This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Difference between revisions of "Kansas City"

Jump to: navigation, search
(Past Meetings)
Line 37: Line 37:
== Past Meetings ==
== Past Meetings ==
Thanks to the speakers and attendees at our past meetings:
Thanks to the speakers and attendees at our past chapter meetings:
*[[Kansas_City_September_2007_Meeting|September 2007 Meeting]]
*[[Kansas City June 2007 Meeting|June 2007 meeting]]
*[[Kansas City June 2007 Meeting|June 2007 meeting]]
*[[Kansas City March 2007 Meeting|March 2007 meeting]]
*[[Kansas City March 2007 Meeting|March 2007 meeting]]

Revision as of 19:12, 12 September 2007

OWASP Kansas City

Welcome to the Kansas City chapter homepage. If you have any questions about the Kansas City Chapter after reading this page, please send an email to our chapter leader Bruce Marshall


OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.


Btn donate SM.gif to this chapter or become a local chapter supporter. Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG

Upcoming Meetings

The next Kansas City chapter meeting will take place on September 6, 2007 from 6:00 PM to 8:30 PM CDT. Add the event to your calendar today so you don't miss this opportunity to learn about web application security and network with your peers.

September 6 Meeting

Speaker 1: Bob Phelps, National Bank Examiner with the Office of the Comptroller of the Currency (OCC)

Bob will provide his insight on the financial regulatory environment and how laws lead to specific information security standards and guidance. Through his job he has performed a review of application security practices in about a dozen midsize and large banks. Bob will share the results of this review and provide his recommendations on how to establish a sound application security management program.

At the OCC Bob both works with the Policy division in Washington DC and has bank supervisory responsibilities. He leads and participates in examinations of National Banks in NYC, KC, Omaha, and Minneapolis. His Policy responsibilities include evaluating emerging technologies and their impact on the banking system, evaluating trends in information security, and developing and delivering various training programs to other examiners.

Speaker 2: Bruce K. Marshall, Senior Security Consultant with Security PS

Bruce will be speaking about how to avoid improperly using challenge questions (e.g. “What is your pet’s name?”) for web app authentication. While challenge questions tend to be user friendly they can also expose your application to new security threats. He will share his experience on both choosing the best challenge questions and how to properly integrate them into your application.

Bruce consults with clients like American Express, Garmin, Microsoft, and Commerce Bank to assess and improve their information security strategies in areas like network security, web app security, authentication, and program management.

Location: Centriq Training 8700 State Line Road Suite 200 Leawood, KS 66206 (913) 322-7000 [1]


  • Attendance at an OWASP chapter meeting is free and open to anyone interested in web application security
  • No registration is required, although RSVPs to the chapter leader are appreciated
  • Professionals with CISSPs, or other certifications, can earn CPE credits by attending

We meet at least once a quarter to discuss application security. If you have an interesting topic you'd like to present or discuss at future meetings, please send an email to bmarshall[at]securityps com. Or, get a discussion going by posting a message to our mailing list.

Past Meetings

Thanks to the speakers and attendees at our past chapter meetings: