This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Tampa

From OWASP
Revision as of 22:50, 29 August 2011 by Jmorehouse (talk | contribs)

Jump to: navigation, search

Welcome to the OWASP Tampa Local Chapter

<paypal>Tampa</paypal>

Anyone in our area interested in information security is welcome to attend. Our meetings are informal and encourage open discussion of all aspects of application security. We invite attendees to give short presentations about specific topics.

We have a mailing list at: https://lists.owasp.org/mailman/listinfo/owasp-tampa

If you have any questions about the Tampa chapter, please send an email to the chapter leader Justin Morehouse.

The Tampa chapter is sponsored by StratumSecurityTampaOWASP.png

Join the OWASP Tampa LinkedIn group here.

A reminder that CISSPs can earn 1 CPE credit for every hour of attendance at OWASP meetings.

Next Meeting

Our next meeting will be held on Tuesday, September 13 from 6 PM to 8 PM. We will be having both a technical AND a management talk. For the technical talk, Ramece Cave will be presenting 'Hiding in Plain Sight: Identification and Analysis of Anomalous Files.' Kate Mullin will be providing the management talk on 'PCI Compliance 2.0.' Their abstracts are below:


Ramece Cave, Hiding in Plain Sight: Identification and Analysis of Anomalous Files

This talk discusses methods for identifying and analyzing content left on compromised servers used for distributing malware or malware related components.

Topics covered in this talk:

  • Common Tools
  • Limitations in Tools
  • Analyzing Files
  • Identifying File Structure
  • Caveats


Kate Mullin, PCI Compliance 2.0
Organizations that have Payment Card Industry Data Security Standard (PCI DSS) requirements are facing challenges related to the new version 2.0 application development requirements. Kate will go over the new requirements as they relate to application development, the new deadlines, and discuss possible approaches. She will also address some of the common misconceptions related to the PCI DSS.


The following is an agenda for our next meeting:

  • 5:45 PM to 6:00 PM - Check-in
  • 6:00 PM to 6:45 PM - Technical Presentation
  • 6:45 PM to 7:00 PM - Break
  • 7:00 PM to 7:45 PM - Management Presentation
  • 7:45 PM to 8:00 PM - Open Discussion Forum


Meeting Location

We meet quarterly at the Kforce building in Ybor. The address is:

1001 East Palm Ave. Tampa, FL 33605

Park in the Visitor spaces in the main parking lot that is off of East Palm Avenue. You will need to identify yourself at the security desk and ask how to get to Training Room B.

Presentation Archives

OWASP Tampa Day 2011 - PCI for Developers: Lessons from the Real World - Trevor Hawthorn - Presentation Slides here

OWASP Tampa Day 2011 - Top Website Vulnerabilities: Trends, Business Effects and How to Fight Them - Rinaldi Rampen - Presentation Slides here

OWASP Tampa Day 2011 - How to Defend the Universe from Evil-doers: A Guide for Software Developers and Security Teams - Bruce Jenkins - Presentation Slides here

OWASP Tampa Day 2011 - Analysis of Deadly Combination of XSS and CSRF - Sherif Koussa - Presentation Slides here

2011-Q1 - Real Lessons of Deploying Static Analysis in Development Groups - Jeff LoSapio - Presentation Slides here

2011-Q1 - Intelligence Gathering for Penetration Testers: Opening Doors with Metadata - Chris Patten - Presentation Slides here

2011-Q1 - Vulnerability Management in an IPv6 World - Richard Newman & Brett McKinney - Presentation Slides here

2010-Q4 - Nessus Bridge for Metasploit - Zate Berg - Presentation Slides here

2010-Q2 - Stealing Guests...The VMware Way - Justin Morehouse & Tony Flick - Presentation slides here

2010-Q1 - The New World of Smartphone Security - Trevor Hawthorn - Presentation slides here

2009-Q3 - Hacking the Smart Grid - Tony Flick - Presentation slides here

2009-Q2 - Open SAMM - Zate Berg - Presentation slides here

2009-Q1 - XSS Anonymous Browser - Matt Flick - Presentation slides here

2008-Q4 - Google Code Search : The pitfalls of Copy/Paste - Tony Flick - Presentation slides here