This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Sacramento"

From OWASP
Jump to: navigation, search
Line 21: Line 21:
 
* Free copy of the Scuba Database vulnerability scanning tool to help you analyze and identify database vulnerabilities, mis-configurations,  unpatched software, unsafe processes, and weak passwords: the high risk security vulnerabilities that expose your databases to attack.   
 
* Free copy of the Scuba Database vulnerability scanning tool to help you analyze and identify database vulnerabilities, mis-configurations,  unpatched software, unsafe processes, and weak passwords: the high risk security vulnerabilities that expose your databases to attack.   
 
    
 
    
SPEAKER BIO: Ryan Barnett – Director of Application Security Training    
+
SPEAKER BIO:   
  
 
Shan Zhou joined Imperva in 2005 and serves as Security Engineer Manager for the Western United States.  Shan has been involved in and is responsible for architecture, design, and implementation of Imperva’s largest customers.
 
Shan Zhou joined Imperva in 2005 and serves as Security Engineer Manager for the Western United States.  Shan has been involved in and is responsible for architecture, design, and implementation of Imperva’s largest customers.

Revision as of 19:21, 23 May 2008

OWASP Sacramento

Welcome to the Sacramento chapter homepage. The chapter leader is Matt Petteys


Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

Btn donate SM.gif to this chapter or become a local chapter supporter. Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG


Charter

The Sacramento OWASP Chapter promotes the principles of OWASP in our local community with an emphasis on education, local networking opportunities, and fun.

Next Meeting - JUNE 26th

The next OWASP Sacramento meeting will be on Thursday June 26th at 6pm. The topic of this meeting will be Database security. This meeting will be hosted at EDS Medi-Cal in Rancho Cordova, CA. Food, beverage, and the presentation will be provided by Imperva.

Please use the online RSVP form below or contact Mpetteys at caiso.com by 6/19/08 if you plan to attend.

http://fs2.formsite.com/mpetteys/form790760465/index.html

TOPIC

The presentation will be a live, educational demo to demonstrate and facilitate discussion of the top Database Security vulnerabilities. Corporate databases contain the crown jewels of an organization, which means a break-in, by insiders or outsiders, can cost millions in fines, lawsuits, and customer attrition. The good news is there are commonly used methods to attack databases. Attend this event to see a live Database hacking demonstration of SQL Injection and several other DB attacks.

  • Understand the most prominent database security threats and how they are carried out
  • Know how to assess and mitigate database threats
  • Have a blueprint for implementing a comprehensive database protection
  • Free copy of the Scuba Database vulnerability scanning tool to help you analyze and identify database vulnerabilities, mis-configurations, unpatched software, unsafe processes, and weak passwords: the high risk security vulnerabilities that expose your databases to attack.

SPEAKER BIO:

Shan Zhou joined Imperva in 2005 and serves as Security Engineer Manager for the Western United States. Shan has been involved in and is responsible for architecture, design, and implementation of Imperva’s largest customers.

Previously, Shan held similar positions at Sourcefire, the world leader in intrusion prevention technology. Sourcefire grew from an open source startup to raising $86 million dollars in its IPO. Prior to Sourcefire, Shan worked as Global Accounts Systems Engineer at Check Point Software Technologies, integrating Check Point’s security solutions into Fortune 50 companies worldwide.

Shan attended Drexel University majoring in Electrical Engineering. He also participates in various application and network security organizations.

  • LOCATION INFORMATION: Upon arriving at the main entrance, please ask for Robert Grill, office: 916-636-4392, cell: 916-997-9892. Any problems, please contact Matt Petteys, 916-873-4716
    EDS Medi-Cal (map)
    3215 Prospect Park Drive
    Rancho Cordova , CA
    95670

Local News

2008-04-03: Ryan C. Barnett from Breach Security presented "Passive Web Application Defect Identification"

2007-08-02: OWASP Sacramento is requesting votes for the preferred March topic using the following URL. OWASP Sacramento March Topic Survey. This meeting will be sponsored by Breach Security.

2007-11-29: Roman Hustad from Foundstone presented "Web Application Hacking" to over 40 attendees.

2007-10-01: We have rescheduled the next meeting for November 29th 2007. Please contact Matt Petteys with questions or suggestions.

2007-08-30: Barmak Meftah from Fortify Software presented "Hack proof your Service-Oriented Architecture" to 15 attendees.

2007-07-15: We have rescheduled the next meeting for August 30th 2007. Please contact Matt Petteys with questions or suggestions.

2007-07-01: OWASP Sacramento is requesting comments on future topics using the following URL. OWASP Sacramento Topic Survey

2006-06-27: OWASP Sacramento is planning a public presentation in late August 2007. Contact the chapter leader with questions or suggestions.

2006-05-18: OWASP Moves to MediaWiki Portal - 16:09, 18 May 2006 (EDT)

OWASP is pleased to announce the arrival of OWASP 2.0!

OWASP 2.0 utilizes the MediaWiki portal to manage and provide the latest OWASP related information. Enjoy!