[OWASP-Alabama] Meeting Overview, Expectations for Next Meetings

owasp-alabama at lists.owasp.org owasp-alabama at lists.owasp.org
Mon Jan 30 17:29:02 UTC 2017


Meeting Outline, Notes Etc.

* Introductions, Hello .

* Goals of Chapter - Reviewed. Past, Present, Future. 

* Technical
- Everyone Share some form of the following..

* Tools - What do you use for x,y,z?
* Process - How do you use these tools and techniques?
* Security, Politics, Assurance
* Book Recommendations
* Assessment Basics
* Advanced Assessment Topics
* Assessing Modern Frameworks - https://www.ruhrsec.de/2017


*Next Meeting - 3rd Thursday of Every Month.


//  Meeting discussion points
* Should we get a "rockstar" flown in from some other place to encourage
membership.

The answer on this is mostly - No - due to most developers careless
about parameterized queries and the overall value is questionable.
We can go through many different auditing scenarios from binary, source,
blackbox or tool instrumentation if needed.

Personally, I have found it doesn't matter if the prophet grew up in
your own town he will be ignored. The same idea should be applied to
needing to fly someone in from out of town when we have small numbers
amongst other things.

* Other questions - Who really is Tyler Ward ? Where is Waldo?

Future topics to discuss:
* Source Code Analysis - Input Tracing, demystifying source code
analysis. Date TBA
* Getting Developers geared on the basics. Date TBA
* Binary Analysis - How to start.  Date TBA
* Austin Duncan  will cover a topic of xss exploitation , demos etc at
the next meeting.

Please book yourself for the next OWASP meeting at the dedicated meetup
link shared kindly by Mikhail


-- 
Daniel U. Clemens

Direct: +1.202.747.0043 Ext 7001

Packet Ninjas | https://www.packetninjas.net



More information about the OWASP-Alabama mailing list