[Owasp-bayarea] Next Meetup - Sept 7 San Francisco

Michael Coates michael.coates at owasp.org
Thu Aug 25 21:30:58 UTC 2016

Hope to see you there!
Sept 7 - San Francisco

RSVP required

Important - For building security you must supply your first and last name
as it appears on your ID or you won't be granted access to enter.


• 6:30 Doors Open
• 6:45 - 7:30 Talk 1
Ron Hamilton, Performance Technology Partners (PTP)

Malicious actors are probing your web applications every day looking for
vulnerabilities.  Are you performing similar tests yourself? This
presentation will introduce attendees to methods for testing applications
in regard to a number of vulnerabilities outside the basic OWASP Top 10.
The topics to be discussed will include, logic problems, harvesting, and
other examples beyond the OWASP Top 10

• 7:45 - 8:30 Talk 2
Luca Carettoni, LinkedIn Defending against Java Deserialization

Java deserialization vulnerabilities have recently gained popularity due to
a renewed interest from the security community. Despite being publicly
discussed for several years, a significant number of Java based products
are still affected. Whenever untrusted data is used within deserialization
methods, an attacker can abuse this simple design anti-pattern to
compromise your application. After a quick introduction of the problem,
this talk will focus on discovering and defending against deserialization
vulnerabilities. I will present a collection of techniques for mitigating
attacks when turning off object serialization is not an option, and we will
discuss practical recommendations that developers can use to help prevent
these attacks.

• 8:30+ Networking
• 9 Doors Close

Pizza and drinks will be served.

Michael Coates | @_mwc <https://twitter.com/intent/user?screen_name=_mwc>
OWASP Global Board
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-bayarea/attachments/20160825/9fccd9f1/attachment.html>

More information about the Owasp-bayarea mailing list