[Owasp-sanfran] Chapter Meeting - January 25, 2007

Anastasia Stamos anastasia at isecpartners.com
Tue Jan 16 15:08:04 EST 2007


!!!PLEASE RSVP TO Anastasia Stamos at anastasia at isecpartners.com AS THERE IS LIMITED SPACE!!! 

On January 25th, 2007 we will hold our second formal meeting and first social mixer. Time and coordinates for the meeting are below. 

WHAT: San Francisco OWASP Chapter Meeting and Mixer

WHEN: Thursday, January 25th, 2007 
       
	 6:00-6:30   Social (Food and Drinks) and Chapter Announcements

       6:30-8:00   "XML Digital Signature and Encryption: Use and Abuse" 			 Brad Hill, iSEC Partners

       8:00-8:30   Q and A and Social Continued...

WHERE: iSEC Partners offices located @ 115 Sansome Street Suite 1005 (10th Floor), San Francisco, CA (http://www.isecpartners.com)
We recommend arriving by public transit as parking is extremely limited.

WHY: To network, socialize and learn more about Web Application Security 

WHO: Brian Christian, Chapter President, will give chapter details and Brad Hill of iSEC Partners will deliver the presentation "XML Digital Signature and Encryption: Use and Abuse".


-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- 

"XML Digital Signature and Encryption: Use and Abuse"
Abstract:
The WS-Security set of standards is on the threshold of ubiquitous deployment and XML applications have already taken over the world.  This presentation looks at two underlying technologies, XML Digital Signature (XMLDSIG) and XML Encryption (XMLENC), their place in the Web Services stack and their applicability to non-SOAP XML applications.   Beginning with a basic overview of the standards, we will uncover some surprising caveats and risks in the use of these technologies.

Security Consultant - Brad Hill

Brad Hill is a Security Consultant with iSEC Partners.  Brad Hill brings
to iSEC a decade-plus background working with Internet technologies,
including serving as the lead developer of Web applications and
frameworks for one of the premier private label recordkeeping and
management companies in the financial services industry, where his
responsibilities also included security training, policy development and
compliance.  With iSEC he has performed penetration testing and design
review for a wide spectrum of products and technologies, most recently
participating in the Final Security Review of Microsoft Windows Vista.
Brad achieved the Certified Information Systems Security Professional
(CISSP) credential in 2004.



More information about the Owasp-sanfran mailing list