Difference between revisions of "San Antonio"

Revision as of 19:04, 27 February 2007

OWASP San Antonio

Welcome to the San Antonio chapter homepage. The chapter leader is Dan Cornell

Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

to this chapter or become a local chapter supporter. Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member?

Local News

San Antonio OWASP Chapter: March 2007 Meeting

Topic: Web Application Remediation

Presenter: Dan Cornell

Date: March 28th, 11:30am – 1:00pm

Location:

San Antonio Technology Center (Web Room)

3463 Magic Drive

San Antonio, TX 78229

http://maps.google.com/maps?f=q&hl=en&q=3463+Magic+Drive,+San+Antonio,+TX+78229

Abstract:

What do you do when the dust settles after a web application assessment or penetration test? You know you have applications with vulnerabilities and you know your organization is exposed to risks. How do you go about addressing these risks while still making progress on an already aggressive development schedule? What issues need to be fixed and which can be ignored until later.

This presentation will discuss strategies for organizations remediating vulnerable web applications. It focuses on practical concerns for planning and executing a successful remediation effort.

• Classifying risks and ranking the severity of web application vulnerabilities using tools such as STRIDE and DREAD

• Making challenging tradeoff decisions about which vulnerabilities to address and which risks to live with

• Planning and executing remediation tasks and integrating these with existing project plans and timelines

• Integrating lessons learned from the assessment and remediation back into your organization’s SDLC

Presenter Bio:

Dan Cornell is a Principal of the Denim Group, a Texas-based consultancy providing software development and application security services. He has extensive experience architecting and developing enterprise web applications on a variety of platforms as well as training and mentoring development teams on application security and secure coding techniques. Dan is the creator and primary author of the sprajax open source AJAX security assessment tool. He is an MCSD as well as a Java 2 Certified Programmer.

Sodas and snacks will be provided. Feel free to bring a brown-bag lunch.

Please RSVP: E-mail [email protected] or call (210) 572-4400.

Previous News

The slide deck from OWASP San Antonio September 2006 meeting available online here: File:OWASPSanAntonio 2006 09 AgileAndSecure.pdf.

The slide deck from OWASP San Antonio August 2006 meeting available online here: File:OWASPSanAntonio 2006 08 SingleSignOn.ppt.

The slide deck from OWASP San Antonio June 2006 meeting available online here: File:OWASPSanAntonio 2006 06 Crypto Content.pdf.

The slide deck from OWASP San Antonio May 2006 meeting available online here: File:OWASPSanAntonio 2006 05 ForcefulBrowsing Content.pdf.

The slide deck from OWASP San Antonio September 2004 meeting available online here: File:OWASPSanAntonio 20040922.pdf.