[Owasp-rochester-announce] OWASP Meeting Sept 18th 12 noon - 1:30pm
rd at rd1.net
Mon Aug 31 11:22:23 UTC 2015
Rochester OWASP Chapter meeting
*Date:* Sept 18th 12 noon - 1:30pm
*Location:* Univ of Rochester College Town – Building 3
* (2nd floor above Constantino’s Grocery)
* Parking is for 2 hours outside the grocery store
*Cost:* The meeting is free.
*To Register:* Please RSVP by Sept 10th to Ralph.Durkee @ OWASP.org.
There will be Pizza provide.
*Presentation: OWASP Application Security – Building and Breaking
Application Security continues to be the most challenging and demanding
area for securing our information. Even large organizations like Google
and Microsoft that are well funded and have a strong commitment to
security, have difficulty developing secure software. Too often, when a
vulnerability is found and a software patch is provided, the initial
patch is soon found to be lacking and is still vulnerable. The initial
patch for the recent Android StageFright vulnerability is a prime
example. So yes, writing secure software is a serious challenge, but it
can be done. Knowing how to build secure software and how to break
insecure software can be both fun and profitable. There is and will
continue to be a growing demand for developers and application
penetration testers that “get it”. We'll discuss specific examples from
the OWASP Top 10 and the OWASP secure coding principles about how things
can go very wrong, and what we can do to keep the bad guys out.
* OWASP Top 10 -
* OWASP Secure Coding Principles -
Come join your friends and bring your colleagues for a great
presentation, food, good drink, and fun conversation.
*Speaker:* Ralph Durkee
Ralph Durkee is the principal security consultant and owner of Durkee
Consulting, Inc since 1996. Ralph started the OWASP Rochester, NY
chapter in 2004 and served as founding officer and president for the
Rochester ISSA chapter and the annual Rochester Security Summit. He
routinely performs network and application penetration tests, software
security assessments and secure software development consultations for
clients. His expertise in penetration testing, incident handling, secure
software development and secure Internet and web applications is based
on over 30 years of hands-on technical experience. He has developed and
taught a wide variety of professional security seminars including custom
web application security training, and SANS SEC401 & SEC504 - Hacker
Techniques and Incident Handling and CISSP bootcamp courses since 2004.
Ralph also regularly consults on the development and implementation of a
wide variety of security standards such as web application security,
database encryption, Windows, and Linux security. Ralph also has done
security consulting for compliance with the Payment Card Industry Data
Security Standard, and holds the following certifications CISSP, C|EH,
CRISC, GSEC, GCIH, GSNA, GCIA, and GPEN.
OWASP chapter meetings are free and open to anyone interested in
application security. We encourage members to give presentations on
specific topics and to contribute to the local chapter by sharing their
knowledge with others.
-- Ralph Durkee, CISSP, C|EH, GSEC, GCIH, GSNA, GCIA, GPEN
Principal Security Consultant
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-rochester-announce