[OWASP-Bangalore] REMINDER | OWASP Meet Tomorrow 18th Jan 2014

Akash akashmahajan at gmail.com
Fri Jan 17 04:32:28 UTC 2014

Hi Folks,

The next meet is on 18th of Jan.

Members of the list can see the updated content on the OWASP Bangalore Wiki
page as well.


Please follow @owaspbangalore on twitter for event and other updates as

Thank you.


The schedule for this month's meet is as outlined below:

09:30 - 10:10:  Web Application Security for Beginners: DOM Based XSS -
Jayesh Singh
This is a multipart series on Web Application Security. This session will
cover part 2 of the DOM based XSS subsection, the identification and
concepts behind it. The session will also cover filter bypasses and
different XSS payloads in that context.

10:10 - 10:20:  Introductions

10:20 - 10:50: Automated Source code review using Fortify - Rupam
This talk+demo will cover the automated source code review tool called
Fortify . The demo will show on how to configure Fortify, select rules
based on pre-determined conditions and scan the code for different

10:50 - 11:20:  Struts Validation Framework: Part 2 - Satish
This session is the second part of the talk on Validation frameworks. These
frameworks are used to secure information from entering business model in
an MVC architecture. “Struts Validation framework” is a set of predefined
plugin codes which have proven best practices in Data validation. We will
take a look at the working of the framework and understand how malicious
data is treated.

11:20 - 11:40:  Networking and Break

11:40 - 12:20:  Security Onion  - Nishanth Kumar
"Security Onion" is an full Linux distribution with packet capture,
network-based and host-based intrusion detection intrusion detection
systems (NIDS and HIDS, respectively) and other powerful analysis tools.
The talk will cover the following aspects of this OS:
 1. Introduction of Security Onion
2. Tools included in the OS and usage of these tools for exploitation.
3. How to do Analysis of Packets using tools

12:20 - 12:50: Web Application Security: The pitfalls and the brickwalls, a
developer perspective - Vamsi Krishna
This is a multi-part series on common developer mistakes that result in
major security vulnerabilities. This month we will see how unsanitized data
causes SQL injection due to poor programming practices. We will also take a
look at Insecure Direct Object references where a developer does not
anticipate a permission model for objects resulting in unauthorized access
to data.

12:50 - 13:10:  Feedback and Topic discussion for next month meet


ThoughtWorks, Ground Floor, ACR Mansion,
147/f, 8th Main Road, 3rd Block, Koramangala,
Bangalore - 560034
Google Maps: http://goo.gl/bokSL

Landmark : Next to Satya's Bar and Mercure Hotel
+ If you are coming from From Inner Ring road get on to Ooty
Chocolates road and after a small crossroad this will be on the right
hand side.
+ If you are coming from the Raheja Residency road then take a left
turn at the small crossroad and this will be on your right hand side.
+ If you are coming from Koramanagala BDA complex take a right turn at
the small crossroad and this will be on your right hand side.

Warm regards,
Akash Mahajan

*That Web Application Security Guy* | +91 99 805 271 82
akashm.com | *@makash* on twitter | linkd.in/webappsecguy
*OWASP Bangalore Chapter Lead | null Community Manager*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-bangalore/attachments/20140117/451fc067/attachment.html>

More information about the OWASP-Bangalore mailing list