This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Minneapolis St Paul"

From OWASP
Jump to: navigation, search
(OWASP Chapter meeting)
(Topic overview:)
Line 1: Line 1:
 
'''Bruce Schneier will be presenting on "The Economics of Information Security" at OWASP's January meeting. Because we expect this to be a large meeting RSVPs are required. You will be sent a confirmation e-mail and a reminder e-mail for the event.'''  
 
'''Bruce Schneier will be presenting on "The Economics of Information Security" at OWASP's January meeting. Because we expect this to be a large meeting RSVPs are required. You will be sent a confirmation e-mail and a reminder e-mail for the event.'''  
 
   
 
   
== Topic overview: ==
+
<h3>Robert Hansen will be presenting on "Web Application Security Scanners - why I don't use them (at least not all the time)" at OWASP's Febuary meeting.</h3>
 
   
 
   
'''The Economics of Information Security - Ten Trends '''
+
<h2>Topic overview:</h2>
+
 
Surveying  current trends in information security, it's clear that a myriad of forces are at work.Fundamentally, security is all about economics: both attacker and defender are trying to maximize the return on their investments. Understanding economics is critical to understanding IT security; it explains why security fails so often, and can offer new solutions for security success. For example, often the people who could protect a system are not the ones who suffer the costs of failure. Changing those economic incentives will do more to improve security than  technology.
+
<p>
 +
In an effort to commoditize the application security space there has been a push towards automated scanners.  The speech will cover all sorts of issues regarding scanner technology, in what areas scanners leave much to be desired and ultimately what they are good at.</p>
 +
 
 +
<p>
 +
Speaker Bio:
 +
Robert Hansen (CEO, Founder [http://www.sectheory.com SecTheory]): Mr. Hansen (CISSP) has worked for Digital Island, Exodus Communications and Cable & Wireless in varying roles from Sr. Security Architect and eventually product managing many of the managed security services product lines. He also worked at eBay as a Sr. Global Product Manager of Trust and Safety, focusing on anti-phishing, anti-DHTML malware and anti-virus strategies. Later he worked as a director of product management for Realtor.com. Robert previously sat on the technical advisory board of ClickForensics and currently contributes to the security strategy of several startup companies.</p>
  
'''Event Sponsors'''
+
<p>  
<table width="100%">
+
Mr. Hansen authors content on  [http://rs6.net/tn.jsp?t=omebejcab.0.0.h86lyobab.0&p=http%3A%2F%2Fwww.darkreading.com%2Fblog.asp%3Fblog_sectionid%3D403&id=preview Dark Reading] and co-authored [http://rs6.net/tn.jsp?t=omebejcab.0.0.h86lyobab.0&p=http%3A%2F%2Fwww.amazon.com%2FCross-Site-Scripting-Attacks-Exploits%2Fdp%2F1597491543&id=preview XSS Exploits] by Syngress publishing. He sits on the [http://rs6.net/tn.jsp?t=omebejcab.0.0.h86lyobab.0&p=http%3A%2F%2Fsamate.nist.gov%2Findex.php%2FWeb_Application_Scanner_Focus_Group&id=preview NIST.gov] Software Assurance Metrics and Tool Evaluation group focusing on web application security scanners and the Web Application Security Scanners Evaluation Criteria ([http://rs6.net/tn.jsp?t=omebejcab.0.0.h86lyobab.0&p=http%3A%2F%2Fwww.webappsec.org%2Fprojects%2Fwassec%2F&id=preview WASC-WASSEC]) group. He also speaks at Toorcon, APWG, ISSA, OWASP/WASC, Microsoft's Bluehat, Blackhat and Networld+Interop. Mr. Hansen is a member of [http://rs6.net/tn.jsp?t=omebejcab.0.0.h86lyobab.0&p=http%3A%2F%2Fwww.infragard-texas.us%2F&id=preview Infragard], [http://rs6.net/tn.jsp?t=omebejcab.0.0.h86lyobab.0&p=http%3A%2F%2Fwww.austin-chamber.org%2F&id=preview Austin Chamber of Commerce], [http://rs6.net/tn.jsp?t=omebejcab.0.0.h86lyobab.0&p=http%3A%2F%2Fwww.westaustinrotary.org%2F&id=preview West Austin Rotary], [http://rs6.net/tn.jsp?t=omebejcab.0.0.h86lyobab.0&p=http%3A%2F%2Fwww.webappsec.org%2F&id=preview WASC], [http://rs6.net/tn.jsp?t=omebejcab.0.0.h86lyobab.0&p=http%3A%2F%2Fwww.iacsp.com%2F&id=preview IACSP], [http://rs6.net/tn.jsp?t=omebejcab.0.0.h86lyobab.0&p=http%3A%2F%2Fwww.antiphishing.org%2F&id=preview APWG], he is the Industry Liaison for the [http://rs6.net/tn.jsp?t=omebejcab.0.0.h86lyobab.0&p=http%3A%2F%2Faustinissa.org%2F&id=preview Austin ISSA ] and contributed to the [http://rs6.net/tn.jsp?t=omebejcab.0.0.h86lyobab.0&p=http%3A%2F%2Fwww.owasp.org%2F&id=preview OWASP 2.0 guide].</br><br>
<tr>
 
<td>
 
[http://www.owasp.org/index.php/Main_Page http://blogs.owasp.org/dacort/wp-content/themes/default/images/ologo.gif]<br>
 
OWASP
 
</td>
 
<td>
 
[http://www.go-integral.com http://www.go-integral.com/files/integral_logo.png]
 
</td>
 
<td>
 
[http://www.umn.edu http://www.utmem.edu/MSCBS/images/UMN%20Logo.jpg]<br>
 
University of Minnesota
 
</td>
 
<td>[http://www.strategicit.org http://ccdc.minnesota.edu/images/csits-logo.gif]
 
</td>
 
</tr>
 
</table>
 
  
 
==OWASP Chapter meeting==
 
==OWASP Chapter meeting==

Revision as of 03:04, 4 February 2008

Bruce Schneier will be presenting on "The Economics of Information Security" at OWASP's January meeting. Because we expect this to be a large meeting RSVPs are required. You will be sent a confirmation e-mail and a reminder e-mail for the event.

Robert Hansen will be presenting on "Web Application Security Scanners - why I don't use them (at least not all the time)" at OWASP's Febuary meeting.

Topic overview:

In an effort to commoditize the application security space there has been a push towards automated scanners. The speech will cover all sorts of issues regarding scanner technology, in what areas scanners leave much to be desired and ultimately what they are good at.

Speaker Bio: Robert Hansen (CEO, Founder SecTheory): Mr. Hansen (CISSP) has worked for Digital Island, Exodus Communications and Cable & Wireless in varying roles from Sr. Security Architect and eventually product managing many of the managed security services product lines. He also worked at eBay as a Sr. Global Product Manager of Trust and Safety, focusing on anti-phishing, anti-DHTML malware and anti-virus strategies. Later he worked as a director of product management for Realtor.com. Robert previously sat on the technical advisory board of ClickForensics and currently contributes to the security strategy of several startup companies.

Mr. Hansen authors content on Dark Reading and co-authored XSS Exploits by Syngress publishing. He sits on the NIST.gov Software Assurance Metrics and Tool Evaluation group focusing on web application security scanners and the Web Application Security Scanners Evaluation Criteria (WASC-WASSEC) group. He also speaks at Toorcon, APWG, ISSA, OWASP/WASC, Microsoft's Bluehat, Blackhat and Networld+Interop. Mr. Hansen is a member of Infragard, Austin Chamber of Commerce, West Austin Rotary, WASC, IACSP, APWG, he is the Industry Liaison for the Austin ISSA and contributed to the OWASP 2.0 guide.</br>

OWASP Chapter meeting

DATE: February 11th 2008 TIME: 6 p.m.

Please RSVP for the meeting. You will be sent a confirmation e-mail and a reminder e-mail for the event. OWASP Chapter meeting DATE: Febuary 11th TIME: 6 p.m. LOCATION: Gourmet Dinning Room MnScu Technology Building (T), Minneapolis Campus Address:

Directions:

http://www.metrostate.edu/bldgservices/maps/mpls_map.pdf

RSVP:

http://www.go-integral.net/?q=OWASPJan_BruceSchneier

Agenda February 11 2008

6:00pm - Introduction and optional sign-in for CISSP credits.
6:10pm - Welcome: OWASP chapter updates (Kuai Hinojosa).
6:30pm - Web Application Security Scanners - why I don't use them "at least not all the time"(Robert Hansen).
7:55pm - Book Giveaway
8:00pm - Upcoming Events reminder and meeting wrap-up


Our first OWASP meeting of the year was a great success. We have many exciting and nationally well know speakers on the topic of Application Security lined up for future meetings. This meeting should be another great meeting. We've also lined up an interview of Robert Hansen on Future Tense so be sure to listen. Sincerely,


Kuai Hinojosa

OWASP Chapter Leader