[Owasp-kansascity] KC OWASP chapter meeting - Sept 6th

Bruce K. Marshall bmarshall at securityps.com
Wed Aug 22 13:06:54 EDT 2007


I am pleased to announce that the details for our next OWASP Kansas City
chapter meeting have been finalized.  We will get together on Thursday,
September 6th starting at 6:00 PM and finishing around 8:30 PM.  Add the
event to your calendar today so you don't miss this opportunity to learn
about web application security and network with your peers.


Here are the presentations planned for this meeting:


Speaker 1: Bob Phelps, National Bank Examiner with the Office of the
Comptroller of the Currency (OCC)


Bob will provide his insight on the financial regulatory environment and
how laws lead to specific information security standards and guidance.
Through his job he has performed a review of application security
practices in about a dozen midsize and large banks.  Bob will share the
results of this review and provide his recommendations on how to
establish a sound application security management program.


At the OCC Bob both works with the Policy division in Washington DC and
has bank supervisory responsibilities.  He leads and participates in
examinations of National Banks in NYC, KC, Omaha, and Minneapolis.  His
Policy responsibilities include evaluating emerging technologies and
their impact on the banking system, evaluating trends in information
security, and developing and delivering various training programs to
other examiners.



Speaker 2: Bruce K. Marshall, Senior Security Consultant with Security


Bruce will be speaking about how to avoid improperly using challenge
questions (e.g. "What is your pet's name?") for web app authentication.
While challenge questions tend to be user friendly they can also expose
your application to new security threats.  He will share his experience
on both choosing the best challenge questions and how to properly
integrate them into your application.


Bruce consults with clients like American Express, Garmin, Microsoft,
and Commerce Bank to assess and improve their information security
strategies in areas like network security, web app security,
authentication, and program management.



Date: September 6, 2007 - 6:00 PM - 8:30 PM





Centriq Training 

8700 State Line Road 

Suite 200 

Leawood, KS 66206 

(913) 322-7000



Thanks to Centriq Training for volunteering to host our chapter meeting!



Attendance of OWASP meetings is free and anyone interested in web
application security is welcome to attend.  Feel free to pass on this
meeting announcement to anyone else that would benefit from joining us.
You can also point them to our OWASP chapter web site:


RSVPs are not necessary to attend this meeting but are appreciated so
room seating is adequate.  Please RSVP to bmarshall at securityps.com
<mailto:bmarshall at securityps.com> .

Bruce K. Marshall, CISSP
bmarshall at securityps.com - 913-888-2111 x6140
Security PS - Kansas City - blog.securityps.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-kansascity/attachments/20070822/619641df/attachment.html 

More information about the OWASP-KansasCity mailing list