[OWASP-Raleigh, NC] February 17th OWASP NC Meeting

Michael Menefee mmenefee at gmail.com
Tue Feb 17 22:08:37 EST 2009


Thanks for all who attended our first meeting, and for the input and 
participation on what we would like to focus on/issues that need 
addressing within our local chapter.

Some of the issues that were brought up tonight that we would like to 
discuss more (please respond If I left anything out) were:

    * Web Application Firewalls (WAFs)
    * ColdFusion Code Security (a fairly absent topic within OWASP
    * Mobile Browser Code (also a fairly absent topic within OWASP)
    * Browser-based security vs Web Server/code-based security
    * Flash & Other "java" like components which transcend the
      browser-security models
    * Document Object Model (DOM) Security
    * 'Thick' HTML clients, which utilize HTTP as a transport mechanism
      (such as Adobe AIR)

As a review, we covered the current OWASP Top 10 tonight. We are also 
joined up with the Raleigh ISSA Chapter to speak on the CWE Top 25 Most 
Dangerous Programming Errors (part 1 to occur on March 5th, I will send 
a more detailed invitation request). The standard cost for non-ISSA 
members is $10/person, but let me know if you would like to attend and I 
will see about sponsoring your attendance. part 2 will occur on the 
first Thurs of April (more info to follow).

As mentioned during tonight's meeting, please use our local mailing list 
to exchange ideas, ask questions/whatever. To send a message simply send 
an email to owasp-raleigh at lists.owasp.org and your email will be 
distributed to all members.

Again, thanks to all who attended, please let me know what you would 
like to see out of this chapter and lets get some more of our peers 

Thanks again to CFCU for hosting tonight's meeting, and a special thanks 
to Brian Nichols for coming all the way from Charlotte to attend tonight!

Michael S. Menefee
North Carolina OWASP Chapter Leader

More information about the Owasp-raleigh mailing list