[Owasp-london] Agenda for the meeting on April 3rd

[Ivan Ristic]

Dear OWASP London subscribers,

Our next meeting will take place on Thursday, April 3rd, at the Auriol
Kensington Rowing Club. Follow the link below for more information how
to get there:

   http://www.akrowing.com/page.php?page=findus

The official part will run between 7pm and 9pm, with half an
hour between and after for socialising (the whole event thus
beginning at 6:30pm and ending at 9:30pm).

We are lucky to have three interesting speakers tonight, whose
talks' summaries are below. We will also have a short discussion
at the end, the topic of which I will introduce in a separate email.

- PHP Code Analysis: Real World Examples (David Kierznowski)

   We delve beyond register_globals and analyse real world examples
   of insecure PHP applications.

- Abusing PHP sockets for fun and profit (Rodrigo Marcos)

   PHP (PHP: Hypertext Preprocessor) is a server-side HTML embedded
   scripting language which provides web developers with a full suite of
   tools for building dynamic websites. PHP socket library implements a
   low-level interface to the socket communication functions based on the
   popular BSD sockets. This presentation will focus on the use of PHP
   socket library from an offensive point of view, demonstrating
   interesting and creative vectors of attack.

- Web Application Security Badges (Colin Watson)

   Web site and web application operators can apply to third party
   organisations to request their seal of approval that the web site is
   safe from hackers.  These security seals are part of a broad
   collection of badges that web sites can display, but what are they
   testing, should consumers trust them and how do you compare one with
   another?

I am looking forward to seeing many of you again.

--
Ivan Ristic