[Owasp-new-york] OWASP Upcoming Topics
tomb at accessitgroup.com
Tue Sep 12 21:41:14 EDT 2006
This email is to update you that of the topics for the final 2 meetings for NJ OWASP see below:
9/25/2006 Meeting (NJIT)
TOPIC A: ENDPOINT CONTROL This talk will focus on basic components/capabilities of controling the endpoints in the network and the developing standards that you should be aware of. Speaker: Larry Fermi
TOPIC B: SESSION MANAGEMENT This talk will highlight of weaknesses in 3rd party token generation algorithms, session fixation and weaknesses in expiration. Speaker: James Landis
TOPIC C: WIRELESS INSECURITY For enterprises with wireless LAN networks,as well as those without, Wi-Fi brings a new set of security threats that cannot be protected against by your current firewall and VPN security systems. This talk will cover a current wireless computer security vunerability attack vectors and provide a live demo of the problems and the hacks. Round table discussion will follow concerning risk mitigation of the issues for business and personal. Speaker: Anthony Paladino
TOPIC D: OWASP LABRAT Project This talk will provide a updated on LabRat = The first version Application Security Testing CD developed with the OWASP project leader: Joshua Perrymon. Download the Alpha ISO and burn a copy LABRAT <http://www.packetfocus.com/hackos> . Be sure to bring it with you to the event. Speaker: Tom Brennan
12/7/2006 Meeting (Jersey City)
TOPIC A: THE RULES OF INFORMATION SECURITY HAVE CHANGED A view on current state of cyber warfare, counter-terrorism, communications and intelligence.
Speaker: Gunnery Sergeant M. Sedano Reynolds, United States Marine Corps
TOPIC B: METASPLOIT FRAMEWORK AND BUFFER OVERFLOWS Got Root? This talk will cover the Open-Source Exploit Framework Metasploit <http://www.metasploit.org/donate.html> with how-to information and details on using it to exploit authorized systems. Learn tips, tricks
Speaker: Paul Battista
TOPIC C: HACKING THE PAYMENT GATEWAY & EFFECTIVE COUNTERMEASURES Payment gateways give merchants the ability to perform real-time credit card and check authorizations from a website over the Internet. 0-day exploits in the wild will be revealed
Speaker: Tom Ryan
TOPIC D: KARMA This presentation will discuss and demonstrate KARMA <http://www.theta44.org/karma/index.html> an open-source assessment framework that demonstrates wireless risk with a modified wireless driver that responds as any network that a client may be looking for, a set of rogue services to capture client credentials, and client-side exploits. Dino will also provide insight into the vulnerabilities revealed in some wireless drivers such as the one demonstrated at BlackHat by David Maynor and Johnny Cache.
Speaker: Dino Dai Zovi
TOPIC E: INCIDENT RESPONSE After this meeting you will need to know it ;)
Our final speaker will cover 7-Things you need to know to respond to respond effectively to a computer security incident at your organization. This talk will cover both wireless, wired and applications. Don't miss this one as a result of this meeting... this information will be very helpful
Speaker: FBI Special Agent Tim O'Brien
Unoffical XMas Party ;) DORRIANS <http://www.dorrians.com/jc/priv.html> Just several doors down from the meeting is DORRIANS, take this time to raise a toast with your peers and plan OWASP talks, elections, locations and speakers for 2007'
Visit : http://www.owasp.org/index.php/New_Jersey <http://www.owasp.org/index.php/New_Jersey> for full details
More information about the Owasp-nynjmetro