[Owasp-boston] OWASP Boston - June 6 Mtg

Weiler, Jim Jim.Weiler at Staples.com
Wed May 23 13:47:30 EDT 2007


*******************************
Next meeting is 6:30 pm on Wed. June 6  
 
ToolTalk: Jim Weiler
WebGoat and Crosssite Request Forgeries
 
In keeping with our theme of 'experience, not just technology', Danny Allen
will be talking about exploits they've seen and software changes they've
seen that make a difference.
 
Main Speaker: 
Danny Allan; Director, Security Research, Watchfire

Topic: 
Exploitation of the OWASP Top 10: Attacks and Strategies
 
We often talk about the vulnerabilities that make up the OWASP Top 10, but
sometimes we lack the awareness of how the true exploitations actually take
place.  A vulnerability is a very different thing from an exploit.  This
presentation will demonstrate some of the more advanced exploitation
techniques we are seeing around the OWASP Top 10 and how the Web 2.0 world
has opened a world of opportunity.  We will also discuss some of the small
changes an organization can do to be more effective in securing online
software.  It's easy to talk about secure software, but it's often hard to
know where to start.  What are the simple steps we have witnessed that have
made the largest difference?"
 
Pizza will be provided by Watchfire
 

Location:
Microsoft offices at the Waltham Weston Corporate Center, 201 Jones Rd.,
Sixth Floor Waltham, MA
 
Directions:
>From Rt. 128 North take exit 26 toward Waltham, East up the hill on Rt. 20.
>From Rt 128 South take exit 26 but go around the rotary to get to 20 East to
Waltham. Follow signs for Rt. 117 (left at the second light). When you get
to 117 turn left (West). You will cross back over Rt. 128.
Jones Rd. (look for the Waltham Weston Corporate Center sign) is the second
left, at a blinking yellow light, on Rt. 117 going west about 0.1 miles from
Rt. 128 (I95). The office building is at the bottom of Jones Rd. You can
park in the rear parking lot by turning right just before the building. Go
in the rear entrance, you might have to knock on the door to get the guard
to let you in.
The room is MPR C. 
 
More information at http://www.owasp.org/index.php/Boston
<http://www.owasp.org/index.php/Boston> 
**********************************
CISSPs - Each meeting counts for 2 CPEs. You can decide on whether it would
be type A or B and the domain.
Meeting attendance verification forms available at each meeting from Jim.
 
*******************************
O'Reilly Books Group Discount
Get 30% off a single book or 35% off two or more books from O'Reilly, No
Starch, Paraglyph, PC Publishing, Pragmatic Bookshelf, SitePoint, or
Syngress books you purchase directly from O'Reilly. Just use code DSUG when
ordering online or by phone 800-998-9938. Free ground shipping on orders
$29.95 or more in the US. 

 
Jim Weiler CISSP
Staples North American Delivery
Application Security Architect
508 2533884
 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.owasp.org/pipermail/owasp-boston/attachments/20070523/573208ac/attachment.html 


More information about the Owasp-boston mailing list