[Owasp-rochester-announce] January Meeting March 22

Ralf Durkee rd at rd1.net
Mon Jan 15 13:43:29 EST 2007

Hello Everyone,

Our next meeting of the Rochester chapter of OWASP will be on Monday,
January 22, 2007 at 6:00 PM (note that this is the fourth Monday of the
month, instead of the normal third Monday).  Ralf Durkee will be
presenting on: Hands on Web Application Hacking with the OWASP Web Goat.
  Come see an actual demonstration of real hacking techniques, and what
the bad guys may be doing to your web site.  Details can be found at the
bottom of this e-mail.
Did you know that OWASP meeting attendance can be used towards CISSP CPE
credits, and may also be valid for other certification continuing
education credits?
Do you know someone who would be interested in attending an OWASP
meeting?  Bring them along!  Meetings are always free.  Are you
interested in presenting on a web application security-related topic?
Let us know.  OWASP is driven by the community and we need your help to
make it successful.

January Meeting Details

The January meeting will be postponed for a week this month, and is
scheduled for January 22.

Title:  Hands on Web Application Hacking with the OWASP Web Goat

Presenter: Ralph Durkee, CISSP, GSEC, GCIH, GSNA    Principal Security

Description: We'll explore and exploit web applications vulnerabilities
using the OWASP Web Goat tool designed for training real-world web
application hacking techniques.   Group participation will be
encouraged.  All exploits will be done by a trained professional on an
off-the-net vulnerable application that you download from OWASP web site
so that you can "try this at home", but always with the appropriate
permission first, of course.

Bio:  Ralph Durkee: Performing a wide variety of consulting and training
projects including software development, systems and networking security
throughout his 25+ year career, Ralph is the president and founder of
Durkee Consulting, since 1996. His specialty focuses on Internet
security consulting and secure systems software development. He helped
write a major portion of the Web Application Security training material
for the SANS LAMP (Linux Apache MySql PHP) course. Ralph is a recent
editor for the Center for Internet Security's Apache, Linux and DNS BIND
benchmark. Ralph is a seasoned security consultant and trainer and holds
GIAC certifications in GSEC since 2000 then GCIH since 2001 as well as
the GSNA and CISSP.

More information about the Owasp-rochester-announce mailing list