This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Los Angeles"

From OWASP
Jump to: navigation, search
(Saving intermediate edit for Feb 2011. Still need sponser info and picture.)
Line 1: Line 1:
 
== Local News  ==
 
== Local News  ==
  
===== Sign up for OWASP Los Angeles mailing list, very low volume and spam free. =====
+
===== Sign up for OWASP Los Angeles mailing list, very low volume and spam free. =====
  
===== https://lists.owasp.org/mailman/listinfo/owasp-losangeles =====
+
===== https://lists.owasp.org/mailman/listinfo/owasp-losangeles =====
  
<br> The AppSec USA 2010 conference received rave reviews. Thanks to all the volunteers and great speakers who helped make it a success!  
+
<br>The AppSec USA 2010 conference received rave reviews. Thanks to all the volunteers and great speakers who helped make it a success!  
  
 
http://2010.AppSecUSA.org  
 
http://2010.AppSecUSA.org  
  
Check out the videos: http://vimeo.com/user4863863/videos<br>  
+
Check out the videos: http://vimeo.com/user4863863/videos<br>
  
[[Image:AppSec Logo.jpg|362x106px]]  
+
[[Image:AppSec Logo.jpg|362x106px|AppSec Logo.jpg]]  
  
 
==  ==
 
==  ==
  
== Next&nbsp;Chapter Meeting:&nbsp; Wednesday, January 26, 2011 7:00 P.M. <br> ==
+
== Next&nbsp;Chapter Meeting:&nbsp; Wednesday,&nbsp;Feburary 23, 2011 7:00 P.M. <br> ==
  
=== '''Note New Meeting Day: 4th Wednesday of Each Month '''  ===
+
=== '''Note New Meeting Day: 4th Wednesday of Each Month'''  ===
  
We will be meeting at our usual place: Symantec Corporation in Culver City: <br>900 Corporate Pointe<br> Culver City, CA 90230<br>(424)750-7000  
+
We will be meeting at our usual place: Symantec Corporation in Culver City: <br>900 Corporate Pointe<br>Culver City, CA 90230<br>(424)750-7000  
  
 
  Please RSVP: http://owasp-jan2011.eventbrite.com/
 
  Please RSVP: http://owasp-jan2011.eventbrite.com/
Line 29: Line 29:
 
----
 
----
  
== '''Topic: Evercookie'''<br> ==
+
== '''Topic: When Databases Attack'''<br> ==
  
== '''Speaker: Samy Kamkar'''&nbsp; [[Image:SamyKamkar.jpg]]<br> ==
+
== '''Speaker: Scott Sutherland'''&nbsp; <br> ==
  
Samy Kamkar is best known for the Samy worm, the first XSS worm, infecting over one million users on MySpace in less than 24 hours. A co-founder of Fonality, Inc., an IP PBX company, Samy previously led the development of all top-level domain name server software and systems for Global Domains International (.ws), and worked for Penn State University developing AI-based psychometric personality assessment software.  
+
Scott Sutherland is a Senior Security Consultant responsible for the development and management of penetration test services at NetSPI, which is a security services company based in Minneapolis. His role includes researching and developing tools, techniques, and methodologies used during network and application penetration tests. Scott has ten years of IT consulting experience. Six of which have been focused on providing security services. Additionally, Scott presented at the National OWASP AppSec 2010 Conference and the local Security BSidesMSP conferences in the last year.<br>
  
In the past 10 years, Samy has focused on evolutionary and genetic algorithmic software development, Voice over IP software development, automated security and vulnerability research in network security, reverse engineering, and network gaming. When not strapped behind the Matrix, Samy can be found stunt driving, getting involved in local community service projects, and continuing his focus on staying out of jail.
+
== '''Abstract: Database Security in the Real World'''<br> ==
  
<br>  
+
This presentation will provide an overview of the common threats and vectors that are leveraged by real world attackers to gain unauthorized access to high value databases. It is well understood that high value databases support critical applications and store sensitive information, but they can also be used to escalate privileges in Windows environments and propagate botnets across the internet. This presentation will provide developers and system administrators with a better understanding of how those attacks are conducted.<br>
  
== '''Abstract: Evercookie: the Persistent Cookie'''<br>  ==
+
<br>
 
 
Evercookie is a JavaScript API that produces extremely persistent cookies in a browser. Its goal is to identify a client even after they have removed standard cookies, Flash cookies Local Shared Objects or LSOs), and others.
 
 
 
Evercookie accomplishes this by storing the cookie data in several types of storage mechanisms that are available on the local browser. Additionally, if evercookie has found the user has removed any of the types of cookies in question, it recreates them using each mechanism available.
 
 
 
'''You can read more about Samy and Evercookie at http://samy.pl/evercookie/'''
 
 
 
<br>
 
 
 
<br>  
 
  
 
== '''Sponsor:'''&nbsp;  ==
 
== '''Sponsor:'''&nbsp;  ==
  
'''<span style="font-style: italic;">IBM Rational Software</span>'''''<br>''
+
'''<br>
 
 
<span style="font-style: italic;">http://www-01.ibm.com/software/rational/</span><br>  
 
  
 
----
 
----
  
<br>  
+
<br>
  
 
Would you like to speak at an OWASP Los Angeles Meeting?  
 
Would you like to speak at an OWASP Los Angeles Meeting?  

Revision as of 21:18, 18 February 2011

Local News

Sign up for OWASP Los Angeles mailing list, very low volume and spam free.
https://lists.owasp.org/mailman/listinfo/owasp-losangeles


The AppSec USA 2010 conference received rave reviews. Thanks to all the volunteers and great speakers who helped make it a success!

http://2010.AppSecUSA.org

Check out the videos: http://vimeo.com/user4863863/videos

AppSec Logo.jpg

Next Chapter Meeting:  Wednesday, Feburary 23, 2011 7:00 P.M.

Note New Meeting Day: 4th Wednesday of Each Month

We will be meeting at our usual place: Symantec Corporation in Culver City:
900 Corporate Pointe
Culver City, CA 90230
(424)750-7000 

Please RSVP: http://owasp-jan2011.eventbrite.com/

<paypal>Los Angeles</paypal>

Topic: When Databases Attack

Speaker: Scott Sutherland 

Scott Sutherland is a Senior Security Consultant responsible for the development and management of penetration test services at NetSPI, which is a security services company based in Minneapolis. His role includes researching and developing tools, techniques, and methodologies used during network and application penetration tests. Scott has ten years of IT consulting experience. Six of which have been focused on providing security services. Additionally, Scott presented at the National OWASP AppSec 2010 Conference and the local Security BSidesMSP conferences in the last year.

Abstract: Database Security in the Real World

This presentation will provide an overview of the common threats and vectors that are leveraged by real world attackers to gain unauthorized access to high value databases. It is well understood that high value databases support critical applications and store sensitive information, but they can also be used to escalate privileges in Windows environments and propagate botnets across the internet. This presentation will provide developers and system administrators with a better understanding of how those attacks are conducted.


Sponsor: 


Would you like to speak at an OWASP Los Angeles Meeting?

Call for Papers (CFP) is NOW OPEN. To speak at upcoming OWASP Los Angeles meetings please submit your BIO and talk abstract via email to Tin Zaw. When we accept your talk, it will be required to use the Powerpoint OWASP Template.

Archives of Previous Meetings

A list of previous presentations conducted at the Los Angeles Chapter can be found here.

Los Angeles Chapter

Retrieved from "https://wiki.owasp.org/index.php?title=Los_Angeles&oldid=105439"