Difference between revisions of "San Antonio"

Revision as of 15:05, 6 October 2008

1 OWASP San Antonio
2 Participation
3 Sponsorship/Membership
4 Local News

OWASP San Antonio

Welcome to the San Antonio chapter homepage. The chapter leader is Dan Cornell

Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

to this chapter or become a local chapter supporter. Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member?

Local News

San Antonio OWASP Chapter: October 2008 Meeting

Topic: Ensuring System Security Using Data Flow Analysis

Presenter: Price, Senior Research Engineer at Southwest Research Institute (SwRI)

Date: October 22,2008 11:30am – 1:00pm

Location:

San Antonio Technology Center (Web Room) 3463 Magic Drive San Antonio, TX 78229 http://maps.google.com/maps?f=q&hl=en&q=3463+Magic+Drive,+San+Antonio,+TX+78229

Abstract:

Ensuring computer system security using user defined policies is a difficult problem. One approach that is currently being researched is the application of system-level data flow analysis to ensure malicious code cannot infiltrate the system.

The data flow analysis involved with ensuring system security needs two levels of granularity: inter-process data flow analysis and intra-process data flow analysis. The University of Texas at Austin Department of Computer Science has created a Dynamic Data Flow Analysis (DDFA) tool that implements intra-process data flow analysis. Purdue University has created a Process Coloring (PC) system that implements the inter-process data flow analysis. Southwest Research Institute is working with both universities to integrate the PC and DDFA technologies to implement the system level data flow analysis solution. This talk will focus on technical details of the two different technologies and will detail example security scenarios that can be solved using these technologies.

Presenter Bio:

Jeremy Price is a Senior Research Engineer at Southwest Research Institute (SwRI). During his nine year tenure at SwRI, Mr. Price has worked on projects as varied as embedded systems, video compression, network data acquisition, and software defined radios. Most recently, Mr. Price has been leading a research effort funded by the Intelligence Advanced Research Projects Activity (IARPA) that focuses on system-level data flow analysis for the purpose of securing computer systems. Mr. Price's real love in the realm of computer engineering is getting his hands dirty working with the digital bits at the embedded system level.

Please RSVP: E-mail [email protected] or call (210) 572-4400.

Previous News

The slide deck from OWASP San Antonio September 2007 meeting available online here: File:Fortify-bjenkins-AppSecStrategy-20070906.pdf.

The slide deck from OWASP San Antonio March 2007 meeting will be available online shortly

The slide deck from OWASP San Antonio September 2006 meeting available online here: File:OWASPSanAntonio 2006 09 AgileAndSecure.pdf.

The slide deck from OWASP San Antonio August 2006 meeting available online here: File:OWASPSanAntonio 2006 08 SingleSignOn.ppt.

The slide deck from OWASP San Antonio June 2006 meeting available online here: File:OWASPSanAntonio 2006 06 Crypto Content.pdf.

The slide deck from OWASP San Antonio May 2006 meeting available online here: File:OWASPSanAntonio 2006 05 ForcefulBrowsing Content.pdf.

The slide deck from OWASP San Antonio September 2004 meeting available online here: File:OWASPSanAntonio 20040922.pdf.

Difference between revisions of "San Antonio"

Revision as of 15:05, 6 October 2008

OWASP San Antonio

Participation

Sponsorship/Membership

Local News

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Reference

Tools

@@ Line 3: / Line 3: @@
 == Local News ==
-San Antonio OWASP Chapter: August 2008 Meeting
+San Antonio OWASP Chapter: October 2008 Meeting
-Topic: Django and the OWASP Top 10
+Topic: Ensuring System Security Using Data Flow Analysis
-Presenter: Jarret Raim, Team Consultant at Denim Group, LTD.
+Presenter: Price, Senior Research Engineer at Southwest Research Institute (SwRI)
-Date: August 27,2008 11:30am – 1:00pm
+Date: October 22,2008 11:30am – 1:00pm
 Location:
@@ Line 20: / Line 20: @@
 Abstract:
-Django is a web application framework for Python that is 'for perfectionists with deadlines'. The presentation this week will start with a short introduction to Django, its goals, architecture and theory. It will then move on to the explicit and implicit security features of the framework and how they relate to the OWASP Top 10. No prior knowledge of Django or Python is required.
+Ensuring computer system security using user defined policies is a difficult problem.  One approach that is currently being researched is the application of system-level data flow analysis to ensure malicious code cannot infiltrate the system.
+The data flow analysis involved with ensuring system security needs two levels of granularity: inter-process data flow analysis and intra-process data flow analysis.  The University of Texas at Austin Department of Computer Science has created a Dynamic Data Flow Analysis (DDFA) tool that implements intra-process data flow analysis.  Purdue University has created a Process Coloring (PC) system that implements the inter-process data flow analysis.  Southwest Research Institute is working with both universities to integrate the PC and DDFA technologies to implement the system level data flow analysis solution.  This talk will focus on technical details of the two different technologies and will detail example security scenarios that can be solved using these technologies.
 Presenter Bio:
-Jarret Raim attained his Batchelor's degree in Computer Science from Trinity University here in San Antonio and continued on to get his Master's degree from Lehigh University in Pennsylvania. In addition to doing research in biometric security and honeypot systems, he has worked at Southwest Research Institute on a multiyear enterprise medical application for the government and is now a Team Consultant at Denim Group.
+Jeremy Price is a Senior Research Engineer at Southwest Research Institute (SwRI).  During his nine year tenure at SwRI, Mr. Price has worked on projects as varied as embedded systems, video compression, network data acquisition, and software defined radios.  Most recently, Mr. Price has been leading a research effort funded by the Intelligence Advanced Research Projects Activity (IARPA) that focuses on system-level data flow analysis for the purpose of securing computer systems.  Mr. Price's real love in the realm of computer engineering is getting his hands dirty working with the digital bits at the embedded system level.
 Please RSVP: E-mail [email protected]  or call (210) 572-4400.