[Owasp-austin] OWASP Austin Meeting Date Correction - Web Application Security in the Airline Industry

James Wickett wickett at gmail.com
Tue Feb 3 23:38:13 EST 2009


It was noted by our very astute Josh Sokol that I booked the wrong time for
the meeting later in the month.  And I did it wrong on the wiki as well, so
at least I am consistent...  The OWASP Live CD release party is still at the
same time as listed.

The correct time and date is

February 24, 2009, 11:30am - 1:00pm



*When:* February 24, 2009, 11:30am - 1:00pm

*Topic: * Web Application Security in the Airline Industry: Stealing the
Airlines' Online Data

In this session, attendees will learn about the types of airline data that
is at risk of being stolen by online data thieves. In addition, the
following topics will be further explored:

1. Important attack scenarios and Web-based vulnerabilities accompanied by
examples of how these attacks can be mitigated by deploying comprehensive
defense solutions;

2. Protection strategies and tools, such as Web application scanners and Web
application firewalls, which help equalize the gap between the advanced Web
hacker and the security professional; and

3. Compliance and Software development life cycle approaches.

Following the September 11 attacks, the airline industry recognized its need
to 'webify' online ticket reservation systems, crew scheduling, and
passenger profiles in order to enhance operational efficiency. This
ultimately served to decrease the airlines' operating costs, thereby
increasing their operating profits. However, the following questions remain:
At what costs? What are the information systems and customer data security
risks associated with the airline 'webification' process?

Please join in this presentation, which will outline some of the challenges
that members of the airlines industry may face when attempting to protect
their online services. Additionally, attendees will discover methodologies
that airlines may utilize to identify, assess, and protect against the
various risks associated with Web-based application attacks.

*Who:* Quincy Jackson

Quincy Jackson, a CISSP and Certified Ethical Hacker, has more than 15 years
of experience in the Information Technology ("IT") profession, which include
8 years in Information Security. In addition, Quincy has 15 years in the
aviation industry. His career in the aviation industry began in the United
States Army as an Avionics System Specialist. Quincy began to explore his
passion for IT Security as Sr. Manager - Information Security for
Continental Airlines. Over his 8-year tenure at Continental Airlines, Quincy
was instrumental in the development of the Company's first Information
Security Program. Quincy currently serves as the IT Security Manager for
Universal Weather and Aviation, Inc. ("UWA"). UWA provides business aviation
operators various aviation support services, including flight coordination,
ground handling, fuel arrangement and coordination, online services, and
weather briefings. Quincy enjoys both learning about and sharing his
knowledge of Web application security with others, including ISSA and OWASP
members.

*Where:* National Instruments, 11500 N Mopac, Building C which is the
tallest building on campus (8 levels). There will be signs posted in the
lobby to direct you where to go and the receptionists will be able to assist
you as well. See directions to National
Instruments<http://maps.google.com/maps?f=q&hl=en&q=11500+N+Mo-Pac+Expy,+Austin,+TX+78759&ie=UTF8&ll=30.406377,-97.726135&spn=0.017211,0.036778&om=1>.


*Cost:* Always Free

*Questions or help with Directions...* call: Scott Foster 512-637-9824.



J. H. Wickett
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-austin/attachments/20090203/fa0d5b7e/attachment.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/calendar
Size: 5187 bytes
Desc: not available
Url : https://lists.owasp.org/pipermail/owasp-austin/attachments/20090203/fa0d5b7e/attachment.bin 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: invite20090224T113000.ics
Type: application/ics
Size: 5268 bytes
Desc: not available
Url : https://lists.owasp.org/pipermail/owasp-austin/attachments/20090203/fa0d5b7e/attachment-0001.bin 


More information about the Owasp-austin mailing list