[Owasp-cincinnati] Owasp-cincinnati Digest, Vol 4, Issue 6

tiffany003 at fuse.net tiffany003 at fuse.net
Fri Feb 22 14:24:14 EST 2008


My name is Tiffany Braun and I plan on attending.

Thank you!

---- owasp-cincinnati-request at lists.owasp.org wrote: 
> Send Owasp-cincinnati mailing list submissions to
> 	owasp-cincinnati at lists.owasp.org
> 
> To subscribe or unsubscribe via the World Wide Web, visit
> 	https://lists.owasp.org/mailman/listinfo/owasp-cincinnati
> or, via email, send a message with subject or body 'help' to
> 	owasp-cincinnati-request at lists.owasp.org
> 
> You can reach the person managing the list at
> 	owasp-cincinnati-owner at lists.owasp.org
> 
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Owasp-cincinnati digest..."
> 
> 
> Today's Topics:
> 
>    1. Re: Owasp-cincinnati Digest, Vol 4, Issue 5 (Sinhasan, Alok)
>    2. Re: Owasp-cincinnati Digest, Vol 4, Issue 5 (Marco M. Morana)
>    3. Re: Owasp-cincinnati Digest, Vol 4, Issue 5
>       (Brian.Maus at kroger.com)
> 
> 
> ----------------------------------------------------------------------
> 
> Message: 1
> Date: Mon, 18 Feb 2008 14:10:32 -0500
> From: "Sinhasan, Alok" <Alok_Sinhasan at CINFIN.com>
> Subject: Re: [Owasp-cincinnati] Owasp-cincinnati Digest, Vol 4, Issue
> 	5
> To: <owasp-cincinnati at lists.owasp.org>
> Message-ID:
> 	<594CD456E9B52844B448AA77AD1D8E4903AE94D4 at exchq2.cinfin.com>
> Content-Type: text/plain;	charset="US-ASCII"
> 
> I and my friend Don Pierce will attend.
> 
> Thanks
> Alok
> 
> -----Original Message-----
> From: owasp-cincinnati-bounces at lists.owasp.org
> [mailto:owasp-cincinnati-bounces at lists.owasp.org] On Behalf Of
> owasp-cincinnati-request at lists.owasp.org
> Sent: Monday, February 18, 2008 1:50 PM
> To: owasp-cincinnati at lists.owasp.org
> Subject: Owasp-cincinnati Digest, Vol 4, Issue 5
> 
> Send Owasp-cincinnati mailing list submissions to
> 	owasp-cincinnati at lists.owasp.org
> 
> To subscribe or unsubscribe via the World Wide Web, visit
> 	https://lists.owasp.org/mailman/listinfo/owasp-cincinnati
> or, via email, send a message with subject or body 'help' to
> 	owasp-cincinnati-request at lists.owasp.org
> 
> You can reach the person managing the list at
> 	owasp-cincinnati-owner at lists.owasp.org
> 
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Owasp-cincinnati digest..."
> 
> 
> Today's Topics:
> 
>    1. Next OWASP meeting February 26th, Please RSVP (Marco M. Morana)
> 
> 
> ----------------------------------------------------------------------
> 
> Message: 1
> Date: Mon, 18 Feb 2008 13:24:21 -0500
> From: "Marco M. Morana" <marco.morana at owasp.org>
> Subject: [Owasp-cincinnati] Next OWASP meeting February 26th, Please
> 	RSVP
> To: <owasp-cincinnati at lists.owasp.org>, <johns128 at muohio.edu>,
> 	<hasanr at cintas.com>, <huyicd8 at yahoo.com>
> Message-ID:
> 	<mailman.3045.1203360598.26023.owasp-cincinnati at lists.owasp.org>
> Content-Type: text/plain; charset="us-ascii"
> 
> Fellow OWASP Cincinnati chapter meeting attendees
> 
>  
> 
> We currently have 32 members subscribing the OWASP Cincinnati chapter
> mailing list (herein included) so I am looking for a good participation
> to
> the next meeting next Tuesday, February 26th, 2008, 6.45pm - 7:45pm at
> Citigroup in Blue Ask.
> 
>  
> 
> Please provide your RSVP to me by replying to this email. Also if you
> have
> not subscribed the OWASP Cincinnati mailing list, please do so.
> 
> The meeting session topic is: OWASP Top Ten Vulnerabilities and Software
> Root Causes: Solving The Software Security Problem From an Information
> Security Perspective. 
> 
> Presenter: Marco Morana (Citigroup, TISO, OWASP Chapter Leader, Security
> Blogger). Abstract of the presentation: Before to diagnose the disease
> and
> provide the cure a doctor looks at the root causes of the sickness, the
> risk
> factors and the symptoms. In case of application security the majority
> of
> the root causes of the security issues are in-secure software, the risk
> factors can be found in how bad the application is designed, the
> software is
> coded and the application is tested and the symptoms in how the
> application
> vulnerabilities are exposed. The presentation will articulate the
> problem of
> secure software, the costs, the software security risks and how these
> are
> typically dealt with by most organizations. Solving the problem of
> software
> security requires people, process and tools. From the information
> security
> perspective we will look at ways to enforcing software security by
> looking
> at risks that threat agents (attacks) can exploit vulnerabilities due to
> insecure software and the resulting impact on company assets.
> Implementing a
> set of software security requirements is the best place to start to
> address
> the root causes of web application vulnerabilities. With a
> categorization of
> web application vulnerabilities as weakness in application security
> controls, it is easier to describe the root cases as coding errors. A
> good
> place to start documenting software security requirements is the OWASP
> Top
> Ten, for each of these vulnerabilities we will discuss the threat, the
> risk
> factors, the software root causes of the vulnerability, how to find if
> you
> are vulnerable and if you are which countermeasures need to be
> implemented.
> 
> Presentation start 7.00 pm
> 
> Consult the OWASP chapter web page for more details. The presentation
> will
> be uploaded on the site.
> 
>  <http://www.owasp.org/index.php/Cincinnati>
> http://www.owasp.org/index.php/Cincinnati
> 
>  
> 
> Hope to see you there.
> 
>  
> 
> Regards
> 
>  
> 
> Marco Morana
> 
> OWASP Cincinnati Chapter Leader
> 
>  <http://www.owasp.org/index.php/Cincinnati>
> http://www.owasp.org/index.php/Cincinnati
> 
>  <http://securesoftware.blogspot.com> http://securesoftware.blogspot.com
> 
>  
> 
>  
> 
> Marco Morana
> 
> OWASP Cincinnati Chapter Leader
> 
> http://www.owasp.org/index.php/Cincinnati
> 
> http://securesoftware.blogspot.com
> 
>  
> 
>  
> 
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL:
> https://lists.owasp.org/pipermail/owasp-cincinnati/attachments/20080218/
> dd3737da/attachment.html 
> -------------- next part --------------
> A non-text attachment was scrubbed...
> Name: OWASP_ParticipantList_2_18_08.xls
> Type: application/vnd.ms-excel
> Size: 21504 bytes
> Desc: not available
> Url :
> https://lists.owasp.org/pipermail/owasp-cincinnati/attachments/20080218/
> dd3737da/attachment.xls 
> 
> ------------------------------
> 
> _______________________________________________
> Owasp-cincinnati mailing list
> Owasp-cincinnati at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-cincinnati
> 
> 
> End of Owasp-cincinnati Digest, Vol 4, Issue 5
> **********************************************
> 
> 
> ------------------------------
> 
> Message: 2
> Date: Mon, 18 Feb 2008 15:23:27 -0500
> From: "Marco M. Morana" <marco.m.morana at gmail.com>
> Subject: Re: [Owasp-cincinnati] Owasp-cincinnati Digest, Vol 4, Issue
> 	5
> To: "'Sinhasan, Alok'" <Alok_Sinhasan at CINFIN.com>,
> 	<owasp-cincinnati at lists.owasp.org>
> Message-ID: <47b9e940.31a0260a.3c9d.ffff85c7 at mx.google.com>
> Content-Type: text/plain;	charset="us-ascii"
> 
> Ok thanks Alok
> 
> -----Original Message-----
> From: owasp-cincinnati-bounces at lists.owasp.org
> [mailto:owasp-cincinnati-bounces at lists.owasp.org] On Behalf Of Sinhasan,
> Alok
> Sent: Monday, February 18, 2008 2:11 PM
> To: owasp-cincinnati at lists.owasp.org
> Subject: Re: [Owasp-cincinnati] Owasp-cincinnati Digest, Vol 4, Issue 5
> 
> I and my friend Don Pierce will attend.
> 
> Thanks
> Alok
> 
> -----Original Message-----
> From: owasp-cincinnati-bounces at lists.owasp.org
> [mailto:owasp-cincinnati-bounces at lists.owasp.org] On Behalf Of
> owasp-cincinnati-request at lists.owasp.org
> Sent: Monday, February 18, 2008 1:50 PM
> To: owasp-cincinnati at lists.owasp.org
> Subject: Owasp-cincinnati Digest, Vol 4, Issue 5
> 
> Send Owasp-cincinnati mailing list submissions to
> 	owasp-cincinnati at lists.owasp.org
> 
> To subscribe or unsubscribe via the World Wide Web, visit
> 	https://lists.owasp.org/mailman/listinfo/owasp-cincinnati
> or, via email, send a message with subject or body 'help' to
> 	owasp-cincinnati-request at lists.owasp.org
> 
> You can reach the person managing the list at
> 	owasp-cincinnati-owner at lists.owasp.org
> 
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Owasp-cincinnati digest..."
> 
> 
> Today's Topics:
> 
>    1. Next OWASP meeting February 26th, Please RSVP (Marco M. Morana)
> 
> 
> ----------------------------------------------------------------------
> 
> Message: 1
> Date: Mon, 18 Feb 2008 13:24:21 -0500
> From: "Marco M. Morana" <marco.morana at owasp.org>
> Subject: [Owasp-cincinnati] Next OWASP meeting February 26th, Please
> 	RSVP
> To: <owasp-cincinnati at lists.owasp.org>, <johns128 at muohio.edu>,
> 	<hasanr at cintas.com>, <huyicd8 at yahoo.com>
> Message-ID:
> 	<mailman.3045.1203360598.26023.owasp-cincinnati at lists.owasp.org>
> Content-Type: text/plain; charset="us-ascii"
> 
> Fellow OWASP Cincinnati chapter meeting attendees
> 
>  
> 
> We currently have 32 members subscribing the OWASP Cincinnati chapter
> mailing list (herein included) so I am looking for a good participation
> to
> the next meeting next Tuesday, February 26th, 2008, 6.45pm - 7:45pm at
> Citigroup in Blue Ask.
> 
>  
> 
> Please provide your RSVP to me by replying to this email. Also if you
> have
> not subscribed the OWASP Cincinnati mailing list, please do so.
> 
> The meeting session topic is: OWASP Top Ten Vulnerabilities and Software
> Root Causes: Solving The Software Security Problem From an Information
> Security Perspective. 
> 
> Presenter: Marco Morana (Citigroup, TISO, OWASP Chapter Leader, Security
> Blogger). Abstract of the presentation: Before to diagnose the disease
> and
> provide the cure a doctor looks at the root causes of the sickness, the
> risk
> factors and the symptoms. In case of application security the majority
> of
> the root causes of the security issues are in-secure software, the risk
> factors can be found in how bad the application is designed, the
> software is
> coded and the application is tested and the symptoms in how the
> application
> vulnerabilities are exposed. The presentation will articulate the
> problem of
> secure software, the costs, the software security risks and how these
> are
> typically dealt with by most organizations. Solving the problem of
> software
> security requires people, process and tools. From the information
> security
> perspective we will look at ways to enforcing software security by
> looking
> at risks that threat agents (attacks) can exploit vulnerabilities due to
> insecure software and the resulting impact on company assets.
> Implementing a
> set of software security requirements is the best place to start to
> address
> the root causes of web application vulnerabilities. With a
> categorization of
> web application vulnerabilities as weakness in application security
> controls, it is easier to describe the root cases as coding errors. A
> good
> place to start documenting software security requirements is the OWASP
> Top
> Ten, for each of these vulnerabilities we will discuss the threat, the
> risk
> factors, the software root causes of the vulnerability, how to find if
> you
> are vulnerable and if you are which countermeasures need to be
> implemented.
> 
> Presentation start 7.00 pm
> 
> Consult the OWASP chapter web page for more details. The presentation
> will
> be uploaded on the site.
> 
>  <http://www.owasp.org/index.php/Cincinnati>
> http://www.owasp.org/index.php/Cincinnati
> 
>  
> 
> Hope to see you there.
> 
>  
> 
> Regards
> 
>  
> 
> Marco Morana
> 
> OWASP Cincinnati Chapter Leader
> 
>  <http://www.owasp.org/index.php/Cincinnati>
> http://www.owasp.org/index.php/Cincinnati
> 
>  <http://securesoftware.blogspot.com> http://securesoftware.blogspot.com
> 
>  
> 
>  
> 
> Marco Morana
> 
> OWASP Cincinnati Chapter Leader
> 
> http://www.owasp.org/index.php/Cincinnati
> 
> http://securesoftware.blogspot.com
> 
>  
> 
>  
> 
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL:
> https://lists.owasp.org/pipermail/owasp-cincinnati/attachments/20080218/
> dd3737da/attachment.html 
> -------------- next part --------------
> A non-text attachment was scrubbed...
> Name: OWASP_ParticipantList_2_18_08.xls
> Type: application/vnd.ms-excel
> Size: 21504 bytes
> Desc: not available
> Url :
> https://lists.owasp.org/pipermail/owasp-cincinnati/attachments/20080218/
> dd3737da/attachment.xls 
> 
> ------------------------------
> 
> _______________________________________________
> Owasp-cincinnati mailing list
> Owasp-cincinnati at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-cincinnati
> 
> 
> End of Owasp-cincinnati Digest, Vol 4, Issue 5
> **********************************************
> _______________________________________________
> Owasp-cincinnati mailing list
> Owasp-cincinnati at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-cincinnati
> 
> 
> 
> ------------------------------
> 
> Message: 3
> Date: Tue, 19 Feb 2008 09:50:32 -0500
> From: Brian.Maus at kroger.com
> Subject: Re: [Owasp-cincinnati] Owasp-cincinnati Digest, Vol 4, Issue
> 	5
> To: owasp-cincinnati at lists.owasp.org
> Cc: owasp-cincinnati at lists.owasp.org,
> 	owasp-cincinnati-bounces at lists.owasp.org
> Message-ID:
> 	<OFE8B4DE58.D6309E14-ON852573F4.005183BA-852573F4.005187E0 at kroger.com>
> Content-Type: text/plain; charset=US-ASCII
> 
> Brian Maus will be attending....
> 
> Brian P. Maus
> Corporate Information Security
> Office: (513) 387-7873
> FAX:    (513) 387-7299
> 
> 
> 
> ------------------------------
> 
> _______________________________________________
> Owasp-cincinnati mailing list
> Owasp-cincinnati at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-cincinnati
> 
> 
> End of Owasp-cincinnati Digest, Vol 4, Issue 6
> **********************************************



More information about the Owasp-cincinnati mailing list