[Owasp-london] Final Reminder/Changes to the night - Next London OWASP meeting Thursday the 9th of July, at Barclays in Canary Wharf

Justin Clarke justin.clarke at owasp.org
Fri Jul 3 17:01:20 EDT 2009 

* Note we have a couple of changes for the evening. Both Dinis and myself
will be in the US next week, and as such we have a change to the talks on
the evening (we'll reschedule Dinis's talk for a future meeting). Also,
Colin Watson will be stepping in to run this particular chapter meeting on
the night *


This is the final reminder for the forthcoming OWASP London chapter meeting
to be held on July 9th (Thursday), at 6:30pm-8:30pm (show up at venue
between 6pm-6:30pm).

We're at the same location as the last meeting, however in a different room
this time, at Barclays who have kindly agreed to sponsor the evening:

Barclays, Rooms 42/43, One Churchill Place, London E14 5HP

As last time, we should have plenty of time to talk and network, and should
have some time after the talks to have some more chatting time as well.

If you are planning to attend please RSVP. As mentioned at the last meeting,
we're trialling an event signup system, so please RSVP at
http://owasp-london.eventbrite.com. Note, please enter your real name, as
this will be given to Barclays building security to ensure you are let into
the building.

Also, if you are no longer able to attend, please email Justin at
justin.clarke at owasp.org so your space can be released for someone else.

* Auditing C# Code - Ilja van Sprundel

In this presentation, Ilja van Sprundel, Principal Consultant at IOActive,
will discuss reviewing C# code, specifically C# code used for ASP.NET. He
will cover entrypoints, exit points, .NET input validators, corner cases of
API's, integer rules, managed vs unmanaged code, the garbage collector,
exception handling issues, XSS cases, SQL Injection bugs, XML handling
issues and usage of Anti-XSS.

* The Ultimate IDS Smackdown - How red vs. blue situations can influence
more than one might assume - Mario Heiderich and Gareth Heyes

The talk is a vector and coding showdown between the lead dev of the PHPIDS
and one of its most determined challengers trying and managing to break it
wherever possible. Expect a bloody battle between security researchers and
developers without limits, regular expression magic against code obfuscation
excellence leading to an interesting result about vs-situations in software
development and IT security.

Speakers

* Mario Heiderich - I am Mario Heiderich, cologne based CTO for an online
enterprise based in Cologne and New York. I was visitor and speaker on
several OWASP conferences, maintain the PHPIDS and other security related
projects and recently authored a German book on Web Security together with
Christian Matthies, fukami and Johannes Dahse. I am currently into browser
security, broken markup, client side attacks and digging the HTML5
specifications.

* Gareth Heyes - I'm from the UK and I like hacking javascript and XSS
filters. I am not a security expert, in fact I'm the anti-security expert.
Don't expect statistics from me, I like vectors and interesting code. I
authored Hackvertor and many other security related tools.

As always, the details and schedule for the night will be available on the
chapter page ( https://www.owasp.org/index.php/London ).

See you there!

Justin Clarke

More information about the Owasp-london mailing list