Denver

From OWASP

1 Welcome to the OWASP Denver Local Chapter
2 Participation
3 Special Event! Front Range OWASP Conference, 10 June 2008!
4 Next Meeting
5 Future Meetings
6 Past Meetings
7 Chapter Planning Pages

Welcome to the OWASP Denver Local Chapter

Welcome to the local Denver chapter homepage. Chapter leaders are Eric Duprey and David Campbell.

Participation

OWASP chapter meetings are free and open to anyone interested in application security. We encourage members to give presentations on specific topics and to contribute to the local chapter by sharing their knowledge with others. Prior to participating with OWASP please review the Chapter Rules.

To join the chapter mailing list, please visit our mailing list homepage. The list is used to discuss the meetings and to arrange meeting locations. You can also review the email archives to see what folks have been talking about. Please check the mailing list before coming to a meeting to confirm the location and time and to catch any last minute notes.

Special Event! Front Range OWASP Conference, 10 June 2008!

The Denver OWASP Chapter, in conjunction with the Boulder OWASP Chapter, is proud to present the FROC this June. We have an assortment of top notch speakers but have managed to keep this a *free conference*! Please register now at the FROC website

Next Meeting

The next meeting of the DENVER OWASP chapter will be held Wednesday 21 May 2008 at Raytheon Polar Services, 7400 S. Tucson Way, Centennial, CO 80112. [gMaps Link]

Topic: Cross Site Scripting, Exploits and Defenses

Agenda:

6-6:30 Dinner (at RPSC; provided by Fishnet Security.

6:30 - 6:40 Chapter business

6:40 - 8:00 Presentation and Q&A

Following the meeting we will have informal discussions over beverages at a local pub TBD.

Speakers

Chapter leaders David Campbell and Eric Duprey will be presenting on the emerging threat of cross site scripting (XSS) vulnerabilities.

For a long time, the impact of XSS vulnerabilities has been grossly underestimated. Recent compromises, such as the pro-Hillary defacement of Barack Obama's website demonstrated the impact of XSS vulnerabilities to the masses.

During this presentation, we will demonstrate exactly how effective XSS vulns can be, and show you what you can do to protect yourself and your sites. We intend to make this presentation interactive, so bring a laptop and be prepared to join in the fun.

David Campbell is an infosec veteran, with experience ranging from penetration testing for Fortune 100's to architecting security solutions for large multinational financials to consulting for government agencies. DC is presently head of security engineering for Raytheon Polar Services, and is also on the board of directors of Psiframe Inc., a San Francisco based security consultancy.

Eric Duprey is a Senior Security Engineer for Dish Network Corporation.