This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Tampa

From OWASP
Revision as of 13:06, 24 June 2010 by Jmorehouse (talk | contribs) (Next Meeting)

Jump to: navigation, search

Welcome to the OWASP Tampa Local Chapter

<paypal>Tampa</paypal>

Anyone in our area interested in information security is welcome to attend. Our meetings are informal and encourage open discussion of all aspects of application security. We invite attendees to give short presentations about specific topics.

We have a mailing list at: https://lists.owasp.org/mailman/listinfo/owasp-tampa

If you have any questions about the Tampa chapter, please send an email to the chapter leader Justin Morehouse.

The Tampa chapter is sponsored by FYRM Associates.

Join the OWASP Tampa LinkedIn group here.

A reminder that CISSPs can earn 1 CPE credit for every hour of attendance at OWASP meetings.

Next Meeting

Our 2010-Q2 meeting will be on a Wednesday, June 30th from 6pm to 8pm. Tony Flick and Justin Morehouse will be presenting their 2010 ShmooCon talk, "Stealing Guests...The VMware Way."

During this talk, we'll reveal how to steal VMware guests from within other guests using the vulnerability we identified in CVE-2009-3733. Quick and dirty... we'll discuss how we stumbled upon the vulnerability, determined its capabilities, and its potential implications to virtualization...complete with a live demonstration. Bring your own notebook for hands-on goodness.

They will also be previewing their DEF CON 18 talk, "Getting Social with the Smart Grid."

Littered with endless threats and vulnerabilities surrounding both social networking and the Smart Grid, the marriage of these two technologies is official, despite protests by the security community. Consumers love it because they can brag to their friends about how green they are. Businesses love it more because it provides fresh material for their marketing departments. Hackers love it the most because it opens up attack vectors, both new and old.
<blockquoteDuring this presentation we dissect readily available social Smart Devices, examining where they get things right, and where they fail. We expand on the failures, discussing and demonstrating attacks against consumers (think PleaseRobMe.com), the Smart Devices themselves, and the social networking sites they communicate with. We want consumers, device manufactures, and social networking sites to understand how to get social with the Smart Grid securely, and prevent social networking privacy from becoming even more complex. The tools we release during this presentation will allow consumers to review their Smart Devices' social footprint, and provide device manufacturers with recommendations that can be implemented immediately. Attendees will leave our presentation armed with a deep understanding of the strengths and weaknesses of social Smart Devices, how to attack their current weaknesses and leverage their current strengths, and utilize our tools to further research how we all can better secure the social side of the Smart Grid. </blockquote>

Please RSVP to the Chapter Leader by Tuesday, June 29 so that you will be added to the security list.

Meeting Location

We meet quarterly at the Kforce building in Ybor. The address is:

1001 East Palm Ave. Tampa, FL 33605

Park in the Visitor spaces in the main parking lot that is off of East Palm Avenue. You will need to identify yourself at the security desk and ask how to get to Training Room B.

Presentation Archives

2010-Q1 - The New World of Smartphone Security - Trevor Hawthorn - Presentation slides here.

2009-Q3 - Hacking the Smart Grid - Tony Flick - Presentation slides here.

2009-Q2 - Open SAMM - Zate Berg - Presentation slides here.

2009-Q1 - XSS Anonymous Browser - Matt Flick - Presentation slides here.

2008-Q4 - Google Code Search : The pitfalls of Copy/Paste - Tony Flick - Presentation slides here.