This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Houston"

From OWASP
Jump to: navigation, search
Line 43: Line 43:
  
  
<li>'''<u>November 14, 2007:  Threat Modeling: A Secure Development Tool for Security Professionals</u>'''<br>John Dickson, CISSP [http://denimgroup.com/ Denim Group]<br><br><b>Overview:  Coming Soon!</b><br><br>Presenter Bio:</b> John's technical background includes over 15 years of experience with intrusion detection systems, telephony security and application security in the commercial and DoD arenas. He is a founder of the Alamo Chapter of ISSA, a principal at Denim Group, and a founder and chairman of the San Antonio Technology Accelerator Initiative (SATAI). He regularly speaks for security groups including ISSA and ISACA and at national security conferences including the Annual Computer Security Institute (CSI) Conference and ConSec 2006.  </li>
+
<li>'''<u>November 14, 2007:  Threat Modeling: A Secure Development Tool for Security Professionals</u>'''<br>John Dickson, CISSP [http://denimgroup.com/ Denim Group]<br><br><b>Overview:  Coming Soon!</b><br><br><b>Presenter Bio:</b> John's technical background includes over 15 years of experience with intrusion detection systems, telephony security and application security in the commercial and DoD arenas. He is a founder of the Alamo Chapter of ISSA, a principal at Denim Group, and a founder and chairman of the San Antonio Technology Accelerator Initiative (SATAI). He regularly speaks for security groups including ISSA and ISACA and at national security conferences including the Annual Computer Security Institute (CSI) Conference and ConSec 2006.  </li>
  
 
<br><br>
 
<br><br>

Revision as of 13:38, 23 July 2007

Welcome to OWASP Houston
the free and open application security community


Welcome to Houston Chapter


The Houston Chapter will focus around Web Application Security issues with discussions on application layer vulnerabilties, penetration testing, and secure coding practices within the numerous development languages. Our chapter will meet on the second (2nd) Wednesday of each month and participation in OWASP Houston is free and open to all.

Please subscribe to the mailing list for meeting announcements. Our chapter's meetings are informal and encourage open discussion of all aspects of application security. Anyone in our area interested in web application security is welcome to attend. We encourage attendees to give short presentations about specific topics. If you would like to make a presentation, or have any questions about the Houston Chapter, send an email to David Nester.


Meeting Calendar

  • August 8, 2007: Speaker TBD
    F5 Application Security



  • September 12, 2007: Troy Stewart
    Fortify Software



  • October 10, 2007: Top 10 Website Attack Techniques
    Jeremiah Grossman, Founder/CTO of WhiteHat Security

    Overview: During this presentation, Jeremiah Grossman will draw upon his extensive website security experience to discuss the most creative, useful and interesting Web attack techniques discovered in 2007, focusing on the top ten. This year has been significant for website hacking, with issues ranging from Cross-Site Scripting (XSS) and Cross-Site Request Forgery, to confusion about the impact of AJAX and Javascript vulnerabilities on Web 2.0 sites. Mr. Grossman will address these issues, including debunking the myth of AJAX insecurity.

    Presenter Bio: Jeremiah Grossman is the founder and CTO of WhiteHat Security, considered a world-renowned expert in Web security, co-founder of the Web Application Security Consortium, and recently named to InfoWorld's Top 25 CTOs for 2007. Mr. Grossman is a frequent speaker at industry events including the BlackHat Briefings, ISACA, CSI, OWASP, Vanguard, ISSA, OWASP, Defcon, etc. He has authored of dozens of articles and white papers, credited with the discovery of many cutting-edge attack and defensive techniques, and co-author of XSS Attacks. Mr. Grossman is frequently quoted in major media publications such as InfoWorld, USA Today, PCWorld, Dark Reading, SC Magazine, SecurityFocus, C-Net, SC Magazine, CSO, and InformationWeek. Prior to WhiteHat he was an information security officer at Yahoo!


  • November 14, 2007: Threat Modeling: A Secure Development Tool for Security Professionals
    John Dickson, CISSP Denim Group

    Overview: Coming Soon!

    Presenter Bio: John's technical background includes over 15 years of experience with intrusion detection systems, telephony security and application security in the commercial and DoD arenas. He is a founder of the Alamo Chapter of ISSA, a principal at Denim Group, and a founder and chairman of the San Antonio Technology Accelerator Initiative (SATAI). He regularly speaks for security groups including ISSA and ISACA and at national security conferences including the Annual Computer Security Institute (CSI) Conference and ConSec 2006.


Chapter Meeting :: August 8, 2007: F5 Application Security


Time:

  • 5:30-6:00 Reception and Networking
  • 6:00-6:15 Welcome and Announcements
  • 6:15-7:30 Presentation


Presentation

  • TBD


Bio

  • TBD


Location
Microsoft Campus
One Briar Lake Plaza
2000 W. Sam Houston Pkwy. S. #350
Houston, TX 77042
Phone: (832) 252-4300
Microsoft (MAP)

Geek Food will be provided


Meeting Sponsors




Past Presentations

  • June 5, 2007 :: Web 2.0 Presentation Download

    Presentation by Dan Cornell of the Denim Group. With the integration of new technologies into web application development, there are more security dangers than ever before to be found in the application layer. This session discusses the landscape of web application security, new technologies being used in developing web applications and web services and the implications these have on system security. Technical vulnerabilities in web applications such as SQL injection and cross-site scripting (XSS) will be discussed alongside logical, business-level issues. The evolution of these flaws will be tracked as traditional web applications have expanded to include Web 2.0, AJAX and web services capabilities. The goal of the presentation is to educate developers, project managers and quality assurance personnel about the risks inherent in developing web applications and provide meaningful recommendations for addressing those risks during the software development lifecycle. Sprajax Download.