[Owasp-losangeles] Two Days Until OWASP LA May Meeting and Win A Free Pass to ISSA LA Security Summit

Tin Zaw tin.zaw at owasp.org
Mon May 23 15:51:55 EDT 2011 

Dear OWASP Friends,

Just a little reminder that we have May meeting this Wednesday at 7PM
at Symantec in Culver City. Please register for the event if you have
not already so we can have enough food for everyone.

At most security conferences, we talk about how software sucks without
offering much remedy. This talk focus on how we can make software suck
less, without interfering with how we make software. Please bring your
developer and QA friends.

We are also giving away a free pass to ISSA LA Security Summit, to be
held on UCLA campus on June 15. See below for details.

I hope to see many of you on Wednesday.

Thanks!

--

Topic: Automated Detection of Security Flaws in Ruby on Rails Code

Ruby on Rails is a popular web framework which is rapidly being
adopted by companies. While Ruby is a very dynamic language, Rails’
adherence to the concept of “convention over configuration” has made
it possible to create a capable, open source static analysis tool
called “Brakeman” for finding security vulnerabilities at the source
code level. Hudson – recently renamed Jenkins – is a continuous
integration system which can be configured to run and monitor a wide
variety of jobs. This talk will focus on the advantages of using
static analysis for discovering security issues, and demonstrate how
easy it is automatically monitor vulnerabilities in Ruby on Rails
applications during all stages of development using Brakeman and
Jenkins.

Speaker: Justin Collins

Justin is a Security Engineer at AT&T Interactive and a PhD candidate
in Computer Science at UCLA. He wrote and published Brakeman, security
code analyzer for Ruby on Rails code, which is available on GitHub.

RSVP via http://www.owaspLA.org or http://owasp-may2011.eventbrite.com/

----
Here are some ground rules for the giveaway.

1. The pass is for the conference on June 15, not valid for the training.
2. You must be present during the drawing at the meeting to win.
3. You must register individually for the meeting (via Eventbrite) by
the noon of the meeting day.
4. It is not transferrable. We will register your name with the
conference. If you cannot make it, please let us know.

More information on the conference can be found at
http://www.issa-la.org/2011-security-summit-home-page/.

More information about the Owasp-losangeles mailing list