This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Houston
OWASP Houston
Welcome to the Houston chapter homepage. The chapter leaders are Mark Feferman, Paul Dial, Linda Fox and David Nester
Participation
OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.
Sponsorship/Membership
to this chapter or become a local chapter supporter. Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member?
Local News
The Houston Chapter will focus around Web Application Security issues with discussions on application layer vulnerabilties, penetration testing, and secure coding practices within the numerous development languages. Our chapter will meet on the second (2nd) Wednesday of each month and participation in OWASP Houston is free and open to all.
Please subscribe to the mailing list for meeting announcements. Our chapter's meetings are informal and encourage open discussion of all aspects of application security. Anyone in our area interested in web application security is welcome to attend. We encourage attendees to give short presentations about specific topics. If you would like to make a presentation, or have any questions about the Houston Chapter, send an email to David Nester.
<paypal>Houston</paypal>
Chapter Meetings
September 9, 2009 :: Conducting Application Assessment
- Presentation: This talk will review a number of application assessment techniques and discuss the types of security vulnerabilities they are best suited to identify as well as how the different approaches can be used in combination to produce more thorough and insightful results. Code review will be compared to penetration testing and the capabilities of automated tools will be compared to manual techniques. In addition, the role of threat modeling and architecture analysis will be examined. The goal is to illuminate assessment techniques that go beyond commodity point-and-click approaches to web application or code scanning.
About Our Presenter:
Dan Cornell has over twelve years of experience architecting, developing and securing web-based software systems. As a Principal of Denim Group, he leads the organization's technology team overseeing methodology development and project execution for Denim Group's customers. He also heads the Denim Group application security research team, investigating the application of secure coding and development techniques to the improvement of web based software development methodologies.
In addition, Dan Cornell performed as the CTO of BrandDefense, architecting and developing their cutting-edge intellectual property protection technologies. Over a one year period of development he brought their web-based intellectual property protection technologies through three major versions, surpassing the applications of well funded and entrenched competitors.
Date: September 9, 2009
Time: 6:00-7:30 Welcome, Announcements and Presentation
Location:
The new OWASP meeting physical address is:
Houston Community College (HCC)
1010 West Sam Houston Parkway North
Spring Branch Campus Commons
Houston, TX 77043
PLEASE download a parking permit for the event.
Past Presentations
- August 12, 2009 : "SharePoint Auditing and Penetration Testing Presentation Download
Presentation by: Shohn Trojacek
- June 10, 2009 : "Web Application Security and PHP. Presentation Download
Presentation by: Eric Cherian
- May 13, 2009 (A): "Securing connection strings in the Web.Config and App.Config files for .NET Presentation Download
Presentation by: Mark Feferman, CISSP
- May 13, 2009 (B): "Stealing the Airlines Online Data Presentation Download
Presentation by: Quincy Jackson, CISSP
- April 8, 2009: "2009 Statistics Report and ClickJacking Presentation Download
Presentation by David Nester, Director, Solutions Architecture, Whitehat Security.
- August 19, 2008: "Dirty Dozen" - Truth and facts about PCI DSS Presentation Download
Presentation by Genady Vishnevetsky, CISSP Director, IT Operations and Security. Paymetric, Inc
- June 11, 2008: The OWASP Top 10 Presentation Download
Presentation by J Sawyer, Developer Evangelist of Microsoft
- November 7, 2007: Black Box versus White Box: Different App Testing Strategies Presentation Download
Presentation by John Dickson of the Denim Group.
- October 10, 2007 :: Top 10 Website Attack Techniques Presentation Download
Presentation by Jeremiah Grossman, CTO, Whitehat Security
- September 12, 2007: Fortify Software
- August 8, 2007: Atrysk Security Presentation Download
- June 5, 2007 :: Web 2.0 Presentation Download
Presentation by Dan Cornell of the Denim Group.
Houston OWASP Chapter Leaders
Our chapter leaders are Mark Feferman, Linda Fox, Paul Dial and David Nester.