New Jersey

To submit educational topic for a future meeting please provide a short paragraph of the talk or powerpoint and speaker BIO and email [mailto:jinxpuppy(at)gmail.com Submit Talk] or call 973-202-0122 if you wish to host a meeting or become a chapter sponsor.

= NY/NJ OWASP Chapter Leaders =  
 * President: [mailto:jinxpuppy(at)gmail.com Tom Brennan]
 * Vice President: [mailto:peter.perfetti(at)abnamro.com Pete Perfetti]
 * Treasurer: [mailto:BrianPei(at)yahoo.com Brian Peister]
 * Membership Chair: [mailto:santoniewicz(at)net2s.com Steve Antoniewicz]
 * PR Chair: [mailto:pster100(at)gmail.com Peter Stern]
 * Communications: [mailto:KReiter(at)insidefsi.net Kevin Reiter]
 * Project Chair: [mailto:Tom.ryan(at)providesecurity.com Tom Ryan]
 * Board Member/Projects: [mailto:oe2(at)njit.edu Osama Eljabiri]
 * Board Member/Programs: [mailto:mdontamsetti(at)gmail.com Mahi Dontamsetti]
 * Board Member: [mailto:stanguzik(at)yahoo.com Stan Guzik]

=2007 MEETINGS=

APRIL 17th 6pm-9pm EST
WHERE

RSVP REQUESTED

UBS - 499 Washington Ave, Jersey City, NJ DIRECTIONS

April Event Sponsors: White Hat Security, AccessIT Group, UBS, Xceedium, eEye Digital Security, AirTight Networks

AGENDA

 6:00pm - 7:00pm Speaker: Marc Maiffret, Founder/CTO & Chief Hacking Officer eEye Digital Security As eEye Digital Security’s Co-Founder/CTO and Chief Hacking Officer, Marc Maiffret has been a driving force in the vision and continuous innovation for eEye’s product development and vulnerability research efforts since the company’s inception in 1998. Long regarded as a security expert and thought leader in vulnerability assessment and endpoint security, Marc Maiffret also leads the efforts of eEye’s world renowned Research Team. In addition, Mr. Maiffret speaks regularly on the state of security across the globe, including several appearances before Congress, where he has testified on information policies and security threats posed to both public and private infrastructures. Mr. Maiffret’s role in vulnerability research, education and product innovation has been reflected in the numerous awards and distinguishments that eEye Digital Security continuously receives.

Abstract: “It’s More Than a Microsoft World.” While Microsoft has long been the primary target for criminals looking to exploit system vulnerabilities, now other applications such as Systems Management, QuickTime, iTunes and even security applications from companies like Symantec and McAfee are being used as a means of entry into the network. eEye's research team has identified these exploits as part of a growing trend of attacks that target consumer-oriented applications rather than the operating system itself, as well as bypass network-level security technologies traditionally used by organizations, including IDS gateways or gateway-based anti-virus systems. Now, applications like QuickTime or iTunes can represent a threat to the network's integrity. The reason is simple - Since Microsoft has been the dominant OS with the largest installed base, hackers naturally targeted it. However, as Microsoft has steadily improved its approach to security, criminals are looking to other "low hanging fruit." And they've had 5 whole years to practice against Microsoft, which means many applications are more vulnerable than ever. As an additional bonus Maiffret will demonstrate that although Microsoft has progressed in security they are not perfect. To help illustrate this fact Maiffret will be demonstrating live hacking a Windows Vista system with Office 2007.

--

 7:00 - 8:00pm Speaker Tom Brennan - NY/NJ OWASP Metro President/AccessIT Group Risk Practice Manager - AccessIT. Tom Brennan specializes in providing business risk assessments and penetration testing of critical IT infrastructures. His technical focus includes web application, VOIP and Wireless. Tom’s assessment methodology is based on the National Security Agency INFOSEC Assessment Methodology and the Open Source Security Testing Methodology Manual (OSSTMM). Tom is has been featured on NYC Channel 5, Channel 7 as a subject matter security expert

Abstract: OWASP Version 2 Testing Guide This talk will discuss the co-authored release of the new OWASP Testing Guide. The open-source (free) goal was to create a "best practices" penetration testing framework which users can implement in their own organizations and a "low level" penetration testing guide that describes how to find certain issues. Tom will also discuss the OWASP chapter goals for 2007 and results of the 2007 member survey.

--

 8:00pm - 9:00pm Speaker Jeremiah Grossman, Founder/CTO - White Hat Mr. Grossman founded WhiteHat Security in 2001. Prior to WhiteHat, Mr. Grossman was an information security officer at Yahoo! responsible for performing security reviews on the company's hundreds of web applications. As one of the world's busiest web properties, with over 17,000 web servers for customer access and 600 web applications, the highest level of security was required. Before Yahoo!, Mr. Grossman worked for Amgen, Inc.

Abstract: “HACKING INTRANET WEBSITES FROM THE OUTSIDE”  This hour-long presentation will feature Jeremiah Grossman, WhiteHat Security Founder and CTO. Mr. Grossman will demonstrate: How a user is first infected or attacked using a malicious Web page or Cross-Site Scripting vulnerability; How a Web browser can be completely controlled or monitored remotely. How a Web browser can be used as a stepping stone to perform network reconnaissance on internal networks; and, How to exploit internal machines using a compromised Web browser

--

RSVP REQUESTED

After the event you are invited to walk several doors down to Dorrians Tavern where we will continue networking with your industry peers over a pint. "Cheers"

DIRECTIONS RSVP REQUESTED

For Mass transit, the Pavonia Ave Path stop is across the street and the Pavonia / Newport Mall Light Rail is behind the building.

Driving Directions to Newport

From Holland Tunnel - At the first light out of the Tunnel, make a right (by the Gas Station). At the next light, make a right onto 18th Street. 18th Street will turn into Washington Boulevard. At the fourth light, make a right onto 6th Street. Take the next right onto Mall Drive East. Open parking lot is straight ahead.

From Lincoln Tunnel - Upon exiting the Tunnel, immediately get into the far right lane. Follow the Hoboken exit sign and ramp. At the first light, the street becomes Willow Avenue. Continue straight through the light. Proceed on Willow Avenue for approximately 1.5 miles. Continue to the end. Turn right onto Observer Highway. At the first light, Henderson Avenue, turn left. Stay on Henderson Avenue, under rail tracks, at first light, 18th Street, turn left. Continue on 18th Street which turns into Washington Boulevard.

From New Jersey Turnpike - Take the NJ Turnpike to exit 14C, the Holland Tunnel. After the toll, continue toward the Holland Tunnel. At the bottom of the ramp, turn right onto Jersey Avenue. Then immediately bear left up Newport Centre Mall ramp. Follow signs to the Parking Garage.

From Garden State Parkway North - Exit at Route 22 Eastbound Exit 140. Stay on Route 22 East until Route 1&9 North onto the Pulaski Skyway. At the bottom of ramp, coming off Skyway going to the Holland Tunnel turn right. Immediately bear left up the ramp to Newport Centre Mall.

From Garden State Parkway South - Exit at Parkway at Exit 145 onto Route 280 East. Stay on Route 280 until it ends. Then take Route 508 towards Jersey City. Route 508 joins Route 7, then after crossing bridges at the first traffic circle follow Route 1&9 North to Holland Tunnel. At the bottom of the ramp, turn right onto Jersey Avenue. Then bear to your left up the ramp to Newport Centre.

From Route 3 (Eastbound) - Follow Route 3 towards Lincoln Tunnel/NYC. Stay in the far right lane. Exit at the Weehawken/Hoboken Exit ramp. Go through first traffic light bear slightly right to proceed down the hill. At the botton of the hill bear right again proceeding on the Boulevard. Follow to the end and make a right onto 14th Street. Then make the first left onto Willow Ave. Proceed on Willow Avenue for approximately 1.5 miles. Continue to the end. Turn right onto Observer Highway. At the first light, Henderson Avenue, turn left. Stay on Henderson Avenue, under rail tracks, at first light, 18th Street, turn left. Continue on 18th Street which turns into Washington Boulevard. Stay in right lane and continue on into Newport Centre Mall Parking Garage.

From George Washington Bridge - Follow the sign off the bridge for NJ Turnpike South. Take NJ Turnpike to Route 78 East, Exit 14-14C. Exit main Turnpike onto Route 78 East for 14C-Holland Tunnel. After the toll at 14C continue towards the Holland Tunnel. At the bottom of the ramp going to the Holland Tunnel Plaza, at first light, make right onto Jersey Avenue. Then immediately bear left up the ramp to Newport Centre Mall.

JUNE
WHERE TBD DIRECTIONS - RSVP

TOPICS

Topic: TBD - Speaker TBD - [mailto:jinxpuppy(at)gmail.com SUBMIT TALK OUTLINE + SPEAKER BIO]

Topic: TBD - Speaker TBD - [mailto:jinxpuppy(at)gmail.com SUBMIT TALK OUTLINE + SPEAKER BIO]

Topic: TBD - Speaker TBD - [mailto:jinxpuppy(at)gmail.com SUBMIT TALK OUTLINE + SPEAKER BIO]

SEPTEMBER
WHERE TBD DIRECTIONS - RSVP

TOPICS

Topic: TBD - Speaker TBD - [mailto:jinxpuppy(at)gmail.com SUBMIT TALK OUTLINE + SPEAKER BIO]

Topic: TBD - Speaker TBD - [mailto:jinxpuppy(at)gmail.com SUBMIT TALK OUTLINE + SPEAKER BIO]

Topic: TBD - Speaker TBD - [mailto:jinxpuppy(at)gmail.com SUBMIT TALK OUTLINE + SPEAKER BIO]

NOVEMBER
WHERE TBD DIRECTIONS - RSVP

TOPICS

Topic: TBD - Speaker TBD - [mailto:jinxpuppy(at)gmail.com SUBMIT TALK OUTLINE + SPEAKER BIO]

Topic: TBD - Speaker TBD - [mailto:jinxpuppy(at)gmail.com SUBMIT TALK OUTLINE + SPEAKER BIO]

Topic: TBD - Speaker TBD - [mailto:jinxpuppy(at)gmail.com SUBMIT TALK OUTLINE + SPEAKER BIO]

The chapter mailing address is: NY/NJ Metro OWASP 759 Bloomfield Ave #172 West Caldwell, New Jersey 07006 General: 973-202-0122 eMail: [mailto:jinxpuppy@gmail.com General]