[Owasp-boston] OWASP Boston April 4 meeting

Weiler, Jim Jim.Weiler at Staples.com
Wed Mar 21 17:23:23 EDT 2007


*******************************
Next meeting is 6:30 pm on Wed. April 4  
 
I'm trying to have the meetings provide more unique information than
technology presentations whose information is often available elsewhere.
I've been trying to get speakers that can tell about experiences they've
had, things that worked and didn't work, good if not best practices, for
real world situations.  Mark was an OWASP Boston presenter before, and his
talk at RSA pointed out some things I never heard of. He's had lots of
experience with web services security and we'll get the benefit of some of
that at the meeting. I think it's worth listening to anyone who describes
the security company they work for as "a" leading .....vendor, not "the"
leading ... vendor. After that you gotta believe everything else he says is
true. 
 
I'm still going to try to do a tool talk but I wanted to get this notice
out. 
 
Speaker: Mark O'Neill, Chief Technical Officer at Vordel 
Topic: Case Notes from a Vulnerability Assessment performed on a financial
services Web Services application  

This presentation describes a real-life vulnerability assessment that was
conducted on the Web Services applications of a financial services
corporation. The vulnerabilities which were discovered are explained, and
countermeasures are proposed. Testing strategies are described. The Vordel
SOAPbox tool was used as a launch-pad for the attacks used in this
vulnerability assessment. All customer information has been anonymized. 

Mark O'Neill is Chief Technical Officer at Vordel, a leading Web Services
Security vendor. Mark is the author of the book "Web Services Security",
published by McGraw-Hill/Osborne Media. A frequent conference speaker on Web
Services Security, Mark also provides training on secure Web Services to
governments (including US Government agencies), insurance companies, and
telecoms companies worldwide. 

 
Pizza will be provided by - -TBD
 
Location:
Microsoft offices at the Waltham Weston Corporate Center, 201 Jones Rd.,
Sixth Floor Waltham, MA
 
Directions:
>From Rt. 128 North take exit 26 toward Waltham, East up the hill on Rt. 20.
>From Rt 128 South take exit 26 but go around the rotary to get to 20 East to
Waltham. Follow signs for Rt. 117 (left at the second light). When you get
to 117 turn left (West). You will cross back over Rt. 128.
Jones Rd. (look for the Waltham Weston Corporate Center sign) is the second
left, at a blinking yellow light, on Rt. 117 going west about 0.1 miles from
Rt. 128 (I95). The office building is at the bottom of Jones Rd. You can
park in the rear parking lot by turning right just before the building. Go
in the rear entrance, you might have to knock on the door to get the guard
to let you in.
The room is MPR C. 
 
More information at http://www.owasp.org/index.php/Boston
<http://www.owasp.org/index.php/Boston> 
**********************************
CISSPs - Each meeting counts for 2 CPEs. You can decide on whether it would
be type A or B and the domain.
Meeting attendance verification forms available at each meeting from Jim.
 
*******************************
O'Reilly Books Group Discount
Get 30% off a single book or 35% off two or more books from O'Reilly, No
Starch, Paraglyph, PC Publishing, Pragmatic Bookshelf, SitePoint, or
Syngress books you purchase directly from O'Reilly. Just use code DSUG when
ordering online or by phone 800-998-9938. Free ground shipping on orders
$29.95 or more in the US. 

 
Jim Weiler CISSP
Staples North American Delivery
Application Security Architect
508 2533884
 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.owasp.org/pipermail/owasp-boston/attachments/20070321/532c492d/attachment.html 


More information about the Owasp-boston mailing list