[Owasp-bayarea] OWASP Meetup and Holiday Reception on Thursday, Dec 11
brian at appsecconsulting.com
Thu Dec 4 02:24:46 EST 2008
Please join local IT Professionals for OWASP Meet up and Holiday Reception
Thursday, December 11, 2008
6:00 - 9:00pm
Network Meeting Center
5201 Great America Parkway
Santa Clara, CA 95054
Schedule of Events:
6:00 - 6:45pm Meet up and Reception (Food, Beer, Wine, Soft drinks)
6:45 - 6:50pm Kickoff
6:50 - 7:40pm Protecting Website Users from Each Other - Brian Shura
7:40 - 8:30pm Recent Trends / Making Money the Black Hat Way - Trey Ford
8:30 - 9:00pm Networking
Protecting Website Users from Each Other
Brian Shura, Sr. Consultant, AppSec Consulting
Most often the login page or "front door" of a website is built securely and
is difficult for an attacker to break through. However, web developers
often leave serious holes in web applications after the login, which can
allow one malicious user to access another user's personal information.
This presentation will cover several vulnerabilities frequently found in the
"logged-in" portion of web applications, how to detect these issues, and how
to ensure your applications don't have these security problems.
Brian Shura is a senior application security consultant at AppSec
Consulting. He has conducted numerous web application security assessments,
using a combination of manual and automated techniques, and has created
world-class security training for developers and QA analysts. Brian is also
the Project Leader for the Web Application Security Consortium's "Web
Application Security Scanner Evaluation Criteria" project. Prior to his
role in application security, Brian spent five years working as a developer
on large Internet-facing websites. When not working on web application
security initiatives, Brian enjoys fishing and hiking the Appalachian Trail.
Recent Trends in Web Application Security / Making Money the Black Hat Way
Trey Ford, WhiteHat Security
To be posted shortly
This event is free to attend and open to the public.
Event Sponsors include: AppSec Consulting, Cenzic and Imperva
Please RSVP via email to events at appsecconsulting.com
AppSec Consulting, Inc.
email: brian at appsecconsulting.com
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-bayarea