This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Bay Area

From OWASP
Revision as of 01:22, 8 June 2009 by Ggee (talk | contribs)

Jump to: navigation, search

OWASP Bay Area

Welcome to the Bay Area chapter homepage.


Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

Btn donate SM.gif to this chapter or become a local chapter supporter. Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG


Local News

<paypal>Bay Area</paypal>

Chapter Meetings

Date and Location

OWASP Meeting Monday, June 22nd * 5:30 pm San Francisco Federal Reserve Bank Office

OWASP Bay Area will host its next meeting at the Federal Reserve Bank of San Francisco on Monday, June 22nd. As usual attendance is free and food and beverages will be provided. This will be an awesome event and a great opportunity to network with industry peers. The event is open to the public; please forward this invite to your colleagues and friends who are interested in computer and application security.

Please note, because of high security measures at the Federal Reserve Bank, pre-registration is REQUIRED, so you can be issued a badge before entering the meeting.

http://www.eventbrite.com/event/355543440

Agenda

  5:30 PM - 6:15 PM ... Check-in and networking
  6:15 PM - 7:15 PM ... Analyzing Web Malware by Jeremy Brotherton
  7:15 PM - 7:30 PM ... Break
  7:30 PM - 8:30 PM ... Mobile Device Security by Dave Maynor

Analyzing Web Malware

In its "State of Internet Security Q3/Q4 2008", Websense reported that 70% of the top 100 websites either hosted malicious content or contained a masked redirect to compromised websites. Most recently, gumblar.cn successfully injected redirects into upwards of 3,000 websites. Analyzing web-based malicious content can be time-consuming and complex. This presentation will describe several common Javascript obfuscation techniques and how to use open-source tools to reveal the exploits hidden behind them. Additionally, this presentation will describe the techniques used within the malicious Flash file which was being hosted by gumblar.cn.

Mobile Device Security

This presentation will detail auditing and development techniques for exploits that target mobile phones with a heavy emphasis on threats that come from the web. Windows mobile and Google Android devices that will target the auditing and exploit discovery.

About the Speakers

Jeremy Brotherton

Jeremy graduated from Iowa State University in 2006 with a Bachelor’s degree in Computer Engineering with an emphasis in Information Assurance. Currently, he is pursuing a Master’s degree in Computer Science at Stanford specializing in Computer and Network Security. Research interests include web-based malware and exploits, Intrusion Detection Systems and Forensics.

Dave Maynor

Mr. Maynor has a strong background in application security, reverse engineering and exploit development. Before joining Accuvant, Dave cofounded Errata Security - a think tank organization that specializes in rapid application development and security research. Prior to Errata, Dave was the Senior Researcher for Secureworks and a research engineer with the ISS X-Force R&D team. A well recognized personality in the information security world, Dave is a popular author and has been featured in multiple publications over the last several years including Fox News, CNN, the Associated Press, Security Focus and a multitude of other information security news sources. Dave has been both a primary and contributing author to several industry leading security books including: Metasploit Toolkit for Penetration Testing, Exploit Development, and Vulnerability Research, Syngress Force Emerging Threat Analysis: From Mischief to Malicious, and War Driving and Wireless Penetration Testing.


RSVP

REGISTER EARLY AS SEATING IS LIMITED

http://www.eventbrite.com/event/355543440

Bay Area Past Events

Bay Area Past Events

Bay Area OWASP Chapter Leaders