This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Long Island

From OWASP
Revision as of 16:08, 23 June 2009 by Dguido (talk | contribs)

Jump to: navigation, search

OWASP Long Island

Welcome to the Long Island chapter homepage.


Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

Btn donate SM.gif to this chapter or become a local chapter supporter. Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG


Chapter Meetings

Scroll down to see the upcoming Long Island OWASP events

Date: Saturday June 27th 2009
Time: 10:00-14:00
Place: Sunrise Business Center, 3500 Sunrise Hwy, Great River, NY 11730, Building 200 MAP
Directions: Enter from the service road on the East Bound side of Sunrise Hwy. Attendees can park in front of Building 200 and enter through the Building 200 entrance. We must ask that all Attendees do not park in any spot marked as RESERVED.

RSVP REQUIRED Register.gif


Agenda:

10-00 - Opening Remarks & Welcome to OWASP Foundation
--Helen Gao, OWASP LI Board
10-20 - Incident Response - Identify, Contain, Eradicate, Recover, Lessons Learned
Breaches happen. Proper audit compliance enables an organization the ability to detect and prevent attacks. A case study will be examined.
--Ryan Behan Manager of Network Technologies at Netsmart Technologies
11-20 - Code Blue - The Unhealthy State of Your Medical Records (And What Can Be Done to Save Them)
Millions of patient records have been disclosed to unauthorized third parties. Some of these records were stolen, some were lost yet all could have been prevented.
A North Carolina hospital loses a laptop with 14,000 records. The Peninsula Orthopedic Associates lost backup tapes that help 100,000 patient records. The Wallgreens Health Initiative emailed 28,000 records to the state of Kentucky without using encryption. Confiker infects three University of Utah hospitals. Kaiser fires 15 employees for inappropriately accessing medical records. Two Scottish hospitals were infected by a computer worm. Researchers find 20,000 medical records using peer-to-peer software. The Mytob worm infects 4,700 computers at three UK hospitals. Confiker infects 8,000 computers at the Sheffield Teaching Hospitals Trust. Criminals tried to extort Express Scripts with the threat of releasing millions of patient records. SRA International was breached when malicious software allowed an attacker the ability to access patient data maintained by SRA. The list goes on.
All of these incidents were reported in the news within a five month period of each other. News like this is being reported with an increasing frequency.
Most of these incidents could have been easily avoided by conducting compliance audits and vulnerability assessments.
--Blake Cornell Security Consultant Net2S/BT-INS, OWASP NY/NJ/LI Board Member
12-10 - Lunch
12-25 - Education, "So you want to train an army of ninjas..." - Teaching offensive techniques to college students
Dan will discuss the challenges, successes, surprises, and lessons learned creating and delivering a penetration testing course for undergraduate and graduate students at NYU:Poly. The course, which ran on-campus during the Fall 2008 semester, was taught to 30 students and with the help of 5 instructors from outside the university: After 6 weeks, students were given a takehome midterm that tested their ability to apply theoretical techniques discussed in class and that tracked the evolution of their "hacker's mindset." This talk presents lessons learned as "design patterns" that conference attendees can apply to their own courses to increase their effectiveness and train their own army of ninjas in a university setting. Additionally, all course material, videotaped lectures, and student work from the Fall 2008 NYU:Poly Penetration Testing and Vulnerability Analysis course have been made freely available online at: [1]
--Dan Guido, Board Member OWASP NYNJ
13-25 - Round Table Discussion - Successes, challenges, efforts, hopes and predictions for OWASP Long Island
--Helen Gao, Board Member, OWASP LI
--Ryan Behan, Board Member, OWASP LI
--Blake Cornell, Board Member, OWASP NYNJ/LI
--Dan Guido, Board Member OWASP NYNJ


AFTER EVENT NETWORKING ON THE WATER !!

THE WHARF

445 Vanderbilt Blvd, Oakdale, NY 11769

Come prepared for a day of networking with your industry peers.
We invite all attendees to food and libations after the meeting at a local restaurant TBA.
If you join our mailing list, then you will receive details of the meeting as soon as they are finalized.
To be a co-sponsor for this or a future meeting consider annual chapter sponsorship

Chapter Leaders/Contacts


External Links

Retrieved from "https://wiki.owasp.org/index.php?title=Long_Island&oldid=64781"