This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Los Angeles"

From OWASP
Jump to: navigation, search
(Next OWASP Meeting)
(Oct 22, 2014 @7pm Symantec Corporation 900 Corporate Pointe , Culver City, CA)
Line 56: Line 56:
 
     '''Speaker: Stan Borinski, CISSP, CISA'''  
 
     '''Speaker: Stan Borinski, CISSP, CISA'''  
 
During the course of this presentation we will examine the results of a penetration-test/vulnerability assessment of a SaaS performed a few months ago.  We won't just discuss the results; I will SHOW you how unprotected iframes can lead to clickjacking, what attackers can learn from decompiling your Java code, and how a Java RMI architecture probably isn't suited for a SaaS of this type.  We'll discuss the vulnerabilities that come from sloppy HTML/CSS code and developing your own "encryption" algorithm, plus what certificate protection a keystore does and doesn't provide.
 
During the course of this presentation we will examine the results of a penetration-test/vulnerability assessment of a SaaS performed a few months ago.  We won't just discuss the results; I will SHOW you how unprotected iframes can lead to clickjacking, what attackers can learn from decompiling your Java code, and how a Java RMI architecture probably isn't suited for a SaaS of this type.  We'll discuss the vulnerabilities that come from sloppy HTML/CSS code and developing your own "encryption" algorithm, plus what certificate protection a keystore does and doesn't provide.
 
 
 
<br>
 
<br>
  

Revision as of 23:21, 3 October 2014

Welcome to the Los Angeles Chapter!

New_OWASP_LA_Logo-08-2014.jpg

Donatenow.jpg

Single Meeting Supporter: Organizations that wish to support the OWASP Los Angeles Chapter with a 100% tax deductible donation enable the OWASP Foundation to continue its mission

Get the following benefits::

- Meet upwards of 70-110 potential new clients
- Be recognized as a local supporter by posting your company logo on the local chapter page and on our Meetup site
- Have your marketing write-up included in e-mail blasts sent prior to a monthly meeting.
- Have a table at local chapter meeting 
- Promote your products and services
- Bring a raffle prize to gather business cards

Contact us #Los Angeles Chapter for general questions relating to sponsorship and donations

Participation

OWASP Foundation is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related security topic you would like to present on.

Announcements

AppSec California is back at the Annenberg Beach House January 26-28, 2015. Sign up NOW, before prices go up!


OWASP Los Angeles received the BEST Chapter Leaders award at AppSec USA NY


Meetup_logo3.jpg [1] OWASP-Los-Angeles We are on Meetup. Please join our community here.

If you are unable to access Meetup from your work computer as a result of filtering of social sites, we recommend that you view it on your smart phone or via your personal computer.
http://www.meetup.com/OWASP-Los-Angeles/


Become an OWASP Member TODAY

Support your LA Chapter: only $50 for the entire year!
https://www.owasp.org/index.php/Individual_Member



Next OWASP Meeting

**NOTE: Please review NEW parking rules (@meetup.com) for our monthly meetings at Symantec as of 7/22/2014 **

Oct 22, 2014 @7pm Symantec Corporation 900 Corporate Pointe , Culver City, CA

   Topic: Breaking the Security of a SaaS Offering 
   Speaker: Stan Borinski, CISSP, CISA 

During the course of this presentation we will examine the results of a penetration-test/vulnerability assessment of a SaaS performed a few months ago. We won't just discuss the results; I will SHOW you how unprotected iframes can lead to clickjacking, what attackers can learn from decompiling your Java code, and how a Java RMI architecture probably isn't suited for a SaaS of this type. We'll discuss the vulnerabilities that come from sloppy HTML/CSS code and developing your own "encryption" algorithm, plus what certificate protection a keystore does and doesn't provide.

Sponsor: TBD

Please RSVP here: http://www.meetup.com/OWASP-Los-Angeles/events/


Would you like to speak at an OWASP Los Angeles Meeting?

Call for Papers (CFP) is NOW OPEN. To speak at upcoming OWASP Los Angeles meetings please submit your BIO and talk abstract via email to Richard Greenberg OR Stuart Schwartz. The talk must be vendor neutral and its content be available under Creative Common 3.0 license.


Upcoming OWASP Meetings


Nov 19, 2014 at Symantec offices, 900 Corporate Pointe, Culver City, CA 90230

Dec 17, 2014: Holiday Networking Event at the Downtown Daily Grill

Holiday.jpg


January 26-28, 2015 OWASP AppSec California Summit -

Other Events





Archives of Previous Meetings

2014 Meetings

2013 Meetings

2012 Meetings

2011 Meetings

2010 Meetings

2009 Meetings

2008 Meetings

Presentation Archive


Los Angeles Chapter

Volunteers: Yev Avidon and Mikhael Felker
OWASP Wiki: Mike Francis
The Los Angeles chapter was founded by Cassio Goldschmidt.


The AppSec USA 2010 conference received rave reviews. Thanks to all the volunteers and great speakers who helped make it a success!


Web archive: http://2010.AppSecUSA.org

Videos: http://vimeo.com/user4863863/videos

AppSec Logo.jpg