This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Sacramento"

From OWASP
Jump to: navigation, search
(update owaspslack.com url)
 
(46 intermediate revisions by 9 users not shown)
Line 1: Line 1:
{{Chapter Template|chaptername=Sacramento|extra=The chapter leaders are [mailto:[email protected] Roman Hustad] and [mailto:[email protected] Matt Petteys].
+
== Welcome to the OWASP Sacramento Chapter! ==
<paypal>Sacramento</paypal>
 
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-sacramento|emailarchives=http://lists.owasp.org/pipermail/owasp-sacramento}}
 
  
== Charter ==
+
[[File:OWASPSacramento-Banner.png|Banner|none|right]]
The Sacramento OWASP Chapter promotes the [[About_The_Open_Web_Application_Security_Project|principles of OWASP]] in our local community with an emphasis on education, local networking opportunities, and fun.  Meetings are typically on the last Thursday evening of the month.
 
  
== December 9, 2009, 6-8 pm: The OWASP .NET ESAPI Project ==
 
  
Pizza and drinks will be provided by the chapter.
+
{{Chapter Template|chaptername=Sacramento|extra=
 +
We are a bunch of Application Security professionals and amateurs dedicated to learning, teaching, and sharing our experience in the Security Community. All meetings are free, oriented towards knowledge sharing and practical learning, and of course, having lots of fun!
  
* TOPIC:  
+
The current leaders are [mailto:[email protected] Joubin Jabbari] and [mailto:[email protected] Chad Hollman]! Ping them if you have any questions or suggestions!
  
The Enterprise Security Application Programming Interface, or [[ESAPI]], is a one-stop security shop for developers looking to implement security mechanisms in their code. The brainchild of Jeff Williams, one of the founders of OWASP, the ESAPI is an open source project that has gained traction with organizations looking to implement secure applications using tried and tested code that is also well organized and consistent. It includes functionality for validating and encoding data, authenticating and authorizing users, logging, error handling, and more. The API includes a Java reference implementation that can be extended to allow any organization to integrate security functionality into their Java/JEE applications.
+
== Get Involved ==
  
But what about .NET? Many organizations are banking on the powerful Microsoft programming framework to help them deliver robust and secure software. However, like Java, .NET tends to leave it up to the end-user programmers to get security code right. The OWASP .NET ESAPI project intends to help .NET developers avoid introducing security vulnerabilities into their code by providing a full port of the original ESAPI project from Java to C#.
+
There are many ways to get involved, here are some easy ways to start so we can build this community.  
  
This talk will explore the gains, gripes, and gotchas of converting the ESAPI to .NET from the .NET ESAPI project lead himself. It will discuss features of the .NET frameworks security model, key differences between the Java and .NET platforms, and ASP.NET web security issues. Additionally, future ideas for .NET specific functionality will be proposed and discussed. Participation and feedback from the attendees is expected and encouraged.
+
* [https://twitter.com/OWASPSacramento @OWASPSacramento]: You can follow us on Twitter
 +
* [https://www.meetup.com/OWASP-Sacramento-Chapter/ OWASP Sacramento Meetup]: Meet us on Meetup. We will share our events here!
 +
* [http://owaspslack.com Join us on Slack]: Once signed in, you can hang out with us on #chapter-sacramento
  
 +
== Events ==
 +
We are restarting this chapter, so bear with us while we get a venue and some presentation material. If you'd like to present, or can host us, please contact the chapter leads.
 +
}}
  
* SPEAKER:
 
  
Alex Smolen is a former Software Security Consultant at Foundstone, where he provided security consulting services to clients to help find, fix, and prevent security vulnerabilities in enterprise software. His duties include threat modeling, code review, penetration testing, and secure software development lifecycle (S-SDLC) design and implementation. He is also an instructor for the Writing Secure Code, Building Secure Software, and Ultimate Web Hacking courses.
+
[[Category:OWASP Chapter]]
 
 
Alex has been working in software development for a decade and has participated in and led several development projects in ASP.NET, Java, and Ruby on Rails. His primary interests include the integration of security into software development life cycles, evaluating the business impact of information security, and the security of emerging technologies. Alex is a contributing member of the software security community and has participated in several open-source security projects.
 
 
 
Prior to Foundstone, Alex was the Security Solutions Manager at Parasoft Corporation, where he led the development of tools and methodologies for helping clients ensure application security from the ground up.  He is currently pursuing a graduate degree at UC Berkeley and holds a BS in Electrical Engineering and Computer Science.
 
 
 
Alex is one of 24 recipients worldwide of the Microsoft MVP Award for Visual Developer and is the the author of the Hacme Casino security training application.
 
 
 
 
 
* LOCATION INFORMATION:
 
 
 
Please [http://fs17.formsite.com/rhustad/form444133929/index.html RSVP] for this event. Upon arriving at the main entrance, please ask for Robert Grill, office: 916-636-4392, cell: 916-997-9892. Any problems, please contact Roman Hustad, 916-402-0620
 
*: EDS Medi-Cal [http://maps.google.com/maps?f=q&hl=en&geocode=&q=%3D3215+Prospect+Park+Drive,Rancho+Cordova,+CA+95670&sll=37.0625,-95.677068&sspn=51.443116,107.753906&ie=UTF8&om=1&ll=38.58885,-121.275437&spn=0.01117,0.019956&t=k&z=16&iwloc=addr (map)] 
 
*: 3215 Prospect Park Drive 
 
*: Rancho Cordova , CA 
 
*: 95670 
 
 
 
 
 
 
 
== Past Meetings ==
 
2009-10-08: Ned Allison chaired a roundtable on "Database Security"
 
 
 
2009-07-30: [mailto:[email protected] Roman Hustad] presented "Hands-on Cross-Site Scripting"
 
 
 
2009-05-12: [mailto:[email protected] Roman Hustad] presented "Hands-on SQL Injection"
 
 
 
2008-10-30: Joy Forsythe from [http://www.fortifysoftware.com Fortify Software] presented "Voting Security."
 
 
 
2008-07-31: [mailto:[email protected] Roman Hustad] presented "How to Test the Security of Web Applications."
 
 
 
2008-06-26: Shan Zhou from [http://www.imperva.com/ Imperva] presented "Database Security."
 
 
 
2008-04-03: Ryan C. Barnett from [http://www.breach.com/ Breach Security] presented "Passive Web Application Defect Identification."
 
 
 
2007-11-29: [mailto:[email protected] Roman Hustad] from [http://www.foundstone.com Foundstone] presented "Web Application Hacking" to over 40 attendees.
 
 
 
2007-08-30: Barmak Meftah from [http://www.fortifysoftware.com Fortify Software] presented "Hack proof your Service-Oriented Architecture" to 15 attendees.
 
 
 
 
 
[[Category:California]]
 

Latest revision as of 04:08, 10 September 2019

Welcome to the OWASP Sacramento Chapter!

Banner


OWASP Sacramento

Welcome to the Sacramento chapter homepage. We are a bunch of Application Security professionals and amateurs dedicated to learning, teaching, and sharing our experience in the Security Community. All meetings are free, oriented towards knowledge sharing and practical learning, and of course, having lots of fun!

The current leaders are Joubin Jabbari and Chad Hollman! Ping them if you have any questions or suggestions!

Get Involved

There are many ways to get involved, here are some easy ways to start so we can build this community.

Events

We are restarting this chapter, so bear with us while we get a venue and some presentation material. If you'd like to present, or can host us, please contact the chapter leads.


Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

Btn donate SM.gif to this chapter or become a local chapter supporter. Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG