This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Kansas City

Revision as of 17:05, 22 August 2007 by Bkmarshall (talk | contribs)

Jump to: navigation, search

{Bold text{Chapter Template|chaptername=Kansas City|extra=If you have any questions about the Kansas City Chapter after reading this page, please send an email to our chapter leader Bruce Marshall|mailinglistsite=}}

Upcoming Meetings

The next Kansas City chapter meeting will take place on September 6, 2007 from 6:00 PM to 8:30 PM CDT. Add the event to your calendar today so you don't miss this opportunity to learn about web application security and network with your peers.

September 6 Meeting

Speaker 1: Bob Phelps, National Bank Examiner with the Office of the Comptroller of the Currency (OCC)

Bob will provide his insight on the financial regulatory environment and how laws lead to specific information security standards and guidance. Through his job he has performed a review of application security practices in about a dozen midsize and large banks. Bob will share the results of this review and provide his recommendations on how to establish a sound application security management program.

At the OCC Bob both works with the Policy division in Washington DC and has bank supervisory responsibilities. He leads and participates in examinations of National Banks in NYC, KC, Omaha, and Minneapolis. His Policy responsibilities include evaluating emerging technologies and their impact on the banking system, evaluating trends in information security, and developing and delivering various training programs to other examiners.

Speaker 2: Bruce K. Marshall, Senior Security Consultant with Security PS

Bruce will be speaking about how to avoid improperly using challenge questions (e.g. “What is your pet’s name?”) for web app authentication. While challenge questions tend to be user friendly they can also expose your application to new security threats. He will share his experience on both choosing the best challenge questions and how to properly integrate them into your application.

Bruce consults with clients like American Express, Garmin, Microsoft, and Commerce Bank to assess and improve their information security strategies in areas like network security, web app security, authentication, and program management.

Location: Centriq Training 8700 State Line Road Suite 200 Leawood, KS 66206 (913) 322-7000 [1]


  • Attendance at an OWASP chapter meeting is free and open to anyone interested in web application security
  • No registration is required, although RSVPs to the chapter leader are appreciated
  • Professionals with CISSPs, or other certifications, can earn CPE credits by attending

We meet at least once a quarter to discuss application security. If you have an interesting topic you'd like to present or discuss at future meetings, please send an email to bmarshall[at]securityps com. Or, get a discussion going by posting a message to our mailing list.

Past Meetings

Thanks to the speakers and attendees at our past meetings: