[Owasp-sanantonio] OWASP San Antonio: Meeting Jan 31

Dan Cornell dan at denimgroup.com
Wed Jan 23 13:04:44 EST 2008


Sorry that OWASP San Antonio has been quiet for a couple of months over
the holidays.  Things should be heating back up and we are now kicking
off what will hopefully be a great 2008.

Our first meeting will be Thursday Jan 31 at the San Antonio Tech Center
and the topic will be "Static Analysis Techniques for Testing
Application Security" 

More details are below.  I hope to see everyone there and please bring a




San Antonio OWASP Chapter: January 2008 Meeting
Topic: Static Analysis Techniques for Testing Application Security
Presenter: Dan Cornell
Date: January 31st, 11:30am - 1:00pm
San Antonio Technology Center (Web Room)
3463 Magic Drive
San Antonio, TX 78229

Static Analysis of software refers to examining source code and other
software artifacts without executing them.   This presentation looks at
how these techniques can be used to identify security defects in
applications.  Approaches examined will range from simple keyword search
methods used to identify calls to banned functions through more
sophisticated data flow analysis used to identify more complicated
issues such as injection flaws.  In addition, a demonstration will be
given of two freely-available static analysis tools: FindBugs for the
Java platform and FXCop for the .NET platform.  Finally, some approaches
will be presented on how organizations can start using static analysis
tools as part of their development and quality assurance processes.

Presenter Bio:
Dan Cornell has over ten years of experience architecting and developing
web-based software systems. He leads Denim Group's security research
team in investigating the application of secure coding and development
techniques to improve web-based software development methodologies.

Dan was the founding coordinator and chairman for the Java Users Group
of San Antonio (JUGSA) and is currently the San Antonio chapter leader
of the Open Web Application Security Project (OWASP). He is a recognized
expert in the area of web application security for
SearchSoftwareQuality.com and the primary author of Sprajax, OWASP's
open source tool for assessing the security of AJAX-enabled web

Sodas and snacks will be provided.  Feel free to bring a brown-bag

Please RSVP: E-mail owasprsvp at denimgroup.com  or call (210) 572-4400.

More information about the Owasp-sanantonio mailing list