[Owasp-sanfran] SV-OWASP Meeting this Thursday, April 12

Anastasia Stamos anastasia at isecpartners.com
Mon Apr 9 18:08:29 EDT 2007

Hello All,


The next SV-OWASP Meeting will be Thursday, April 12, at Ariba from
6:00pm - 8:30pm.  


Agenda and Presentations:  

6:00pm - 6:30pm           Check-in and reception (food & bev)

6:30pm - 6:40pm           Chapter announcements

6:40pm - 7:40pm           Past, Present and Future of Web Application
Security in PCI

7:40pm - 8:10pm           Top Web Application Vulnerabilities, Exploits
and Countermeasures  

8:10pm - 8:30pm           Open discussion & Networking

Past, Present and Future of Web Application Security in PCI
Presented by: Bernie Weidel - PCI Product Manager, Qualys

Abstract: This presentation will start off with a holistic view of
Ecommerce Data Security in contrast to the overall scope of Fraud in the
Financial Services Industry, thereby giving insights as to why the PCI
DSS was created by the Credit Card Brands and developed into its current
form. Next, we will explore the current state of Web Application
Security in the PCI DSS v1.1 and attempt to bring clarity to some of the
more confusing items. We will also outline the structure of the PCI DSS
Council; reviewing its key concepts and requirements. Lastly, we will
outline methods you can use to proactively get involved in shaping
future versions of the PCI DSS.

Bio: Bernie Weidel, Product Manager for QualysGuard PCI is responsible
for evaluating customer/partner requirements, integrating them into the
product, and driving PCI to market. Bernie has been developing methods
to achieve and evidence compliance since 2000, when he designed a HIPAA
compliance program for Scarborough Insurance Agency. Prior to joining
Qualys, Bernie was an Infrastructure Security Project Manager at Adobe
Systems where he implemented, managed and streamlined SOX and PCI
compliance programs. He was also responsible for various aspects of
security such as Web Application Security, Database Security, PDA
Security and Vulnerability Management. Before Adobe, Bernie worked for
Symbol Wireless Technologies as a Wireless Systems Analyst; designing,
installing and troubleshooting/fine tuning Enterprise Wireless Networks.

Top Web Application Vulnerabilities, Exploits and Countermeasures
Presented by: Josh Daymont - Sr. Security Consultant, Fortify

Abstract: This presentation will take a look at Web Application Security
from the Front lines to the back offices of systems development. First,
a look at the top vulnerabilities and how are they exploited. Then look
beyond the front lines and explore countermeasures that can be
implemented during the development process to protect applications and
sensitive data after deployment.



807 11th Avenue
Sunnyvale, Ca 94089

Open to the public, attendance is free



Complementary food and beverages will be provided and parking is FREE.
I look forward to seeing you at this event.  Please RSVP by email
frank at appsecconsulting.com or call Frank Sandolo at (917) 270-5570.
Special thanks to Ariba for hosting this meeting.  


Thank you,



Brian Bertacini

OWASP Volunteer Coordinator


To remove yourself from this mailing list please reply with "remove" in
the subject line



-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.owasp.org/pipermail/owasp-sanfran/attachments/20070409/f7368da2/attachment-0001.html 

More information about the Owasp-sanfran mailing list