This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Los Angeles"
(→Next OWASP Meeting) |
(→Oct 22, 2014 @7pm Symantec Corporation 900 Corporate Pointe , Culver City, CA) |
||
Line 56: | Line 56: | ||
'''Speaker: Stan Borinski, CISSP, CISA''' | '''Speaker: Stan Borinski, CISSP, CISA''' | ||
During the course of this presentation we will examine the results of a penetration-test/vulnerability assessment of a SaaS performed a few months ago. We won't just discuss the results; I will SHOW you how unprotected iframes can lead to clickjacking, what attackers can learn from decompiling your Java code, and how a Java RMI architecture probably isn't suited for a SaaS of this type. We'll discuss the vulnerabilities that come from sloppy HTML/CSS code and developing your own "encryption" algorithm, plus what certificate protection a keystore does and doesn't provide. | During the course of this presentation we will examine the results of a penetration-test/vulnerability assessment of a SaaS performed a few months ago. We won't just discuss the results; I will SHOW you how unprotected iframes can lead to clickjacking, what attackers can learn from decompiling your Java code, and how a Java RMI architecture probably isn't suited for a SaaS of this type. We'll discuss the vulnerabilities that come from sloppy HTML/CSS code and developing your own "encryption" algorithm, plus what certificate protection a keystore does and doesn't provide. | ||
− | |||
− | |||
<br> | <br> | ||
Revision as of 23:21, 3 October 2014
- 1 Welcome to the Los Angeles Chapter!
- 2 Participation
- 3 Announcements
- 4 [1] OWASP-Los-Angeles We are on Meetup. Please join our community here.
- 5 Become an OWASP Member TODAY
- 6 Next OWASP Meeting
- 7 Oct 22, 2014 @7pm Symantec Corporation 900 Corporate Pointe , Culver City, CA
- 8 Sponsor: TBD
- 9 Would you like to speak at an OWASP Los Angeles Meeting?
- 10 Upcoming OWASP Meetings
- 11 January 26-28, 2015 OWASP AppSec California Summit -
- 12 Other Events
- 13 Archives of Previous Meetings
- 14 Los Angeles Chapter
Welcome to the Los Angeles Chapter!
Single Meeting Supporter: Organizations that wish to support the OWASP Los Angeles Chapter with a 100% tax deductible donation enable the OWASP Foundation to continue its mission
Get the following benefits::
- Meet upwards of 70-110 potential new clients - Be recognized as a local supporter by posting your company logo on the local chapter page and on our Meetup site - Have your marketing write-up included in e-mail blasts sent prior to a monthly meeting. - Have a table at local chapter meeting - Promote your products and services - Bring a raffle prize to gather business cards
Contact us #Los Angeles Chapter for general questions relating to sponsorship and donations
Participation
OWASP Foundation is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related security topic you would like to present on.
Announcements
AppSec California is back at the Annenberg Beach House January 26-28, 2015. Sign up NOW, before prices go up!
OWASP Los Angeles received the BEST Chapter Leaders award at AppSec USA NY
[1] OWASP-Los-Angeles
We are on Meetup. Please join our community here.If you are unable to access Meetup from your work computer as a result of filtering of social sites, we recommend that you view it on your smart phone or via your personal computer.
http://www.meetup.com/OWASP-Los-Angeles/
Become an OWASP Member TODAY
Support your LA Chapter: only $50 for the entire year!
https://www.owasp.org/index.php/Individual_Member
Next OWASP Meeting
Oct 22, 2014 @7pm Symantec Corporation 900 Corporate Pointe , Culver City, CA
Topic: Breaking the Security of a SaaS Offering Speaker: Stan Borinski, CISSP, CISA
During the course of this presentation we will examine the results of a penetration-test/vulnerability assessment of a SaaS performed a few months ago. We won't just discuss the results; I will SHOW you how unprotected iframes can lead to clickjacking, what attackers can learn from decompiling your Java code, and how a Java RMI architecture probably isn't suited for a SaaS of this type. We'll discuss the vulnerabilities that come from sloppy HTML/CSS code and developing your own "encryption" algorithm, plus what certificate protection a keystore does and doesn't provide.
Sponsor: TBD
Please RSVP here: http://www.meetup.com/OWASP-Los-Angeles/events/
Would you like to speak at an OWASP Los Angeles Meeting?
Call for Papers (CFP) is NOW OPEN. To speak at upcoming OWASP Los Angeles meetings please submit your BIO and talk abstract via email to Richard Greenberg OR Stuart Schwartz. The talk must be vendor neutral and its content be available under Creative Common 3.0 license.
Upcoming OWASP Meetings
Nov 19, 2014 at Symantec offices, 900 Corporate Pointe, Culver City, CA 90230
Dec 17, 2014: Holiday Networking Event at the Downtown Daily Grill
January 26-28, 2015 OWASP AppSec California Summit -
Other Events
Archives of Previous Meetings
Los Angeles Chapter
- Richard Greenberg -- Chapter Leader and President
- Tin Zaw -- Board Member
- Edward Bonver -- Board Member
- Mike Francis -- Board Member
- Stuart Schwartz -- Board Member
- Aaron Guzman -- Board Member
- Dave Wettenstein -- Board Member
Volunteers: Yev Avidon and Mikhael Felker
OWASP Wiki: Mike Francis
The Los Angeles chapter was founded by Cassio Goldschmidt.
The AppSec USA 2010 conference received rave reviews. Thanks to all the volunteers and great speakers who helped make it a success!
Web archive: http://2010.AppSecUSA.org