[OWASP-Philadelphia] *FINAL NOTICE * - April 17th Event
tomb at accessitgroup.com
Wed Apr 11 22:20:25 EDT 2007
NY/NJ Metro OWASP
Next Meeting: APRIL 17th 6:00pm - 9:00pm
Event Sponsor: UBS
Cost: $0.00 - RSVP REQUESTED
Marc Maiffret, Founder/CTO & Chief Hacking Officer eEye Digital Security
Topic: "It's More Than a Microsoft World & LIVE Hacking VISTA"
Jeremiah Grossman, Founder/CTO - White Hat Security
Topic: "Hacking Intranet websites from the outside"
Tom Brennan NY/NJ Metro OWASP - President
Topic: OWASP Version 2.0 Testing Guide
Meeting Address: UBS 499 Washington Ave, 1st Floor Jersey City, NJ 07310
YOUR RSVP IS REQUESTED for building security and refreshment headcount.
This event will 3 CPE Credits
6:00pm - 7:00pm Speaker: Marc Maiffret, Founder/CTO & Chief Hacking Officer eEye Digital Security As eEye Digital Security's Co-Founder/CTO and Chief Hacking Officer, Marc Maiffret has been a driving force in the vision and continuous innovation for eEye's product development and vulnerability research efforts since the company's inception in 1998. Long regarded as a security expert and thought leader in vulnerability assessment and endpoint security, Marc Maiffret also leads the efforts of eEye's world renowned Research Team. In addition, Mr. Maiffret speaks regularly on the state of security across the globe, including several appearances before Congress, where he has testified on information policies and security threats posed to both public and private infrastructures. Mr. Maiffret's role in vulnerability research, education and product innovation has been reflected in the numerous awards and distinguishments that eEye Digital Security continuously receives.
Abstract: "It's More Than a Microsoft World." While Microsoft has long been the primary target for criminals looking to exploit system vulnerabilities, now other applications such as Systems Management, QuickTime, iTunes and even security applications from companies like Symantec and McAfee are being used as a means of entry into the network. eEye's research team has identified these exploits as part of a growing trend of attacks that target consumer-oriented applications rather than the operating system itself, as well as bypass network-level security technologies traditionally used by organizations, including IDS gateways or gateway-based anti-virus systems. Now, applications like QuickTime or iTunes can represent a threat to the network's integrity. The reason is simple - Since Microsoft has been the dominant OS with the largest installed base, hackers naturally targeted it. However, as Microsoft has steadily improved its approach to security, criminals are looking to other "low hanging fruit." And they've had 5 whole years to practice against Microsoft, which means many applications are more vulnerable than ever. As an additional bonus Maiffret will demonstrate that although Microsoft has progressed in security they are not perfect. To help illustrate this fact Maiffret will be demonstrating live hacking a Windows Vista system with Office 2007.
7:00 - 8:00pm Speaker: Tom Brennan, President of NY/NJ OWASP Metro Tom specializes in providing business risk assessments and penetration testing of critical IT infrastructures for customers of his employer. In his spare time he spends way too much time on his computers (per his wife) donating time to OWASP projects and performing incident response.
Abstract: OWASP Version 2 Testing Guide Tom will discuss the co-authored release of the new OWASP V2 Testing Guide. In addition, Tom will also discuss the merger of the NYC and NJ OWASP Chapters and the current OWASP projects underway.
8:00pm - 9:00pm Speaker: Jeremiah Grossman, Founder/CTO - White Hat Mr. Grossman founded WhiteHat Security in 2001. Prior to WhiteHat, Mr. Grossman was an information security officer at Yahoo! responsible for performing security reviews on the company's hundreds of web applications. As one of the world's busiest web properties, with over 17,000 web servers for customer access and 600 web applications, the highest level of security was required. Before Yahoo!, Mr. Grossman worked for Amgen, Inc.
Abstract: "HACKING INTRANET WEBSITES FROM THE OUTSIDE" This hour-long presentation will feature Jeremiah Grossman, WhiteHat Security Founder and CTO. Mr. Grossman will demonstrate: How a user is first infected or attacked using a malicious Web page or Cross-Site Scripting vulnerability; How a Web browser can be completely controlled or monitored remotely. How a Web browser can be used as a stepping stone to perform network reconnaissance on internal networks; and, How to exploit internal machines using a compromised Web browser
Meetings are FREE and open to the PUBLIC - RSVP IS REQUESTED as space is limited and required by building security!
Mass transit The Pavonia Ave Path stop is across the street and the Pavonia / Newport Mall Light Rail is behind the building.
Driving Directions to Newport From Holland Tunnel - At the first light out of the Tunnel, make a right (by the Gas Station). At the next light, make a right onto 18th Street. 18th Street will turn into Washington Boulevard. At the fourth light, make a right onto 6th Street. Take the next right onto Mall Drive East. Open parking lot is straight ahead.
>From Lincoln Tunnel - Upon exiting the Tunnel, immediately get into the far right lane. Follow the Hoboken exit sign and ramp. At the first light, the street becomes Willow Avenue. Continue straight through the light. Proceed on Willow Avenue for approximately 1.5 miles. Continue to the end. Turn right onto Observer Highway. At the first light, Henderson Avenue, turn left. Stay on Henderson Avenue, under rail tracks, at first light, 18th Street, turn left. Continue on 18th Street which turns into Washington Boulevard.
>From New Jersey Turnpike - Take the NJ Turnpike to exit 14C, the Holland Tunnel. After the toll, continue toward the Holland Tunnel. At the bottom of the ramp, turn right onto Jersey Avenue. Then immediately bear left up Newport Centre Mall ramp. Follow signs to the Parking Garage.
>From Garden State Parkway North - Exit at Route 22 Eastbound Exit 140. Stay on Route 22 East until Route 1&9 North onto the Pulaski Skyway. At the bottom of ramp, coming off Skyway going to the Holland Tunnel turn right. Immediately bear left up the ramp to Newport Centre Mall.
>From Garden State Parkway South - Exit at Parkway at Exit 145 onto Route 280 East. Stay on Route 280 until it ends. Then take Route 508 towards Jersey City. Route 508 joins Route 7, then after crossing bridges at the first traffic circle follow Route 1&9 North to Holland Tunnel. At the bottom of the ramp, turn right onto Jersey Avenue. Then bear to your left up the ramp to Newport Centre.
>From Route 3 (Eastbound) - Follow Route 3 towards Lincoln Tunnel/NYC. Stay in the far right lane. Exit at the Weehawken/Hoboken Exit ramp. Go through first traffic light bear slightly right to proceed down the hill. At the botton of the hill bear right again proceeding on the Boulevard. Follow to the end and make a right onto 14th Street. Then make the first left onto Willow Ave. Proceed on Willow Avenue for approximately 1.5 miles. Continue to the end. Turn right onto Observer Highway. At the first light, Henderson Avenue, turn left. Stay on Henderson Avenue, under rail tracks, at first light, 18th Street, turn left. Continue on 18th Street which turns into Washington Boulevard. Stay in right lane and continue on into Newport Centre Mall Parking Garage.
>From George Washington Bridge - Follow the sign off the bridge for NJ Turnpike South. Take NJ Turnpike to Route 78 East, Exit 14-14C. Exit main Turnpike onto Route 78 East for 14C-Holland Tunnel. After the toll at 14C continue towards the Holland Tunnel. At the bottom of the ramp going to the Holland Tunnel Plaza, at first light, make right onto Jersey Avenue. Then immediately bear left up the ramp to Newport Centre Mall.
YOUR RSVP IS REQUESTED
NY/NJ METRO OWASP
More information about the OWASP-Philadelphia