[Owasp-cincinnati] Owasp-cincinnati Digest, Vol 4, Issue 5

Sinhasan, Alok Alok_Sinhasan at CINFIN.com
Mon Feb 18 14:10:32 EST 2008


I and my friend Don Pierce will attend.

Thanks
Alok

-----Original Message-----
From: owasp-cincinnati-bounces at lists.owasp.org
[mailto:owasp-cincinnati-bounces at lists.owasp.org] On Behalf Of
owasp-cincinnati-request at lists.owasp.org
Sent: Monday, February 18, 2008 1:50 PM
To: owasp-cincinnati at lists.owasp.org
Subject: Owasp-cincinnati Digest, Vol 4, Issue 5

Send Owasp-cincinnati mailing list submissions to
	owasp-cincinnati at lists.owasp.org

To subscribe or unsubscribe via the World Wide Web, visit
	https://lists.owasp.org/mailman/listinfo/owasp-cincinnati
or, via email, send a message with subject or body 'help' to
	owasp-cincinnati-request at lists.owasp.org

You can reach the person managing the list at
	owasp-cincinnati-owner at lists.owasp.org

When replying, please edit your Subject line so it is more specific
than "Re: Contents of Owasp-cincinnati digest..."


Today's Topics:

   1. Next OWASP meeting February 26th, Please RSVP (Marco M. Morana)


----------------------------------------------------------------------

Message: 1
Date: Mon, 18 Feb 2008 13:24:21 -0500
From: "Marco M. Morana" <marco.morana at owasp.org>
Subject: [Owasp-cincinnati] Next OWASP meeting February 26th, Please
	RSVP
To: <owasp-cincinnati at lists.owasp.org>, <johns128 at muohio.edu>,
	<hasanr at cintas.com>, <huyicd8 at yahoo.com>
Message-ID:
	<mailman.3045.1203360598.26023.owasp-cincinnati at lists.owasp.org>
Content-Type: text/plain; charset="us-ascii"

Fellow OWASP Cincinnati chapter meeting attendees

 

We currently have 32 members subscribing the OWASP Cincinnati chapter
mailing list (herein included) so I am looking for a good participation
to
the next meeting next Tuesday, February 26th, 2008, 6.45pm - 7:45pm at
Citigroup in Blue Ask.

 

Please provide your RSVP to me by replying to this email. Also if you
have
not subscribed the OWASP Cincinnati mailing list, please do so.

The meeting session topic is: OWASP Top Ten Vulnerabilities and Software
Root Causes: Solving The Software Security Problem From an Information
Security Perspective. 

Presenter: Marco Morana (Citigroup, TISO, OWASP Chapter Leader, Security
Blogger). Abstract of the presentation: Before to diagnose the disease
and
provide the cure a doctor looks at the root causes of the sickness, the
risk
factors and the symptoms. In case of application security the majority
of
the root causes of the security issues are in-secure software, the risk
factors can be found in how bad the application is designed, the
software is
coded and the application is tested and the symptoms in how the
application
vulnerabilities are exposed. The presentation will articulate the
problem of
secure software, the costs, the software security risks and how these
are
typically dealt with by most organizations. Solving the problem of
software
security requires people, process and tools. From the information
security
perspective we will look at ways to enforcing software security by
looking
at risks that threat agents (attacks) can exploit vulnerabilities due to
insecure software and the resulting impact on company assets.
Implementing a
set of software security requirements is the best place to start to
address
the root causes of web application vulnerabilities. With a
categorization of
web application vulnerabilities as weakness in application security
controls, it is easier to describe the root cases as coding errors. A
good
place to start documenting software security requirements is the OWASP
Top
Ten, for each of these vulnerabilities we will discuss the threat, the
risk
factors, the software root causes of the vulnerability, how to find if
you
are vulnerable and if you are which countermeasures need to be
implemented.

Presentation start 7.00 pm

Consult the OWASP chapter web page for more details. The presentation
will
be uploaded on the site.

 <http://www.owasp.org/index.php/Cincinnati>
http://www.owasp.org/index.php/Cincinnati

 

Hope to see you there.

 

Regards

 

Marco Morana

OWASP Cincinnati Chapter Leader

 <http://www.owasp.org/index.php/Cincinnati>
http://www.owasp.org/index.php/Cincinnati

 <http://securesoftware.blogspot.com> http://securesoftware.blogspot.com

 

 

Marco Morana

OWASP Cincinnati Chapter Leader

http://www.owasp.org/index.php/Cincinnati

http://securesoftware.blogspot.com

 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL:
https://lists.owasp.org/pipermail/owasp-cincinnati/attachments/20080218/
dd3737da/attachment.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OWASP_ParticipantList_2_18_08.xls
Type: application/vnd.ms-excel
Size: 21504 bytes
Desc: not available
Url :
https://lists.owasp.org/pipermail/owasp-cincinnati/attachments/20080218/
dd3737da/attachment.xls 

------------------------------

_______________________________________________
Owasp-cincinnati mailing list
Owasp-cincinnati at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-cincinnati


End of Owasp-cincinnati Digest, Vol 4, Issue 5
**********************************************


More information about the Owasp-cincinnati mailing list