[Owasp-boston] OWASP Boston June 2 Mtg - Microsoft Waltham

Weiler, Jim Jim.Weiler at starwoodhotels.com
Mon May 24 12:00:20 EDT 2010



Date - Wed. June 2


Time - 6:30 p.m.


Rob Cheyne Lightning Talk - topic to be announced


Main Presentation - Ryan Barnett

The Web Hacking Incident Database (WHID) is a Web Application Security Consortium project dedicated to maintaining a list of web applications related security incidents. The databsae classifies each reported attack by, among other criteria, the attack method used, the application weakness exploited, the outcome of the attack and the industry and the country of the attacked organization. Based on the database Breach Security Labs, which sponsors WHID, recently issued a periodical report on trends in Web Application Security.

By providing answers to questions such as:

§   The drivers behind Web hacking.

§   The application weaknesses that are actively exploited.

§   The technology hackers use.

§   The types of organizations attacked most often.

§   The common outcomes

The presentation will discuss WHID statistics, focusing on trends in Web Attacks in the 1st quarter of 2010. The presentation will provide an overview of the top items, as well as, an in-depth review of Incidents of Interest.


Ryan C. Barnett is the director of application security research at Breach Security where he leads Breach Security Labs. He is a SANS Institute certified instructor and a member of both the Top 20 Vulnerabilities and CWE/SANS Top 25 Most Dangerous Programming Errors teams. In addition to working with SANS, he is also a WASC Member where he leads the Web Hacking Incidents Database (WHID) and Distributed Open Proxy Honeypots Projects and is also the OWASP ModSecurity Core Rule Set (CRS) project leader. Mr. Barnett has also authored a Web security book for Addison/Wesley Publishing entitled Preventing Web Attacks with Apache.


Location and Directions - 


Microsoft offices at the Waltham Weston Corporate Center, 201 Jones Rd., Sixth Floor Waltham, MA


>From Rt. 128 North take exit 26 toward Waltham, East up the hill on Rt. 20. From Rt 128 South take exit 26 but go around the rotary to get to 20 East to Waltham. Follow signs for Rt. 117 (left at the second light). When you get to 117 turn left (West). You will cross back over Rt. 128. Jones Rd. (look for the Waltham Weston Corporate Center sign) is the second left, at a blinking yellow light, on Rt. 117 going west about 0.1 miles from Rt. 128 (I95). The office building is at the bottom of Jones Rd. Best parking is to turn right just before the building and park in the back. Knock on the door to get the security guard to open it. The room is MPR C.


Jim Weiler   CISSP  CSSLP

Starwood Hotels and Resorts

Sr. Mgr. Information Security Risk Assessment

Office - 781 356 0067

Cell - 781 654 6048

This electronic message transmission contains information from the Company that may be proprietary, confidential and/or privileged. 
The information is intended only for the use of the individual(s) or entity named above.  If you are not the intended recipient, be 
aware that any disclosure, copying or distribution or use of the contents of this information is prohibited.  If you have received 
this electronic transmission in error, please notify the sender immediately by replying to the address listed in the "From:" field. 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-boston/attachments/20100524/cd3d5c2d/attachment.html 

More information about the Owasp-boston mailing list