This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Bay Area"

From OWASP
Jump to: navigation, search
(Agenda)
(Speakers)
Line 21: Line 21:
 
==Speakers==
 
==Speakers==
  
'''Back to the Future - Phishing and Malware''' by Brendan O’Conner, Saleforce.com
+
Presentation
 +
This presentation will detail auditing and development techniques for exploits that target mobile phones with a heavy emphasis on threats that come from the web.  Windows mobile and Google Android devices that will target the auditing and exploit discovery.
  
Abstract:  The more things change, the more they stay the same. We'll take a trip back in time to look at the phishing and anti-malware solutions of the past.  Why did they fail?  With companies investing hundreds of thousands of dollars  or more in these solutions, what does the future of this space look like and what tricks can you apply to stay one step ahead?
+
About the Speaker
 +
Mr. Maynor has a strong background in application security, reverse engineering and exploit development. Before joining Accuvant, Dave cofounded Errata Security - a think tank organization that specializes in rapid application development and security research. Prior to Errata, Dave was the Senior Researcher for Secureworks and a research engineer with the ISS X-Force R&D team. A well recognized personality in the information security world, Dave is a popular author and has been featured in multiple publications over the last several years including Fox News, CNN, the Associated Press, Security Focus and a multitude of other information security news sources. Dave has been both a primary and contributing author to several industry leading security books including: Metasploit Toolkit for Penetration Testing, Exploit Development, and Vulnerability Research, Syngress Force Emerging Threat Analysis: From Mischief to Malicious, and War Driving and Wireless Penetration Testing.
 +
Presentation
  
Bio:  Brendan O'Connor is originally from the Midwest , currently residing in the Bay Area as a security engineer .  He worked in security for a communications company for four years before switching to the financial sector in 2004 and onto Software as a Service in 2008Brendan currently works on the Product Security team at Salesforce.com, where his duties include vulnerability research, security architecture, and application security.
+
Analyzing Web Malware
 +
In this presentation, the state of Internet security will be discussed and some of the techniques and tools used to analyze Javascript will be reviewedThere will be a use case review of gumblar.cn, which successfully injected redirects into upwards of 3,000 websites.
  
'''Testing Methodologies:  White-box, Gray-Box, Black-box or Something Else''' by Kirk Greene, Accuvant
+
Speaker
 
+
Jeremy Brotherton - Websense
Abstract:  In this presentation we will discuss the different testing methodologies used when assessing the security of both binary applications as well as web-based applications. We will focus on the differences and advantages as they relate to black-box testing, white-box testing, gray-box testing, reverse engineering, and fuzzing. Unfortunately there is no one testing methodology that provides the best balance of time and accuracy for every application, in this talk we will provide metrics for helping decide what methodology should be used for what types of applications.
 
 
 
Bio:  Kirk has been providing security consulting services for over a decade. Through that time Kirk has served clients in a variety of industries including federal and local government, healthcare, financial services, telecommunications, e-Commerce, fuel and natural gases, manufacturing, application service providers, gaming, Internet start-ups, and Internet service providers. In his tenure with Accuvant, Kirk has performed a variety of consulting and managerial responsibilities from developing and performing financial institution regulation audits to managing performing enterprise assessments for multi-national corporations. Kirk is a Certified Information Systems Security Professional (CISSP), ISS Certified Engineer, PCI Qualified Data Security Professional (QDSP), Qualified Payment Application Security Professional (QPASP).
 
  
 
==RSVP==
 
==RSVP==

Revision as of 17:37, 2 June 2009

OWASP Bay Area

Welcome to the Bay Area chapter homepage.


Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

Btn donate SM.gif to this chapter or become a local chapter supporter. Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG


Local News

<paypal>Bay Area</paypal>

Chapter Meetings

Date and Location

  March 18th @ 6PM - Gap Inc
  Conference Center C
  2 Folsom Street,
  San Francisco , CA 94105

OWASP Bay Area will host its next meeting at Gap Inc in San Francisco on Wednesday, March 18th. As usual attendance is free and food and beverages will be provided. This will be an awesome event and a great opportunity to network with industry peers. The event is open to the public; please forward this invite to your colleagues and friends who are interested in computer and application security.

Special thanks to Gap Inc for hosting this event and to ___, ___ for sponsoring.

OWASP Meeting Monday, June 22nd * 5:30 pm San Francisco Federal Reserve Bank Office

Speakers

Presentation This presentation will detail auditing and development techniques for exploits that target mobile phones with a heavy emphasis on threats that come from the web. Windows mobile and Google Android devices that will target the auditing and exploit discovery.

About the Speaker Mr. Maynor has a strong background in application security, reverse engineering and exploit development. Before joining Accuvant, Dave cofounded Errata Security - a think tank organization that specializes in rapid application development and security research. Prior to Errata, Dave was the Senior Researcher for Secureworks and a research engineer with the ISS X-Force R&D team. A well recognized personality in the information security world, Dave is a popular author and has been featured in multiple publications over the last several years including Fox News, CNN, the Associated Press, Security Focus and a multitude of other information security news sources. Dave has been both a primary and contributing author to several industry leading security books including: Metasploit Toolkit for Penetration Testing, Exploit Development, and Vulnerability Research, Syngress Force Emerging Threat Analysis: From Mischief to Malicious, and War Driving and Wireless Penetration Testing. Presentation

Analyzing Web Malware In this presentation, the state of Internet security will be discussed and some of the techniques and tools used to analyze Javascript will be reviewed. There will be a use case review of gumblar.cn, which successfully injected redirects into upwards of 3,000 websites.

Speaker Jeremy Brotherton - Websense

RSVP

REGISTER EARLY AS SEATING IS LIMITED

Please RSVP at http://bayareaowasp.eventbrite.com

Bay Area Past Events

Bay Area Past Events

Bay Area OWASP Chapter Leaders

Retrieved from "https://wiki.owasp.org/index.php?title=Bay_Area&oldid=63425"