This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Minneapolis St Paul"
Webappsecguy (talk | contribs) m (replacing "Minneapolis-St. Paul" with "OWASP Minneapolis-St. Paul" for the full chaptername custom node element.) |
Webappsecguy (talk | contribs) m (Updating Ryan Barnett presentation with agenda and Midwave sponsorship and location.) |
||
Line 25: | Line 25: | ||
==== Upcoming Meetings and Events ==== | ==== Upcoming Meetings and Events ==== | ||
− | === Monday, September 21, 2009 - Ryan Barnett<br/>The Web Hacking | + | === Monday, September 21, 2009 - Ryan Barnett ([http://www.breach.com/ Breach Security, Inc.])<br/>The Web Hacking Incidents Database (WHID) - 2009 Analysis === |
− | '''Room opens | + | '''Date:''' September 21st, 2009 |
+ | |||
+ | '''Location / Venue Sponsor:''' Midwave, 10050 Crosstown Circle, Suite 500, Eden Prairie, MN 55344-3346 | ||
+ | |||
+ | '''Map and Directions:''' [http://www.midwave.com/ContactUs/MapDirections/tabid/170/Default.aspx http://www.midwave.com/ContactUs/MapDirections/tabid/170/Default.aspx] | ||
+ | |||
+ | '''Agenda:''' | ||
+ | |||
+ | '''5:30 PM ''' Room opens for networking | ||
+ | |||
+ | '''6:00 PM''' Welcome: OWASP chapter updates | ||
+ | |||
+ | '''6:30 PM''' Ryan Barnett – '''The Web Hacking Incidents Database (WHID) – 2009 Analysis''' | ||
+ | |||
+ | '''8:00 PM''' - Upcoming events reminder and meeting wrap-up | ||
+ | |||
+ | '''Thank You:''' Midwave for sponsoring this meeting and the meeting location. MN OWASP is currently looking for meeting location suggestions. Please contact Lorna at [mailto:[email protected] [email protected]] or 651-338-0243 if you would like to sponsor a meeting or meeting location for an upcoming OWASP meeting. | ||
''' Preview''' | ''' Preview''' | ||
− | The [http://www.webappsec.org/projects/whid/ Web Hacking | + | The [http://www.webappsec.org/projects/whid/ Web Hacking Incidents Database (WHID)] (MSNBC news segment with WHID splash [http://www.msnbc.msn.com/id/3032619/ns/nightly_news_with_brian_williams-nightly_news_with_brian_williams/#32467751 here]) is a [http://www.webappsec.org/ Web Application Security Consortium] project dedicated to maintaining a list of web application related security incidents. The goal of WHID is to serve as a tool for raising awareness of the web application security problem and provide information for statistical analysis of web application security incidents. The database is unique in tracking only media reported security incidents that can be associated with a web application security vulnerability. This presentation will highlight the statistics gathered from the first half of 2009 (January - June) and provide insight into categories such as: 1) Top Attack Methods, 2) Top Compromise Outcomes, 3) Top Target Geographic Region, and 4) Top Vertical Markets Hit. The presenter will also provide some in depth analysis for emerging threats/attack techniques such as planting of malware on websites and reflected cross-site scripting through SQL injection. |
''' Speaker Bio''' | ''' Speaker Bio''' |
Revision as of 06:06, 11 September 2009
OWASP OWASP Minneapolis-St. Paul (OWASP MSP)
Welcome to the OWASP Minneapolis-St. Paul (OWASP MSP) chapter homepage. The chapter president is Kuai Hinojosa and the transitional president is Adam Baso.
The OWASP Minneapolis-St. Paul (OWASP MSP) chapter held an afternoon of information security presentations on August 24, 2009 at the St. Paul Student Center Auditorium/Theater on the University of Minnesota - Twin Cities campus. Audio, video, and slides to be posted soon.
Up Next: Monday, September 21, 2009 - Ryan Barnett: The Web Hacking Incident Database (WHID) - 2009 Analysis (room opens at 5:30 PM Central Time, speaker at 6:30 PM Central Time, meeting location TBD) - see below for details
Participation
OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.
Sponsorship/Membership
to this chapter or become a local chapter supporter. Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member?
Sponsorship/Membership
<paypal>Minneapolis St Paul</paypal>
Or consider the value of Individual, Organization, or Accredited University Supporter membership to contribute to better application security in the Minneapolis-Saint Paul area, surrounding Twin Cities metropolitan region, greater Minnesota, and the global software community.
Platinum Sponsors
The OWASP MSP chapter is very thankful for
- generous financial support from Organization Supporter and Local Chapter Supporter Best Buy.
- reliable monthly meeting locations from Local Chapter Supporter Center for Strategic Information Technology and Security (MnSCU).
- sustained booth sponsorship, monthly meeting sponsorship, and more from Local Chapter Supporter Integral.
Meetings and More
Upcoming Meetings and Events
Monday, September 21, 2009 - Ryan Barnett (Breach Security, Inc.)
The Web Hacking Incidents Database (WHID) - 2009 Analysis
Date: September 21st, 2009
Location / Venue Sponsor: Midwave, 10050 Crosstown Circle, Suite 500, Eden Prairie, MN 55344-3346
Map and Directions: http://www.midwave.com/ContactUs/MapDirections/tabid/170/Default.aspx
Agenda:
5:30 PM Room opens for networking
6:00 PM Welcome: OWASP chapter updates
6:30 PM Ryan Barnett – The Web Hacking Incidents Database (WHID) – 2009 Analysis
8:00 PM - Upcoming events reminder and meeting wrap-up
Thank You: Midwave for sponsoring this meeting and the meeting location. MN OWASP is currently looking for meeting location suggestions. Please contact Lorna at [email protected] or 651-338-0243 if you would like to sponsor a meeting or meeting location for an upcoming OWASP meeting.
Preview
The Web Hacking Incidents Database (WHID) (MSNBC news segment with WHID splash here) is a Web Application Security Consortium project dedicated to maintaining a list of web application related security incidents. The goal of WHID is to serve as a tool for raising awareness of the web application security problem and provide information for statistical analysis of web application security incidents. The database is unique in tracking only media reported security incidents that can be associated with a web application security vulnerability. This presentation will highlight the statistics gathered from the first half of 2009 (January - June) and provide insight into categories such as: 1) Top Attack Methods, 2) Top Compromise Outcomes, 3) Top Target Geographic Region, and 4) Top Vertical Markets Hit. The presenter will also provide some in depth analysis for emerging threats/attack techniques such as planting of malware on websites and reflected cross-site scripting through SQL injection.
Speaker Bio
Ryan Barnett is the Director of Application Security Research at Breach Security where he leads Breach Security Labs. He is a Member of the Web Application Security Consortium (WASC) where he leads the Distributed Open Proxy Honeypot Project. He is also the leader of the OWASP ModSecurity Core Rule Set (CRS) Project (Category:OWASP ModSecurity Core Rule Set Project) which provides web application firewall rules to the public. Mr. Barnett is a frequent speaker at industry conferences such as Black Hat and he has also authored a web security book for Pearson Publishing titled Preventing Web Attacks with Apache.
Stay Updated
Click here to join the local chapter mailing list
Follow OWASP MSP on your favorite social media sites:
Share OWASP MSP on your favorite social media sites:
Secure360
Secure360 is an annual conference providing high quality educational sessions and networking opportunities while working to identify developing trends in risk management, physical security, governance, audit, information security, contingency planning and human capital.
DC612 Meetings
DC612 meets the 2nd Thursday of the month
http://www.dc612.org/
Video/Audio/Slides/Handouts
Videos of several past meetings are available at https://www.owasp.org/index.php/Category:OWASP_Video#Videos
Most Recent Content
Robert Sullivan - Open This First: A job-oriented guide to software security resources - OWASP (MSP) - 27 July 2009 (68 minutes) MP3 | PDF | MP4...please right click and save | More Material
Cassio Goldschmidt - Tracking the Progress of an SDL Program: Lessons from the Gym - OWASP (MSP) - 29 June 2009 (55 minutes) Slidecast | MP3 | PPTX | MP4...please right click and save
Gunnar Peterson - OWASP Top Ten Web Services - OWASP (MSP) - 27 April 2009 (1 hour, 27 minutes) MP4...please right click and save | Slides Forthcoming
Dan Cornell - Vulnerability Management in an Application Security World - OWASP (MSP) - 16 March 2009 (1 hour, 52 minutes) Google Video | PDF
Rick Ensenbach - Proactive Lifecycle Security Management - OWASP (MSP) - 16 February 2009 (69 minutes) Part 1 Google Video | Part 2 Google Video | PPT | Handout: Service/System Security Plan template (DOC)
Previous Events
OWASP Minneapolis-St. Paul 2009 Half Day Conference - August 24, 2009
Thanks again for another year to all who joined us for an afternoon of information security presentations on August 24, 2009 at the St. Paul Student Center Auditorium/Theater on the University of Minnesota - Twin Cities campus. Audio, video, and slides to be posted soon.
OWASP & FLOSS Application Security Mini-Conference 2008 - October 21, 2008
Thanks to all who joined us on October 21, 2008 for a mini conference in October 2008 at University of Minnesota's Saint Paul campus. Our first conference was a great success, with around 150 people attending! We were fortunate to have even higher attendance in 2009.
Chapter Leaders/Contacts
President: Kuai Hinojosa
Transitional President: Adam Baso
Vice President: Lorna Alamri
Board Member and Former OWASP MSP President: Robert Sullivan
Board Member: David Bryan
Board Member: Joe T