This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Hartford

From OWASP
Revision as of 20:05, 27 March 2017 by Jm04469 (talk | contribs) (UConn)

Jump to: navigation, search

OWASP Hartford

Welcome to the Hartford chapter homepage. The chapter leaders are James McGovern and Alvin Fong


Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

Btn donate SM.gif to this chapter or become a local chapter supporter. Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG


Sponsors

We would like to thank Travelers Insurancefor their generous sponsorship and helping make application security visible...

If you would like to sponsor either the food and/or door prizes for an upcoming meeting, please email James McGovern with your proposal. Independent of any financial considerations, sponsorship priority is driven by those who drive participation in OWASP to their employees and customers.



Call for Sponsors/Speakers

This is a call for speakers/papers. If we haven't approached you, but you believe you have a significant discovery or new research that the security community would value, or enjoy hearing about, we invite you to submit your presentation topic for serious consideration. Preference will be given to speakers who can present new and innovative technical content to a broad audience. Of course, all presentations are expected to challenge the brightest and quickest of attendees - we wouldn't have it any other way.

OWASP is not a vendor fair. Consequently, there will be very little tolerance for commercial content within presentations. Attendees will be encouraged to quell any shameless marketing that is not immediately backed up with rationale for its inclusion.

Some topics of interest for upcoming meetings include (but are not limited to):

  • Risk Rating Methodologies
  • Breaking CAPTCHA
  • Internet of Things (IOT) Security
  • Information Security 101 for Business Executives
  • Enterprise Risk Management - Understanding true risks

Upcoming Events

Outlook events:

Agenda: Wednesday, Mar 29th 2017
6:30PM - 9PM
OWASP UCONN
https://cc.callinfo.com/r/1jtu5l8injwjx&eom

The next OWASP Hartford chapter meeting will be held at the ITE Building Room 301 on the University of Connecticut Campus in Storrs. We are conducting an interactive session with students of the cybersecurity club and will be inviting participation from students attending Law, Business and Medical schools for an enlightening discussion on Healthcare Information Security. As usual, this event is kid-friendly and OWASP-approved with a healthy dose of FREE TO ATTEND sprinkled on top.

Agenda: Thursday, Sep 29th 2016
2PM - 4PM
Fraud Analytics
https://cc.callinfo.com/r/1jtu5l8injwjx&eom

The next OWASP Hartford chapter meeting will focus on Fraud Analytics. James Ruotolo from SAS will be joining us to discuss fraud analytics methodologies, fraud patterns in insurance. There will also be a walkthrough of Visualization technologies, Risk Scoring, and Cybersecurity.


Agenda:
Exploring Fraud Analytics
1. Introduction
a. Business analytics
b. Example fraud analytics use cases
2. Fraud analytics methodology
a. Detection techniques
b. Data management considerations
c. Deployment and operationalization
3. Case study: Fraud analytics in insurance
a. Visualization technology
b. Fraud risk scoring and alert triage
c. Cybersecurity
d. Example results
4. Q&A

About James Ruotolo:
James Ruotolo is the product line leader for the fraud and security intelligence solution portfolio at SAS®. He is responsible for product management and marketing of fraud detection and compliance solutions for the banking, insurance, healthcare and government industries. Before joining SAS®, James was the Director of Strategic Operations for the special investigation unit of a large multi-line US insurance company where he was responsible for investigative analytics and intelligence operations. He has nearly two decades of investigation and fraud analytics experience. Connect with him on Twitter @jdruotolo

Please RSVP by 9/28 on our meet-up site: https://www.meetup.com/Hartford-Cyber-Security-Meetup-OWASP/events/234147585/ OR register remotely via https://cc.callinfo.com/r/1jtu5l8injwjx&eom
GPS Address: 45 Central Row, Hartford, CT, 06103 (entrance is between Dunkin Donuts and CVS Pharmacy)


Directions to Travelers Central Row Meeting rooms:
https://www.travelers.com/about-us/careers/documents/hartfordmapdrivingdirections.pdf

Local parking map: http://parking.hartford.gov/map/map2009.htm
Note: there is limited street parking and the constitution plaza and financial plaza garages are the closest to the central row meeting rooms.



Agenda: Thursday, May 26th 2016
Industry Cyber Security Panel

Brian Bemis – Travelers - Director of Application Security and Public Key Infrastructure
Brian’s area of focus includes Application security, penetration testing, network security, Secure SDLC, and certificates

Brian Heemsoth – Aetna – Director of Software and Mobile Security
Brian Heemsoth is responsible for designing and implementing security solutions with a user experience focus,
application security, mobile security and incident response.

Joe Niquette – UnitedHealth Group – Security Solutions Architect
Joe’s involved in security research and development and passionate about rugged DevOps.

Ankur Singhal – the Hartford – Manager Application Security
Ankur’s focus is web and mobile application security, security vulnerability management and remediation, Secure SDLC, PKI and cert management, Encryption at rest and most recently Security in DevOps

2:00 PM to 4:00 PM


This meeting will be held at Travelers, Hartford CT (Central Row Conference Room)

Agenda: Tuesday, February 9th 2016
Threat Modeling for Architects, Business Analysts and Quality Assurance Professionals’ Category
Robert Hurlbut
Independent software security consultant, architect and trainer
Hurlbut Consulting Services
6:00 PM to 7:00 PM

Future Direction of Chapter
James McGovern
7:00 PM to 7:30 PM

This meeting will be held at Travelers, Hartford CT (Central Row Conference Room)

Postponed Events

Agenda: Tuesday, April 16th 2013
Why We Need DevOps Now: A Fourteen Year Study Of High Performing IT Organizations
Gene Kim - CTO of Tripwire
This meeting will be held at Travelers in Downtown Hartford</br>

Past Events

Agenda: Tuesday, May 27th 2014
OWASP Mobile Top Ten Risks 2014 – The New M10: ‘Lack of Binary Protection’ Category
Senior Security Engineer at Arxan Technologies
5:00 PM to 6:00 PM

IDaaS (Cloud) Landscape - Why Companies are Shifting Strategies Toward Cloud-Based Identity Management vs. Traditional Security Methods?
Tarek Khaled, Senior Security Engineer at Okta
6:00 PM to 7:00 PM

This meeting was held at Travelers, Hartford CT (Central Row Conference Room)

Agenda: Tuesday, October 22nd 2013
Mobile Security: Attacks and Defenses
Gene Meltser, Technical Director, Neohapsis Labs
5:00 PM to 6:00 PM

An Application Pen Tester's introduction to Android Internals
Tom Palarz, Senior Security Consultant, Neohapsis Labs
6:00 PM to 7:00 PM
This meeting was held at Travelers, Hartford CT (Central Row Conference Room)

Agenda: Tuesday, June 6th 2013
Building a Better Botnet
Michael Smith, Akamai
This meeting will be held at the Travelers in Hartford

Agenda: Tuesday, May 6th 2013
Web Services Security
James McGovern, HP Enterprise Services
This meeting was held at the ACORD LOMA Forum in Las Vegas

Agenda: Wednesday, April 24th 2013
Cloud and Identity
George Dobbs, Enterprise Architect - MassMutual
8:30 AM to Noon
This meeting was be held at IBM, 755 Main Street, Hartford CT (The Gold Building)

Agenda: Wednesday, October 24th 2012
International Institute of Business Analysts (IIBA) Joint Meeting
James McGovern - Introduction to Security for Business Analysts
This meeting was held at Chubb in Simsbury</br>

Agenda: Wednesday, September 26th 2012
Joint Meeting with OWASP Student Chapter
Introduction to Network Security
Anthony DAmato</br>

Agenda: Wednesday, May 23rd 2012
Introduction to SOA Security
James McGovern

Agenda: Tuesday, May 18th 2010
Joint Meeting with ISACA on the topic of auditing web applications

Dmitry Zhdanov presentation is located here
Mark Wireman presentation is located here
James Ritche presentation is located here
Mark Coderre presentation is located here

Agenda: Thursday, December 3rd 2009

SOCIAL MEDIA, PRIVACY AND BREACHES
Ian Glazer, Distinguished Industry Analyst Burton Group
Powerpoint presentation is located here

VANISH: MAKING DATA DISAPPEAR
George Dobbs, Chief Architect Knights of Columbus
Powerpoint presentation is located here

Agenda: Tuesday, November 17th 2009

ATTACK YOUR DATABASE BEFORE OTHERS DO
Todd Desantis, Lead Sales Engineer Sentrigo

Agenda: Tuesday, October 13th 2009

THE CONVERGENCE OF SECURITY AND PRIVACY: CLOUD COMPUTING
Michael Waidner, Distinguished IBM Engineer and Security CTO IBM

Agenda: Monday, September 14th 2009

OWASP: WHERE WE ARE AND WHERE WE ARE GOING
Tom Brennan, OWASP Board Member OWASP

WEB APPLICATION SECURITY ASSURANCE
Gregory Gotta, SVP Security CA

Agenda: Wednesday, June 10th 2009

THE ANATOMY OF SECURITY DISASTERS
Marcus Ranum, CSO of Tenable Security
Powerpoint presentation is located here

Agenda: Tuesday, April 30th 2009

RECRUITING ELITE IT TALENT
Jordan Haberfield (Agile Elephant), SVP of System One

DETECTING BACKDOORS IN WEB APPLICATIONS
Chris Wysopal CTO, Veracode

Agenda: Monday, April 13th 2009

AGILE SOFTWARE DEVELOPMENT AND SECURITY: 4:00 - 6:45 PM
Scott Ambler, Agile Practice Leader, IBM
Powerpoint presentation is located here

Agenda: Tuesday, February 10th 2009

OPEN SOURCE IDENTITY SERVICES (The Higgins Project)
Mary Ruddy, Meristic

ENABLING STRONGER/MULTI-FACTOR AUTHENTICATION FOR ENTERPRISE APPLICATIONS
Ramesh Nagappan, Security Architect at Sun Microsystems

STATE OF WEB APPLICATION SECURITY
Gunnar Peterson, CTO of Artec Group and Twin Cities OWASP

Agenda: Wednesday, November 11th 2008

LIGHTWEIGHT SECURITY USING IDENTITY-BASED ENCRYPTION: 6:00 - 7:00 PM
Richard Eisenberg, Architect at Voltage Security

Agenda: Wednesday, September 24th 2008

TOP TEN BOGUS TECH QUOTES OF THE YEAR: 6:00 - 6:45 PM
Paul Roberts, Industry Analyst, The 451 Group
Powerpoint presentation is located here

MAKING APPLICATIONS SECURE BY REMOVING SECURITY: 6:45 - 7:30 PM
Andrew Stone, Senior Manager, Accenture
Powerpoint presentation is located here

Agenda: Wednesday, June 11th 2008

CARDSPACE AND USER CENTRIC IDENTITY
Chris Winn, Security Evangelist, Microsoft

IDENTITY GOVERNANCE FRAMEWORK
Prateek Mishra, Product Manager, Oracle
Powerpoint Presentation is here

Agenda: Wednesday, April 30th 2008

THE IDIOTS GUIDE TO DEVELOPING BAD ENTERPRISE APPLICATIONS AND WORST LOGGING PRACTICES
Anton Chuvakin, Chief Logging Evangelist, LogLogic

KEEPING SECRETS: APPLICATION SECURITY IS A BUSINESS IMPERATIVE
Jack Danahy, CTO and Founder, Ounce Labs

Agenda: Thursday, February 28th 2008

HOW WEB 2.0 HAS CHANGED THE LANDSCAPE OF APPLICATION SECURITY
Chenxi Wang, Principal Analyst, Forrester Research

EXPLOITING ONLINE GAMES
Gary McGraw, CTO, Cigital

Locations

All meetings are held at the headquarters of Travelers Insurance 45 Central Row, Hartford CT 06103 (Entrance is between Dunkin Donuts and CVS pharmacy). Free parking is available in their Propspect Street Garage (Next to Hartford Club).