[Owasp-austin] Austin OWASP Chapter: October 2006 Meeting

Foster, Scott sfoster at austinnetworking.com
Tue Oct 17 01:11:04 EDT 2006

The Open Web Application Security Project (OWASP) is an open community
dedicated to enabling organizations to develop, purchase, and maintain
applications that can be trusted. We advocate approaching application
security as a people, process, and technology problem because the most
effective approaches to application security includes improvements in
all of these areas.
Each month during our chapter meeting, a subject matter expert will
present and discuss one of the OWASP top 10
<http://www.owasp.org/index.php/OWASP_Top_Ten>  topics. OWASP chapter
meetings are free and open to anyone interested in application security.

Austin OWASP Chapter <http://www.owasp.org/index.php/Austin> : October
2006 Meeting

When:              Tuesday October 31st 2006   (10/31/2006)  
Topic:              Web Application Threat Modeling:  
                       How to Understand How Attackers will Attempt to
Exploit your App
Presenter:        Cap Diebel from Denim Group 
When:             12:00 -1:00 
Food:               Cookies and drinks will be provided 
Where:            Whole Foods Market 
                       (downtown, plaza level, sign in with
                       550 Bowie Street
                       Austin, TX 78703-4677
                       Link to Map <http://tinylink.com/?chLCAmvxKA>  

Directions:         If you live in Austin and you don't know where the
Downtown Whole Foods is you need to get out more. 

  Sponsored by:     

Topic: Web Application Threat Modeling:  How to Understand How Attackers
will Attempt to Exploit your App
Presenter: Cap Diebel and John Dickson of Denim Group, Ltd. 

The term "threat modeling" has become quite popular recently. Microsoft
has published a book about their process and includes threat modeling as
a key activity in their Secure Development Lifecycle (SDL).
A threat model is essentially a structured representation of all the
information that affects the security of an application. In essence, it
is a view of the application and its environment through security
Threat modeling is a process for capturing, organizing, and analyzing
all of this information. Threat modeling enables informed
decision-making about application security risk. In addition to
producing a model, typical threat modeling efforts also produce a
prioritized list of security improvements to the concept, requirements,
design, or implementation. 

Denim Group will present an overview on the process of making web
applications more secure by identifying attack vectors and designing to
defeat those attacks.  They will provide an overview of threat modeling,
provide examples of how it is relevant to the development process, and
will introduce you to tools and approaches that will enable you to
successfully implement threat modeling techniques within your

Presenter Bio:
Cap Diebel is a developer and security consultant for Denim Group and
has extensive experience identifying vulnerabilities in web
applications.  John Dickson is a CISSP and is a Principal at Denim Group
and works with clients to quantify the business risk associated that web
applications represent.
For the most current information on meetings, times and locations for
the Austin chapter see Local News
<http://www.owasp.org/index.php?title=Austin&oldid=8894> .

For more information, please call:
Scott Foster
o512-637-9824 c512-590-0185
Email:sfoster at austinnetworking.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.owasp.org/pipermail/owasp-austin/attachments/20061017/c1db907f/attachment-0003.html 

More information about the Owasp-austin mailing list