OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.
to this chapter or become a local chapter supporter. Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member?
Special Event! Front Range OWASP Conference, 10 June 2008!
The Denver OWASP Chapter, in conjunction with the Boulder OWASP Chapter, is proud to present the FROC this June. We have an assortment of top notch speakers but have managed to keep this a *free conference*! Please register now at the FROC website
The next meeting of the DENVER OWASP chapter will be held Wednesday 21 May 2008 at Raytheon Polar Services, 7400 S. Tucson Way, Centennial, CO 80112. [gMaps Link]
Topic: Cross Site Scripting, Exploits and Defenses
6-6:30 Dinner (at RPSC; provided by Fishnet Security.
6:30 - 6:40 Chapter business
6:40 - 8:00 Presentation and Q&A
Following the meeting we will have informal discussions over beverages at a local pub TBD.
Chapter leaders David Campbell and Eric Duprey will be presenting on the emerging threat of cross site scripting (XSS) vulnerabilities.
For a long time, the impact of XSS vulnerabilities has been grossly underestimated. Recent compromises, such as the pro-Hillary defacement of Barack Obama's website demonstrated the impact of XSS vulnerabilities to the masses.
During this presentation, we will demonstrate exactly how effective XSS vulns can be, and show you what you can do to protect yourself and your sites. We intend to make this presentation interactive, so bring a laptop and be prepared to join in the fun.
David Campbell is an infosec veteran, with experience ranging from penetration testing for Fortune 100's to architecting security solutions for large multinational financials to consulting for government agencies. DC is presently head of security engineering for Raytheon Polar Services, and is also on the board of directors of Psiframe Inc., a San Francisco based security consultancy.
Eric Duprey is a Senior Security Engineer for Dish Network Corporation.
Questions can be directed to
16 July 2008: booked. speakers to be announced
September 2008: available
October 2008: available
November 2008: available
December 2008: available