |
| | + | <!-- |
| | + | '''Leadership Team:''' [mailto:lorna.alamri@owasp.org Lorna Alamri] |
| | + | --> |
| | | | |
| − | '''Board Member and Former OWASP MSP President:''' Robert Sullivan
| + | <headertabs /> |
| | | | |
| − | '''Board Member:''' David Bryan
| + | {{Social Media Links}} |
| − | <headertabs/>
| |
| | | | |
| | [[Category:Minnesota]] | | [[Category:Minnesota]] |
Welcome to the Minneapolis-St. Paul (OWASP MSP) chapter homepage. The chapter leadership Alex Bauert.
to this chapter or become a local chapter supporter.
Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? 
