[Owasp-sanjose] Next OWASP Event on 9/6, Workshop and Panel Discussion

Brian Bertacini (OWASP) brian.bertacini at owasp.org
Fri Aug 24 13:28:11 EDT 2007

Greetings IT Professionals,


To commemorate Global Security Week the San Francisco and San Jose OWASP
chapters will host a joint event at eBay's Town Square Center on Thursday,
September 6.  As usual attendance is free and food and beverages will be


Agenda and Presentations:  

5:00pm - 5:30pm           Check-in and Reception (food and beverages)

5:30pm - 6:45pm           Malicious Code Injection Workshop

6:45pm - 6:55pm           Break

6:55pm - 8:10pm           Panel Discussion - Privacy, Security and Breaches,
Oh My!  

8:10pm - 8:30pm           Networking Session



eBay - Town Square B

2161 North First Street

San Jose, CA 95131

Map and Directions:  


Malicious Code Injection Workshop

SQL Injection, Cross-site Scripting (XSS) and other injection attacks
techniques have become pervasive on the web.  This hands-on workshop takes
an in-depth look at common methods used to exploit web applications.
Attendees will learn step-by-step techniques used by attackers allowing them
to better understand how web applications are exploited.  Each attack method
is followed up with a discussion about effective countermeasures to defend
against such attacks.  


This interactive workshop includes a victim web application that contains
built-in vulnerabilities.  Attendees can bring their own laptop computers
and participate in hands-on lab sessions.  The objective of this workshop is
to learn secure development practices used to harden the security of
applications.  Attendee participation is encouraged and door prizes will be
awarded at random.  


Workshop Instructor: 

Siva Ram, CISA

Senior Consultant, AppSec Consulting 


Panel Discussion: "Privacy, Security and Breaches, Oh My!"  

This panel discussion will review the current state of information privacy
and the security of web applications.  Security breaches are occurring at an
alarming rate and consumers are loosing faith.  What, if anything can be
done to restore confidence in e-commerce?


What can we learn from events at Card Systems are more recently Monster.com?
What can be done to ensure your company is not the next victim of a class
action and/or hackers and data thieves?  Join an all-star panel of
Information Privacy and Data Security professionals to better understand
what's at stake and how to stay out of the headlines.  


Moderator:         Alex Stamos, iSEC Partners 

Panelists:          Doran Rotman, KPMG (co-author, Generally Accepted
Privacy Principles)

                        David Pollino, Washington Mutual Bank

                        Robert Fly, Salesforce.com

                        Larry Pingree, Safeway (co-founder, Digital
Forensics Association)


Please RSVP at http://owaspday.eventbrite.com
<http://owaspday.eventbrite.com/>  or reply to this email.  Feel free to
invite like minded IT Security Professionals and help grow OWASP.      


Note:  To participate in the exercise bring an 802.11b/g equipped laptop
with IE or Firefox installed. No hostile code will be put on your laptop by
the instructors, but do have a firewall running to protect yourself. No
wired connection to the class network will be provided.


Thank you,

Brian Bertacini

San Jose OWASP Volunteer







-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-sanjose/attachments/20070824/6d212b51/attachment.html 

More information about the Owasp-sanjose mailing list