[Owasp-sanfran] Next Tuesday - OWASP Chapter Meeting- San Francisco and San Jose Chapters

Anastasia Stamos anastasia at isecpartners.com
Thu Mar 1 13:08:23 EST 2007


** Please note that this meeting starts later to accommodate our San
Jose chapter members. Don't forget to rsvp to anastasia at isecpartners.com
**


WHAT: San Francisco and San Jose OWASP Chapter Meeting 

WHEN: Tuesday, March 6, 2007

6:30-7:00   Social (Food and Drinks) and Chapter Announcements

7:00-8:30   Presentation and Q and A- Dinis Cruz (Chief OWASP
Evangelist)

WHERE: iSEC Partners offices located @ 115 Sansome Street Suite 1005
(10th Floor), San Francisco, CA (http://www.isecpartners.com ). We
recommend arriving by public transit as parking is extremely limited.



-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-


- OWASP, the Open Web Application Security Project 

The Open Web Application Security Project (OWASP) is an open community
dedicated to enabling organizations to develop, purchase, and maintain
applications that can be trusted. All of the OWASP tools, documents,
blogs, and chapters are free and open to anyone interested in improving
application security. In this presentation Dinis will show the latest
guides and tools from OWASP which should be part of every company's
security efforts. 

 

   - Buffer Overflows on .Net and Asp.Net 

One of the common myths about the .Net Framework is that it is immune to
Buffer Overflows.  Although this might be correct in pure managed and
verifiable .Net code, large percentage of .Net and Asp.Net applications
code is unmanaged code.  In this talk Dinis will show the areas in .Net
and Asp.Net applications that are vulnerable to Buffer Overflows
(including the demo of a .Net Buffer Overflow Fuzzer).

 

   - Owning Vista's userland - The CAS / UAC missed opportunity, and
what I think MS should had done

In this presentation Dinis will explore the missed opportunity by
Microsoft to use technologies like .Net's CAS (Code Access Security) and
Vista's UAC (User Access Control) to create secure and trustworthy
userland environments that protect the user's assets. In the hope that
might make a small difference, ideas and solutions for the future will
also be presented.





 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.owasp.org/pipermail/owasp-sanfran/attachments/20070301/f4e88086/attachment-0001.html 


More information about the Owasp-sanfran mailing list