This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Denver"

From OWASP
Jump to: navigation, search
(Topic: XSS)
(Next Meeting)
Line 6: Line 6:
 
== Next Meeting ==
 
== Next Meeting ==
  
'''The next meeting of the DENVER OWASP chapter will be held Wednesday 21 May 2008 at $location <!-- Raytheon Polar Services, 7400 S. Tucson Way, Centennial, CO 80112.  [[http://xrl.us/bhyyk gMaps Link]] -->
+
'''The next meeting of the DENVER OWASP chapter will be held Wednesday 21 May 2008 at Raytheon Polar Services, 7400 S. Tucson Way, Centennial, CO 80112.  [[http://xrl.us/bhyyk gMaps Link]]
  
 
=== Topic: Cross Site Scripting, Exploits and Defenses===
 
=== Topic: Cross Site Scripting, Exploits and Defenses===
Line 13: Line 13:
 
Agenda:
 
Agenda:
  
6-6:30  Dinner (at $location; provided by [http://www.fishnetsecurity.com/ Fishnet Security].
+
6-6:30  Dinner (at RPSC; provided by [http://www.fishnetsecurity.com/ Fishnet Security].
  
 
6:30 - 6:40  Chapter business
 
6:30 - 6:40  Chapter business
Line 23: Line 23:
 
=== '''Speaker''' ===
 
=== '''Speaker''' ===
  
$bio
+
Chapter leaders David Campbell and Eric Duprey will be presenting on the up and coming threat of cross site scripting (XSS) vulnerabilities.
 +
 
 +
For a long time, the impact of XSS vulnerabilities has been grossly underestimated. During this presentation, we will demonstrate exactly how effective XSS vulns can be.  We intend to make this presentation interactive, so bring a laptop and be prepared to join in the fun.
 +
 
 +
David Campbell is a ten plus year veteran of the infosec industry, with experience ranging from penetration testing for Fortune-100's to architecting security solutions for large multinational financials to security consulting for US government agencies.  DC is presently head of security engineering for Raytheon Polar Services, and is also on the board of directors of Psiframe Inc., a San Francisco based security consultancy.
 +
 
 +
Eric Duprey is head of application security at Echostar, and is presently working on an open source vulnerability scanner which will debut at Blackhat this summer.
 +
 
  
 
----
 
----

Revision as of 16:53, 2 May 2008

OWASP Denver

Welcome to the Denver chapter homepage. Chapter leaders are Eric Duprey and David Campbell.


Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

Btn donate SM.gif to this chapter or become a local chapter supporter. Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG


Special Event! Front Range OWASP Conference, 10 June 2008!

The Denver OWASP Chapter, in conjunction with the Boulder OWASP Chapter, is proud to present the FROC this June. We have an assortment of top notch speakers but have managed to keep this a *free conference*! Please register now at the FROC website

Next Meeting

The next meeting of the DENVER OWASP chapter will be held Wednesday 21 May 2008 at Raytheon Polar Services, 7400 S. Tucson Way, Centennial, CO 80112. [gMaps Link]

Topic: Cross Site Scripting, Exploits and Defenses

Agenda:

6-6:30 Dinner (at RPSC; provided by Fishnet Security.

6:30 - 6:40 Chapter business

6:40 - 8:00 Presentation and Q&A

Following the meeting we will have informal discussions over beverages at a local pub TBD.

Speaker

Chapter leaders David Campbell and Eric Duprey will be presenting on the up and coming threat of cross site scripting (XSS) vulnerabilities.

For a long time, the impact of XSS vulnerabilities has been grossly underestimated. During this presentation, we will demonstrate exactly how effective XSS vulns can be. We intend to make this presentation interactive, so bring a laptop and be prepared to join in the fun.

David Campbell is a ten plus year veteran of the infosec industry, with experience ranging from penetration testing for Fortune-100's to architecting security solutions for large multinational financials to security consulting for US government agencies. DC is presently head of security engineering for Raytheon Polar Services, and is also on the board of directors of Psiframe Inc., a San Francisco based security consultancy.

Eric Duprey is head of application security at Echostar, and is presently working on an open source vulnerability scanner which will debut at Blackhat this summer.



Questions, Comments

Questions can be directed to

Future Meetings

May 21 2008

Past Meetings

April 2008

February 2008

June 2007

April 2007

February 2007

January 2007

November 2006


Chapter Planning Pages

Front Range Web Application Security Summit Planning