Bay Area

Local News
Bay Area

Date and Location
OWASP Meeting Monday, June 22nd * 5:30 pm San Francisco Federal Reserve Bank Office

OWASP Bay Area will host its next meeting at the Federal Reserve Bank of San Francisco on Monday, June 22nd. As usual attendance is free and food and beverages will be provided. This will be an awesome event and a great opportunity to network with industry peers. The event is open to the public; please forward this invite to your colleagues and friends who are interested in computer and application security.

 Please note, because of high security measures at the Federal Reserve Bank, pre-registration is REQUIRED, so you can be issued a badge before entering the meeting.

http://www.eventbrite.com/event/355543440

Agenda
5:30 PM - 6:15 PM ... Check-in and networking 6:15 PM - 7:15 PM ... Analyzing Web Malware by Jeremy Brotherton 7:15 PM - 7:30 PM ... Break 7:30 PM - 8:30 PM ... Mobile Device Security by Dave Maynor

Speakers
Jeremy Brotherton Jeremy graduated from Iowa State University in 2006 with a Bachelor’s degree in Computer Engineering with an emphasis in Information Assurance. Currently, he is pursuing a Master’s degree in Computer Science at Stanford specializing in Computer and Network Security. Research interests include web-based malware and exploits, Intrusion Detection Systems and Forensics.

Presentation - Analyzing Web Malware In its "State of Internet Security Q3/Q4 2008", Websense reported that 70% of the top 100 websites either hosted malicious content or contained a masked redirect to compromised websites. Most recently, gumblar.cn successfully injected redirects into upwards of 3,000 websites. Analyzing web-based malicious content can be time-consuming and complex. This presentation will describe several common Javascript obfuscation techniques and how to use open-source tools to reveal the exploits hidden behind them. Additionally, this presentation will describe the techniques used within the malicious Flash file which was being hosted by gumblar.cn.

Dave Maynor Mr. Maynor has a strong background in application security, reverse engineering and exploit development. Before joining Accuvant, Dave cofounded Errata Security - a think tank organization that specializes in rapid application development and security research. Prior to Errata, Dave was the Senior Researcher for Secureworks and a research engineer with the ISS X-Force R&D team. A well recognized personality in the information security world, Dave is a popular author and has been featured in multiple publications over the last several years including Fox News, CNN, the Associated Press, Security Focus and a multitude of other information security news sources. Dave has been both a primary and contributing author to several industry leading security books including: Metasploit Toolkit for Penetration Testing, Exploit Development, and Vulnerability Research, Syngress Force Emerging Threat Analysis: From Mischief to Malicious, and War Driving and Wireless Penetration Testing.

Presentation - Mobile Device Security This presentation will detail auditing and development techniques for exploits that target mobile phones with a heavy emphasis on threats that come from the web. Windows mobile and Google Android devices that will target the auditing and exploit discovery.

RSVP
REGISTER EARLY AS SEATING IS LIMITED

http://www.eventbrite.com/event/355543440

=Bay Area Past Events= Bay Area Past Events

Bay Area OWASP Chapter Leaders

 * [mailto:brian@appsecconsulting.com Brian Bertacini]
 * Garrett Gee
 * [mailto:mandeep@cenzic.com Mandeep Khera]
 * [mailto:robipapp@yahoo.com Robi Papp]