[Owasp-boston] OWASP Boston Feb. 1 meeting

Weiler, Jim Jim.Weiler at Staples.com
Fri Jan 27 11:03:19 EST 2006

Next meeting is 6:30 pm on Wed. Feb. 1 
This is our 1st anniversary, Happy Birthday to us.
Security Podcasts
I guess I'm geeky enough that I'd rather listen to security presentations
than the radio during my commute (at least now that the Brady and Belichick
call in sessions are gone). I've found a bunch of security Podcasts, which
seem to be just MP3 files that you could play on any MP3 device. Some are
one offs, some are free subscriptions. I'll let you know what I found.
Windows Metafile Vulnerability
This is a really sneaky and pervasive one, exploit code has been put into
the Metasploit toolkit so anybody can make an attack. There seem to be many
ways a Windows metafile can be executed, some without your knowledge it
seems. We'll discuss this.
Announcements, general Q+A.
7 pm
Presenter - Ron Ben Natan; Guardium CTO
Topic: Database Security: Protecting Identity Information at the Source

Databases contain security logging and auditing functions, but they may
seldom be used due to limited knowledge or lack of efficacy. Simultaneously,
security is a vital IT topic, and organizations are overwhelmed by
regulations like Sarbanes-Oxley (SOX) that increase database privacy and
auditing requirements, taxing the database and DBA.  


This presentation covers the complexities of security and auditing projects
(e.g., in a SOX or PCI initiative), as well as vulnerabilities and attacks
that exist or have been used within various database environments. While
both SOX and PCI require auditing and encryption level data protection,
these can be achieved without turning on additional database functionality
like logging or encryption, and without changing the applications that use
the database. By watching queries as they enter the database, alerts and
blocking actions can be initiated based on behavior rules instead of
signatures. This also reduces the need for upstream application level
defenses which have to recognize obfuscated malicious queries (e.g. UNICODE
or UTF encoded SQL) because at this point the SQL must be ready to be
interpreted by the database


By the conclusion, you should better understand the ways in which you can
protect your databases from malicious or accidental misuse, ensure secure
database deployments, and support compliance requirements.


Pizza will be provided by Guardium
Microsoft offices at the Waltham Weston Corporate Center, 201 Jones Rd.,
Sixth Floor Waltham, MA

More information about the Owasp-boston mailing list