This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Los Angeles

From OWASP
Revision as of 18:38, 6 June 2014 by Mike Francis (talk | contribs)

Jump to: navigation, search

Welcome to the Los Angeles Chapter!

Donatenow.jpg

Single Meeting Supporter: Organizations that wish to support the OWASP Los Angeles Chapter with a 100% tax deductible donation enable the OWASP Foundation to continue its mission

Get the following benefits::

- Meet upwards of 60-90 potential new clients
- Be recognized as a local supporter by posting your company logo on the local chapter page and on our Meetup site(Image size for logos: gif, jpg or png with a size of 150px X 45px at 72dpi or 55px X 80px at 72dpi) 
- Have your marketing write-up included in e-mail blasts sent prior to a monthly meeting.
- Have a table at local chapter meeting 
- Promote your products and services
- Bring a raffle prize to gather business cards

Contact us #Los Angeles Chapter for general questions relating to sponsorship and donations

Announcements

OWASP Los Angeles received the BEST Chapter Leaders award at AppSec USA NY


logo.png

We are on Meetup. Please join our community there.

If you are unable to access Meetup from your work computer as a result of filtering of social sites, we recommend that you view it on your smart phone or via your personal computer.
http://www.meetup.com/OWASP-Los-Angeles/


Become an OWASP Member TODAY

Support your LA Chapter: only $50 for the entire year!
https://www.owasp.org/index.php/Individual_Member


2013 December Holiday Party at Daily Grill in LA

Holiday.jpg


Next OWASP Meeting

**NOTE: Date for this event **

7pm June 25, 2014 at Symantec offices, 900 Corporate Pointe, Culver City, CA 90230

  Topic:  Cashing Out – How Malware is Used to Attack ATMs

Recently a group of 10 criminals were arrested in Mexico for infecting ATMs with malware and, like a scene from a movie, emptying the ATMs of cash. A group of Ukrainian hackers were also arrested in China using another ATM infecting scheme. This talk will discuss recent ATM malware that has been discovered, how it works and how the attackers are leveraging infected ATMs.

Since the proof is in the pudding, Liam will bring a physical, one tonne, ATM for a demonstration of how these threats work in the real world, by dispensing cash via a text message!


  Speaker:   Liam O'Murchu

Liam manages a team of reverse engineers investigating the latest malicious attacks and analyzing cutting edge malware. He was formerly Manager of Security Response Operations for North America at Symantec, where he had responsibility for ensuring immediate response to computer security incidents of all size involving malicious software.


Sponsor: IOActive

IO.JPG

IOActive is the only security consultancy with a global presence and deep expertise that spans hardware, software, and wetware. We secure the Global 1000 in all facets of their enterprise and product portfolios in an era when vulnerabilities are mounting and threats evolve daily. Our team of internationally recognized experts partner with you to solve your toughest security challenges. Core competencies include penetration testing, reverse engineering, code review, social engineering, and hardware security assessments. With expertise far beyond off-the-shelf tools, IOActive conducts in-depth analysis of information systems, software/hardware architecture, and source code using leading information risk management security frameworks and carefully focused threat models.

Please RSVP here: http://www.meetup.com/OWASP-Los-Angeles/events/


Would you like to speak at an OWASP Los Angeles Meeting?

Call for Papers (CFP) is NOW OPEN. To speak at upcoming OWASP Los Angeles meetings please submit your BIO and talk abstract via email to Richard Greenberg OR Stuart Schwartz. The talk must be vendor neutral and its content be available under Creative Common 3.0 license.


Upcoming OWASP Meetings

   Topic: TBD
   Speaker: TBD
   Topic: Securing Complex Forms
   Speaker: Jim Manico

The heart of how users interact with a web application is the HTML form submission. A great deal of very sensitive data flows over HTML forms. Securing web form submissions is critical for the construction of a secure web application. Multi-form workflows make securing form submissions even more complicated! This presentation will take you on a journey as untrusted data flows from a form submission into the many layers of a secure web application.

• Review some of the basic threats against web forms • Learn some of the most important defense categories for building secure web forms • Discuss some of the more complex aspects to form construction, such as workflow


   Topic: Securing the SDLC in the real world
   Speaker: Jim Manico 

The earlier you address security in the engineering of software, the less expensive it will be for your organization. There are many who will tell you that you need to change all of your current processes around building software so it is more secure. Many of those forces are consultants charging high rates to help you deeply modify what you are doing today. This talk will will take the opposite approach. How can you add a few reasonable and mostly lightweight processes to how you build software today to make it more secure? Software development is like driving a boat. You need to look ahead make small changes to steer effectively.

Jim Manico is an author and educator of developer security awareness trainings. He is also a frequent speaker on secure software practices and is a member of the JavaOne "rockstar hall of fame". He has a 17 year history building software as a developer and architect. Jim is also one of the members of the Global Board of Directors for the OWASP foundation where he helps drive the strategic vision for the organization. He manages and participates in several OWASP projects, including the OWASP cheat sheet series and several secure coding projects. Jim is currently working on a book with McGraw-Hill and Oracle-Press on Java Security. For more information, see http://www.linkedin.com/in/jmanico.

Other Events



Archives of Previous Meetings

2014 Meetings

2013 Meetings

2012 Meetings

2011 Meetings

2010 Meetings

2009 Meetings

2008 Meetings

Presentation Archive


Los Angeles Chapter

Volunteers: Yev Avidon and Mikhael Felker
OWASP Wiki: Mike Francis
The Los Angeles chapter was founded by Cassio Goldschmidt.


The AppSec USA 2010 conference received rave reviews. Thanks to all the volunteers and great speakers who helped make it a success!


Web archive: http://2010.AppSecUSA.org

Videos: http://vimeo.com/user4863863/videos

AppSec Logo.jpg