This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Bay Area"
| Line 2: | Line 2: | ||
=Next Event= | =Next Event= | ||
| − | + | ==Date and Location== | |
| − | '''February, 21st @ 6PM - Robert Half International''' | + | '''February, 21st @ 6PM - Robert Half International''' |
| − | + | 5720 Stoneridge Dr | |
| + | Pleasanton CA 94588 | ||
OWASP Bay Area will host its next meeting at the Robert Half International on Thursday, February 21. As usual attendance is free and food and beverages will be provided. This will be an awesome event and a great opportunity to network with industry peers. The event is open to the public; please forward this invite to your colleagues and friends who are interested in computer and application security. | OWASP Bay Area will host its next meeting at the Robert Half International on Thursday, February 21. As usual attendance is free and food and beverages will be provided. This will be an awesome event and a great opportunity to network with industry peers. The event is open to the public; please forward this invite to your colleagues and friends who are interested in computer and application security. | ||
| − | + | Special thanks to Robert Half International for hosting this event and to Cenzic for sponsoring. | |
| − | 6:00pm - 6:30pm ... Check-in and Reception (food & beverages) | + | ==Agenda== |
| + | 6:00pm - 6:30pm ... Check-in and Reception (food & beverages) | ||
| + | 6:30pm - 7:15pm ... '''Your Client-Side Security Sucks. Stop Using It.''' – Kurt Grutzmacher | ||
| + | 7:15pm - 8:00pm ... '''NTLM attacks and countermeasures''' – Eric Rachner | ||
| + | 8:00pm - 8:30pm ... Networking Session | ||
| − | + | ==Speakers== | |
| + | '''Your Client-Side Security Sucks. Stop Using It.''' | ||
| − | + | Presented by: Kurt Grutzmacher | |
| − | + | Abstract: Browser-based security has been used for many years to 'protect' back-end systems from attack or to enhance the user experience. This should not be your only protection and can even open your application to business logic flaws that scanning tools can not detect nor report upon! This talk will show some real world examples of client-side security and the failures they introduced. Business logic flaws such as the MacWorld Expo Platinum Pass will be examined in depth. | |
| − | + | Bio: Kurt Grutzmacher has been performing Penetration Testing for a "very large financial institution" for nearly a decade and recently moved to a "very large utility company" to start their internal testing program. For two years in a row he has exposed the methods required to obtain free Platinum Passes to MacWorld and is hoping | |
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
they'll get it right the third time, he's tired of explaining it to them. Kurt contributes to the Metasploit project occasionally and is currently working on enhancing the project's support for NTLM in web-based attacks. He also randomly blogs at http://grutztopia.jingojango.net/ -- very randomly. | they'll get it right the third time, he's tired of explaining it to them. Kurt contributes to the Metasploit project occasionally and is currently working on enhancing the project's support for NTLM in web-based attacks. He also randomly blogs at http://grutztopia.jingojango.net/ -- very randomly. | ||
| − | ''NTLM attacks and countermeasures | + | '''NTLM attacks and countermeasures''' |
| − | |||
| − | |||
| − | + | Presented by: Eric Rachner | |
| − | + | Abstract: Coming soon. | |
| − | + | Bio: Coming soon. | |
| − | + | ==RSVP== | |
| + | Please RSVP at http://owaspfeb2008.eventbrite.com | ||
=Bay Area Chapter Leaders= | =Bay Area Chapter Leaders= | ||
Revision as of 04:33, 15 February 2008
OWASP SF Bay Area
Welcome to the SF Bay Area chapter homepage.
Participation
OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.
Sponsorship/Membership
to this chapter or become a local chapter supporter.
Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? 
Next Event
Date and Location
February, 21st @ 6PM - Robert Half International 5720 Stoneridge Dr Pleasanton CA 94588
OWASP Bay Area will host its next meeting at the Robert Half International on Thursday, February 21. As usual attendance is free and food and beverages will be provided. This will be an awesome event and a great opportunity to network with industry peers. The event is open to the public; please forward this invite to your colleagues and friends who are interested in computer and application security.
Special thanks to Robert Half International for hosting this event and to Cenzic for sponsoring.
Agenda
6:00pm - 6:30pm ... Check-in and Reception (food & beverages) 6:30pm - 7:15pm ... Your Client-Side Security Sucks. Stop Using It. – Kurt Grutzmacher 7:15pm - 8:00pm ... NTLM attacks and countermeasures – Eric Rachner 8:00pm - 8:30pm ... Networking Session
Speakers
Your Client-Side Security Sucks. Stop Using It.
Presented by: Kurt Grutzmacher
Abstract: Browser-based security has been used for many years to 'protect' back-end systems from attack or to enhance the user experience. This should not be your only protection and can even open your application to business logic flaws that scanning tools can not detect nor report upon! This talk will show some real world examples of client-side security and the failures they introduced. Business logic flaws such as the MacWorld Expo Platinum Pass will be examined in depth.
Bio: Kurt Grutzmacher has been performing Penetration Testing for a "very large financial institution" for nearly a decade and recently moved to a "very large utility company" to start their internal testing program. For two years in a row he has exposed the methods required to obtain free Platinum Passes to MacWorld and is hoping they'll get it right the third time, he's tired of explaining it to them. Kurt contributes to the Metasploit project occasionally and is currently working on enhancing the project's support for NTLM in web-based attacks. He also randomly blogs at http://grutztopia.jingojango.net/ -- very randomly.
NTLM attacks and countermeasures
Presented by: Eric Rachner
Abstract: Coming soon.
Bio: Coming soon.
RSVP
Please RSVP at http://owaspfeb2008.eventbrite.com
Bay Area Chapter Leaders
- Brian Bertacini
- Garrett Gee
- Mandeep Khera
- Robi Papp
