[Owasp-rochester-announce] January Meeting Tomorrow

Michael Starks, CISSP owaspmaillist at michaelstarks.com
Sun Jan 21 22:28:39 EST 2007

Hello Everyone,

Our next meeting of the Rochester chapter of OWASP will be tomorrow at
6:00 PM.  As always, full details (including locations and direction)
can be found at the web site: http://www.owasp.org/index.php/Rochester

Ralf Durkee will be presenting on: Hands on Web Application Hacking with
the OWASP Web Goat.  Come see an actual demonstration of real hacking
techniques, and what the bad guys may be doing to your web site.
Details can be found  at the bottom of this e-mail.
Did you know that OWASP meeting attendance can be used towards  CISSP
CPE credits, and may also be valid for other certification continuing
education credits?
Do you know someone who would be interested in attending an OWASP
meeting?  Bring them along!  Meetings are always free.  Are you
interested in presenting on a web application security-related topic?
Let us know.  OWASP is driven by the community and we need your  help to
make it successful.

January Meeting Details

The January meeting will be postponed for a week this month, and is
scheduled for January 22.

Title:  Hands on Web Application Hacking with the OWASP Web Goat

Presenter: Ralph Durkee, CISSP, GSEC, GCIH, GSNA    Principal Security

Description: We'll explore and exploit web applications  vulnerabilities
using the OWASP Web Goat tool designed for training real-world web
application hacking techniques.   Group participation will be
encouraged.  All exploits will be done by a trained professional on an
off-the-net vulnerable application that you download from OWASP web
site so that you can "try this at home", but always with the appropriate
permission first, of course.

Bio: Ralph Durkee: Performing a wide variety of consulting and  training
projects including software development, systems and networking security
throughout his 25+ year career, Ralph is the president and founder of
Durkee Consulting, since 1996. His specialty focuses on Internet
security consulting and secure systems software development. He helped
write a major portion of the Web Application Security training  material
for the SANS LAMP (Linux Apache MySql PHP) course. Ralph is a recent
editor for the Center for Internet Security's Apache, Linux and DNS
BIND benchmark. Ralph is a seasoned security consultant and trainer and
holds GIAC certifications in GSEC since 2000 then GCIH since 2001 as
well as the GSNA and CISSP.

More information about the Owasp-rochester-announce mailing list