[Owasp-salt_lake] OWASP Salt Lake next meeting is scheduled for Thursday January 5, 2017 in conjunction with UtahSec

Dmitry Dessiatnikov dd at securityaim.com
Mon Jan 2 23:52:22 UTC 2017

OWASP Salt Lake, Happy New Year!

Don't forget our meeting this week on Thursday 1/5/2017 at 6-8 PM in conjunction with UtahSec at the LDS Church Riverton location. We will hear first from ISACA followed by OWASP presentation that I will do on the topic of integration of security into the web application software development process and data exfiltration out of web applications. Hope to see you all there.

Details below:


Thursday January 5th, 2017


6 - 8 pm

Meeting location:

LDS Riverton Office Building

3740 W 13400 S

Riverton, UT 84065

(Inform security guard at the front desk that you are attending OWASP)


"ISACA is presenting first."

"Followed by OWASP: How to integrate security into Agile SDLC using OWASP Application Security Verification Standard and how data is exfiltrated out of your web applications "

By Dmitry Dessiatnikov of Security Aim


OWASP Top 10 awareness document debuted in 2003, but it only covers top 10 risks, what about #11? Now in 2017 meet OWASP Application Security Verification Standard (ASVS) v.3.0.1.

This is an introductory presentation about what OWASP ASVS is and how to use it to integrate security into the aspects of Agile software development process. Such activities as definition of security-focused user stories, both functional and non-functional requirements will be discussed. The presentation will cover how to inject security and privacy considerations into the early phases of the Agile software development process to address the risks of security bugs pushed to production during frequent releases.

As a bonus we will discuss a Same Origin Policy bypass that allows data exfultration that most applications are not protected from.


Dmitry Dessiatnikov

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-salt_lake/attachments/20170102/e97f050a/attachment.html>

More information about the Owasp-salt_lake mailing list