This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Denver"
(→Next Meeting) |
(→Next Meeting) |
||
| Line 5: | Line 5: | ||
The next meeting of the Denver OWASP chapter will be on June 21st at 7:00PM. [http://www.accuvant.com Accuvant] will be hosting the meeting at their downtown office. They are located at [http://maps.google.com/maps/ms?ie=UTF8&hl=en&om=1&msa=0&ll=39.745804,-104.989911&spn=0.003473,0.007296&z=17&msid=110637952161429929739.000001131c9ad0e7b2c31 621 17th St. Denver, CO 80293]. The map has several parking locations indicated; if you need more detailed directions, please contact [mailto:[email protected] David Byrne]. Refreshments will be provided by [http://www.symplified.com Symplified]. | The next meeting of the Denver OWASP chapter will be on June 21st at 7:00PM. [http://www.accuvant.com Accuvant] will be hosting the meeting at their downtown office. They are located at [http://maps.google.com/maps/ms?ie=UTF8&hl=en&om=1&msa=0&ll=39.745804,-104.989911&spn=0.003473,0.007296&z=17&msid=110637952161429929739.000001131c9ad0e7b2c31 621 17th St. Denver, CO 80293]. The map has several parking locations indicated; if you need more detailed directions, please contact [mailto:[email protected] David Byrne]. Refreshments will be provided by [http://www.symplified.com Symplified]. | ||
| − | The technical presentation will be by David Byrne from EchoStar Satellite. He will speak on Anti-DNS pinning attacks, a technique that allows an attacker to leverage cross-site-scripting to turn a web browser into a proxy server. This is done using standard browser functionality; no client-side vulnerabilities are required. The end-result is that internal servers | + | The technical presentation will be by David Byrne from EchoStar Satellite. He will speak on Anti-DNS pinning attacks, a technique that allows an attacker to leverage cross-site-scripting to turn a web browser into a proxy server. This is done using standard browser functionality; no client-side vulnerabilities are required. The end-result is that network firewalls can are completly bypassed to access internal servers. The presentation will focus on a live demonstration of an attack. |
The non/less technical presentation will be by David Stevens from Symplified. He will discuss methods to calculate Return on Security Investment (ROSI). Considering how difficult it often is to get funding for security initiatives, this is a useful skill for any security professional or security manager. | The non/less technical presentation will be by David Stevens from Symplified. He will discuss methods to calculate Return on Security Investment (ROSI). Considering how difficult it often is to get funding for security initiatives, this is a useful skill for any security professional or security manager. | ||
Revision as of 21:18, 11 June 2007
OWASP Denver
Welcome to the Denver chapter homepage. The chapter leaders are David Byrne and Andy Lewis.
Participation
OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.
Sponsorship/Membership
to this chapter or become a local chapter supporter.
Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? 
Next Meeting
The next meeting of the Denver OWASP chapter will be on June 21st at 7:00PM. Accuvant will be hosting the meeting at their downtown office. They are located at 621 17th St. Denver, CO 80293. The map has several parking locations indicated; if you need more detailed directions, please contact David Byrne. Refreshments will be provided by Symplified.
The technical presentation will be by David Byrne from EchoStar Satellite. He will speak on Anti-DNS pinning attacks, a technique that allows an attacker to leverage cross-site-scripting to turn a web browser into a proxy server. This is done using standard browser functionality; no client-side vulnerabilities are required. The end-result is that network firewalls can are completly bypassed to access internal servers. The presentation will focus on a live demonstration of an attack.
The non/less technical presentation will be by David Stevens from Symplified. He will discuss methods to calculate Return on Security Investment (ROSI). Considering how difficult it often is to get funding for security initiatives, this is a useful skill for any security professional or security manager.
Future Meetings
Below is a list of potential topics for future meetings. If you are interested in presenting, or at least contributing to the content of a presentation on any topic, please send David Byrne an e-mail. Feel free to submit ideas for other topics as well.
- Common security mistakes and best practices for
- .Net
- J2EE
- Performing security-oriented code reviews
- HTTP message spliting attacks
- Sarbanes Oxley (SOX) compliance, relating to web apps
