[Owasp-sanfran] OWASP Meeting - March 18th @ 6PM (The Gap, 2 Folsom St.)
OWASP - San Francisco Chapter
owasp-sanfran at lists.owasp.org
Wed Feb 25 17:02:48 EST 2009
It's been a while since we had a meeting, but I've been extremely busy working with my customers, getting married, finishing my degree, etc. It's time for an OWASP event in San Francisco and The Gap has been enough to host our next event:
REGISTER EARLY AS SEATING IS LIMITED
Please RSVP at http://bayareaowasp.eventbrite.com
Date and Location
March 18th @ 6PM - Gap Inc
Conference Center C
2 Folsom Street,
San Francisco , CA 94105
OWASP Bay Area will host its next meeting at Gap Inc in San
Francisco on Wednesday, March 18th. As usual attendance is free and
food and beverages will be provided. This will be an awesome event and
a great opportunity to network with industry peers. The event is open
to the public; please forward this invite to your colleagues and
friends who are interested in computer and application security.
Special thanks to Gap Inc for hosting this event.
5:45 PM - 6:15 PM ... Check-in and registration
6:15 PM - 7:15 PM ... Back to the Future - Phishing and Malware by Brendan O’Conner, Saleforce.com
7:15 PM - 7:30 PM ... Break
7:30 PM - 8:30 PM ... Testing Methodologies: White-box, Gray-Box, Black-box or Something Else by Kirk Greene, Accuvant
Back to the Future - Phishing and Malware by Brendan O’Conner, Saleforce.com
Abstract: The more things change, the more they stay the same.
We'll take a trip back in time to look at the phishing and anti-malware
solutions of the past. Why did they fail? With companies investing
hundreds of thousands of dollars or more in these solutions, what does
the future of this space look like and what tricks can you apply to
stay one step ahead?
Bio: Brendan O'Connor is originally from the Midwest ,
currently residing in the Bay Area as a security engineer . He worked
in security for a communications company for four years before
switching to the financial sector in 2004 and onto Software as a
Service in 2008. Brendan currently works on the Product Security team
at Salesforce.com, where his duties include vulnerability research,
security architecture, and application security.
Testing Methodologies: White-box, Gray-Box, Black-box or Something Else by Kirk Greene, Accuvant
Abstract: In this presentation we will discuss the different
testing methodologies used when assessing the security of both binary
applications as well as web-based applications. We will focus on the
differences and advantages as they relate to black-box testing,
white-box testing, gray-box testing, reverse engineering, and fuzzing.
Unfortunately there is no one testing methodology that provides the
best balance of time and accuracy for every application, in this talk
we will provide metrics for helping decide what methodology should be
used for what types of applications.
Bio: Kirk has been providing security consulting services for
over a decade. Through that time Kirk has served clients in a variety
of industries including federal and local government, healthcare,
financial services, telecommunications, e-Commerce, fuel and natural
gases, manufacturing, application service providers, gaming, Internet
start-ups, and Internet service providers. In his tenure with Accuvant,
Kirk has performed a variety of consulting and managerial
responsibilities from developing and performing financial institution
regulation audits to managing performing enterprise assessments for
multi-national corporations. Kirk is a Certified Information Systems
Security Professional (CISSP), ISS Certified Engineer, PCI Qualified
Data Security Professional (QDSP), Qualified Payment Application
Security Professional (QPASP).
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-sanfran