[Owasp-denver] [Invitation] Denver OWASP Meeting: The ASP .NET ESAPI Project @ Wed Oct 15 6pm – 8pm (owasp-denver at lists.owasp.org)
dcampbell dcampbell
dcampbell at owasp.org
Wed Oct 8 17:38:35 EDT 2008
owasp-denver at lists.owasp.org, you are invited to
Title: Denver OWASP Meeting: The ASP .NET ESAPI Project
Time: Wed Oct 15 6pm – 8pm (Timezone: Mountain Time)
Where: Raytheon Polar Services, 7400 S. Tucson Way, Centennial CO 80112
Calendar: owasp-denver at lists.owasp.org
Description: Centralized Security Functionality In a .NET World
The OWASP .NET ESAPI Project The Enterprise Security Application
Programming Interface, or ESAPI, is a one-stop security shop for developers
looking to implement security mechanisms in their code. The brainchild of
Jeff Williams, one of the founders of OWASP, the ESAPI is an open source
project that has gained traction with organizations looking to implement
secure applications using tried and tested code that is also well organized
and consistent. It includes functionality for validating and encoding data,
authenticating and authorizing users, logging, error handling, and more.
The API includes a Java reference implementation that can be extended to
allow any organization to integrate security functionality into their
Java/JEE applications.
But what about .NET? Many organizations are banking on the powerful
Microsoft programming framework to help them deliver robust and secure
software. However, like Java, .NET tends to leave it up to the end-user
programmers to get security code right. The OWASP .NET ESAPI project
intends to help .NET developers avoid introducing security vulnerabilities
into their code by providing a full port of the original ESAPI project from
Java to C#.
This talk, delivered by the leader of the .NET ESAPI project Alex Smolen,
will explore the gains, gripes, and gotchas of converting the ESAPI to .NET
from the .NET ESAPI project lead himself. It will discuss features of
the .NET frameworks security model, key differences between the Java
and .NET platforms, and ASP.NET web security issues. Additionally, future
ideas for .NET specific functionality will be proposed and discussed.
Participation and feedback from the attendees is expected and encouraged.
More information is at http://www.owasp.org/index.php/Denver
Thanks!
David Campbell
NOTE: if Wednesday or Centennial won't work for you, Alex will be
presenting on Tuesday, 14 Oct in Broomfield. See link below for details:
http://www.owasp.org/index.php/Boulder#Next_Meeting
You can view this event at
http://www.google.com/calendar/event?action=VIEW&eid=azBtNzRvZm5waXQ3Z21waTc0b3BkdWJybDAgb3dhc3AtZGVudmVyQGxpc3RzLm93YXNwLm9yZw&tok=MTkjZGNhbXBiZWxsQG93YXNwLm9yZ2UwMDMwMzQ0YjAyYmNkODQ2YzUxYTU3NGViMjA0ZjZkM2RjZTc2OWU&ctz=America%2FDenver&hl=en
You are receiving this courtesy email at the account
owasp-denver at lists.owasp.org because you are an attendee of this event.
To stop receiving future notifications for this event, decline this event.
Alternatively you can sign up for a Google account at
http://www.google.com/calendar/ and control your notification settings for
your entire calendar.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-denver/attachments/20081008/5aad8265/attachment.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/calendar
Size: 3290 bytes
Desc: not available
Url : https://lists.owasp.org/pipermail/owasp-denver/attachments/20081008/5aad8265/attachment.bin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: invite.ics
Type: application/ics
Size: 3290 bytes
Desc: not available
Url : https://lists.owasp.org/pipermail/owasp-denver/attachments/20081008/5aad8265/attachment-0001.bin
More information about the OWASP-DENVER
mailing list