This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Kansas City"
Bkmarshall (talk | contribs) (Updated page following September meeting) |
Bkmarshall (talk | contribs) |
||
| Line 3: | Line 3: | ||
== Upcoming Meetings == | == Upcoming Meetings == | ||
| − | We | + | I am pleased to announce that the details for our next OWASP Kansas City chapter meeting have been finalized. We will get together on Wednesday, November 7th starting at 6:00 PM and finishing around 7:30 PM. Add the event to your calendar today so you don't miss this opportunity to learn about web application security and network with your peers. |
| + | |||
| + | Here is the presentation planned for this meeting: | ||
| − | The | + | Speaker: '''Tom Stripling, CISSP on The Dangers of Third-Party Content''' |
| − | + | It is now commonplace for web applications to include content from other sites, partners, and advertisers. If this content isn’t handled correctly, applications are left vulnerable to attack. By examining a variety of attacks that can be executed through third-party content, we can better evaluate application risk and design countermeasures. | |
| + | Session Learning Objectives | ||
| + | * Determine the threat posed by third-party content, given trends in Internet content and specific risks associated with each form of third-party content inclusion | ||
| + | * Demonstrate attacks against a live web application that exploit flawed security assumptions in the inclusion of third-party content | ||
| + | * Analyze the effectiveness of various application security countermeasures to combat the threat | ||
| + | * Enable developers and penetration testers to better identify and prevent the risks associated with the use of third-party content in web applications | ||
| − | + | Tom Stripling is a senior application security consultant with an extensive background in web application development, penetration testing, and risk assessment. In his role at Security PS, he helps clients uncover application vulnerabilities and secure the software development process. In his spare time, Tom is an avid researcher of application security attacks, vulnerabilities, and best practices. | |
| + | |||
| + | |||
| + | *We have time for another person to give a brief 15-45 minute presentation on web application security. This can be a technical demonstration, conference review, or open discussion about a web application security topic. Please let me know if you'd like to grab this spot. | ||
| + | |||
| + | |||
| + | Date: November 7, 2007 – 6:00 PM – 7:30 PM | ||
| + | |||
| + | Location: | ||
| + | |||
| + | Centriq Training | ||
| + | |||
| + | 8700 State Line Road | ||
| + | |||
| + | Suite 200 | ||
| + | |||
| + | Leawood, KS 66206 | ||
| + | |||
| + | (913) 322-7000 | ||
| + | |||
| + | http://www.centriq.com/contactus.htm | ||
| + | |||
| + | Thanks to Centriq Training for volunteering to host another one of our chapter meeting. | ||
| + | |||
| + | Attendance of OWASP meetings is free and anyone interested in web application security is welcome to attend. Pass on this meeting announcement to anyone else that would benefit from joining us. | ||
| + | |||
| + | |||
| + | Please note: | ||
*Attendance at an OWASP chapter meeting is free and open to anyone interested in web application security | *Attendance at an OWASP chapter meeting is free and open to anyone interested in web application security | ||
*No registration is required, although RSVPs to the [[User:bkmarshall|chapter leader]] are appreciated | *No registration is required, although RSVPs to the [[User:bkmarshall|chapter leader]] are appreciated | ||
Revision as of 16:53, 22 October 2007
OWASP Kansas City
Welcome to the Kansas City chapter homepage. If you have any questions about the Kansas City Chapter after reading this page, please send an email to our chapter leader Bruce K. Marshall
Participation
OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.
Sponsorship/Membership
to this chapter or become a local chapter supporter.
Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? 
Upcoming Meetings
I am pleased to announce that the details for our next OWASP Kansas City chapter meeting have been finalized. We will get together on Wednesday, November 7th starting at 6:00 PM and finishing around 7:30 PM. Add the event to your calendar today so you don't miss this opportunity to learn about web application security and network with your peers.
Here is the presentation planned for this meeting:
Speaker: Tom Stripling, CISSP on The Dangers of Third-Party Content
It is now commonplace for web applications to include content from other sites, partners, and advertisers. If this content isn’t handled correctly, applications are left vulnerable to attack. By examining a variety of attacks that can be executed through third-party content, we can better evaluate application risk and design countermeasures.
Session Learning Objectives
- Determine the threat posed by third-party content, given trends in Internet content and specific risks associated with each form of third-party content inclusion
- Demonstrate attacks against a live web application that exploit flawed security assumptions in the inclusion of third-party content
- Analyze the effectiveness of various application security countermeasures to combat the threat
- Enable developers and penetration testers to better identify and prevent the risks associated with the use of third-party content in web applications
Tom Stripling is a senior application security consultant with an extensive background in web application development, penetration testing, and risk assessment. In his role at Security PS, he helps clients uncover application vulnerabilities and secure the software development process. In his spare time, Tom is an avid researcher of application security attacks, vulnerabilities, and best practices.
- We have time for another person to give a brief 15-45 minute presentation on web application security. This can be a technical demonstration, conference review, or open discussion about a web application security topic. Please let me know if you'd like to grab this spot.
Date: November 7, 2007 – 6:00 PM – 7:30 PM
Location:
Centriq Training
8700 State Line Road
Suite 200
Leawood, KS 66206
(913) 322-7000
http://www.centriq.com/contactus.htm
Thanks to Centriq Training for volunteering to host another one of our chapter meeting.
Attendance of OWASP meetings is free and anyone interested in web application security is welcome to attend. Pass on this meeting announcement to anyone else that would benefit from joining us.
Please note:
- Attendance at an OWASP chapter meeting is free and open to anyone interested in web application security
- No registration is required, although RSVPs to the chapter leader are appreciated
- Professionals with CISSPs, or other certifications, can earn CPE credits by attending
We meet at least once a quarter to discuss application security. If you have an interesting topic you'd like to present or discuss at future meetings, please send an email to bmarshall[at]securityps com. Or, get a discussion going by posting a message to our mailing list.
Past Meetings
Thanks to the speakers for sharing with us at our past chapter meetings. Any presentation handouts or associated documents are shared through the following meeting summaries:
