[Owasp-denver] FINAL REMINDER: August OWASP Meeting, TONIGHT, 6pm @ Raytheon Polar, Centennial CO]

David Campbell dcampbell at owasp.org
Wed Aug 20 12:37:03 EDT 2008


Greetings everybody!  I look forward to seeing you this evening.
Tonight we have the pleasure of hearing Dan Cornell enlighten us on the
topic of Static Analysis.

Static Analysis of software refers to examining source code and other
software artifacts without executing them. This presentation looks at
how these techniques can be used to identify security defects in
applications. Approaches examined will range from simple keyword search
methods used to identify calls to banned functions through more
sophisticated data flow analysis used to identify more complicated
issues such as injection flaws. In addition, a demonstration will be
given of two freely-available static analysis tools: FindBugs for the
Java platform and FXCop for the .NET platform. Finally, some approaches
will be presented on how organizations can start using static analysis
tools as part of their development and quality assurance processes.

Dan Cornell has over ten years of experience architecting and developing
web-based software systems. He leads Denim Group’s security research
team in investigating the application of secure coding and development
techniques to improve web-based software development methodologies.

Dan was the founding coordinator and chairman for the Java Users Group
of San Antonio (JUGSA) and is currently the San Antonio chapter leader
of the Open Web Application Security Project (OWASP). He is a recognized
expert in the area of web application security for
SearchSoftwareQuality.com and the primary author of Sprajax, OWASP’s
open source tool for assessing the security of AJAX-enabled web
applications.


Agenda:

6-6:30 Dinner (at Raytheon Polar; pizza provided by Business Partner
Solutions.)

6:30 - 6:40 Chapter business

6:40 - 8:00 Presentation and Q&A

Following the meeting we will have informal discussions over beverages
at JD's Bait Shop.

Thanks to Raytheon Polar for hosting, to the Denim Group for bringing us
Dan, and to Business Partners Solutions for sponsoring pizza and
beverages beforehand.

If Wednesday or Denver is inconvenient, Dan will be addressing the
Boulder Chapter on the same topic tomorrow (Thursday) in Broomfield:
http://www.owasp.org/index.php/Boulder#Next_Meeting

Cheers,

-DC

-- 
Management, Developers, Security Professionals – can only result in one
thing…… better security.

http://www.owasp.org/index.php/OWASP_NYC_AppSec_2008_Conference  Sept
22nd-25th 2008




More information about the OWASP-DENVER mailing list