[Owasp-twincities] June 20 meeting, open source tools, Fortify, AppSec Europe, pizza
Robert Sullivan
msp.sullivan at gmail.com
Fri Jun 9 00:59:42 EDT 2006
Here is the agenda for our June meeting.
Please pass this on, especially to professionals who have the challenging
task of doing security testing on a shoestring budget.
Date: June 20 Location: Metro State University, MPLS
*Agenda*:
6:00pm - Food, Introduction and optional sign-in for CISSP credits.
6:10pm - Metropolitan State University programs
6:15pm - Open Source Security Testing Tools, (Tim McGuire, see below)
7:00pm - Fortify, a commercial source code analysis tool (Joe Teff, see
below)
7:30pm - Report on AppSec Europe 2006 (pending presenter confirmation)
7:45pm - What's new in WebGoat 4.0 (Bob Sullivan)
*Location*:
Metro State,
Management Education Center, 1300 Harmon Place for June 20th.
room M.1500 or M.1700 look for the event titled:
"Open Web Security Meeting"
*Directions*:
http://www.metrostate.edu/facilities/mpls.html
Link to building location:
http://www.metrostate.edu/images/facilities/com.gif
Rooms are on first floor of the Management Education Center.
They are really nice rooms with very comfortable chairs.
Street parking is free after 6 pm.
If you get there early it's just a $.25 for a half hour.
There is also a ramp which is $5.00.
*Food*:
Lorna will bring pizza and pop.
*Open Source Tools Presentation*
Tim McGuire – Consultant
Will present: Selected open source web application security testing tools.
Tim will demonstrate these tools:
1) Using Gforge, a fat target for security scanning. It uses CVS module,
file uploads, email and SOAP.
2) Using Wikto, a Web Server Assesment Tool
3) Using and customizing WSFuzzer, a penetration testing tool that audits
HTTP based SOAP targets.
4) Using Oedipus, a web application scanner written in Ruby.
5) Using and customizing Rats, a source code scanner.
6) Using and customizing spike proxy, a HTTP proxy for finding security
flaws in web sites.
*Fortify, a commercial source code analysis tool
*Joe Teff, Wells Fargo
Fortify Source Code Analysis Suite is a set of industry-proven tools that
enables you to find, track, and fix security vulnerabilities in your
software applications. Fortify is built to work with your development and
audit tools and processes.
Joe will demonstrate how to use the tool to find source code
vulnerabilities.
Check the meeting posting at
http://www.owasp.org/index.php/Minneapolis_St_Paul for more detail about
the presenters.
Thanks to the folks at Metropolitan State U for the room and Integral
Business solutions for the food.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.owasp.org/pipermail/owasp-twincities/attachments/20060608/18c0455c/attachment.html
More information about the Owasp-twincities
mailing list