[Owasp-new-york] OWASP Upcoming Topics

Tom Brennan tomb at accessitgroup.com
Tue Sep 12 21:41:14 EDT 2006


This email is to update you that of the topics for the final 2 meetings for NJ OWASP see below:

9/25/2006 Meeting (NJIT)

http://www.owasp.org/index.php/New_Jersey

TOPIC A: ENDPOINT CONTROL This talk will focus on basic components/capabilities of controling the endpoints in the network and the developing standards that you should be aware of. Speaker: Larry Fermi 

TOPIC B: SESSION MANAGEMENT This talk will highlight of weaknesses in 3rd party token generation algorithms, session fixation and weaknesses in expiration. Speaker: James Landis 

TOPIC C: WIRELESS INSECURITY For enterprises with wireless LAN networks,as well as those without, Wi-Fi brings a new set of security threats that cannot be protected against by your current firewall and VPN security systems. This talk will cover a current wireless computer security vunerability attack vectors and provide a live demo of the problems and the hacks. Round table discussion will follow concerning risk mitigation of the issues for business and personal. Speaker: Anthony Paladino 

TOPIC D: OWASP LABRAT Project This talk will provide a updated on LabRat = The first version Application Security Testing CD developed with the OWASP project leader: Joshua Perrymon. Download the Alpha ISO and burn a copy LABRAT <http://www.packetfocus.com/hackos> . Be sure to bring it with you to the event. Speaker: Tom Brennan 

========================================================================
 
 
12/7/2006 Meeting (Jersey City)
 
http://www.owasp.org/index.php/New_Jersey

TOPIC A: THE RULES OF INFORMATION SECURITY HAVE CHANGED A view on current state of cyber warfare, counter-terrorism, communications and intelligence. 

Speaker: Gunnery Sergeant M. Sedano Reynolds, United States Marine Corps 

TOPIC B: METASPLOIT FRAMEWORK AND BUFFER OVERFLOWS Got Root? This talk will cover the Open-Source Exploit Framework Metasploit <http://www.metasploit.org/donate.html>  with how-to information and details on using it to exploit authorized systems. Learn tips, tricks 

Speaker: Paul Battista 

TOPIC C: HACKING THE PAYMENT GATEWAY & EFFECTIVE COUNTERMEASURES Payment gateways give merchants the ability to perform real-time credit card and check authorizations from a website over the Internet. 0-day exploits in the wild will be revealed 

Speaker: Tom Ryan 

TOPIC D: KARMA This presentation will discuss and demonstrate KARMA <http://www.theta44.org/karma/index.html> an open-source assessment framework that demonstrates wireless risk with a modified wireless driver that responds as any network that a client may be looking for, a set of rogue services to capture client credentials, and client-side exploits. Dino will also provide insight into the vulnerabilities revealed in some wireless drivers such as the one demonstrated at BlackHat by David Maynor and Johnny Cache. 

Speaker: Dino Dai Zovi 

TOPIC E: INCIDENT RESPONSE After this meeting you will need to know it ;) 

Our final speaker will cover 7-Things you need to know to respond to respond effectively to a computer security incident at your organization. This talk will cover both wireless, wired and applications. Don't miss this one as a result of this meeting... this information will be very helpful 

Speaker: FBI Special Agent Tim O'Brien 

Unoffical XMas Party ;) DORRIANS <http://www.dorrians.com/jc/priv.html>  Just several doors down from the meeting is DORRIANS, take this time to raise a toast with your peers and plan OWASP talks, elections, locations and speakers for 2007' 

Visit : http://www.owasp.org/index.php/New_Jersey <http://www.owasp.org/index.php/New_Jersey>  for full details


More information about the Owasp-new-york mailing list