Columbus

Columbus

Local News
– REMINDER – Next chapter meeting - 9/16/2008; details below We are still seeking one or two more board members and to get the local community involved by publicizing the chapter. We are currently planning activities for the remainder of 2008; at least one chapter meeting per quarter - more if interest warrants.

To submit educational topics for upcoming meetings, please submit your powerpoint using the OWASP Template and include a speaker BIO. Any inquiries regarding chapter or meeting sponsors can be directed to [mailto:owasp(at)hayesdf.com Chris Hayes]. Please begin the subject header with: [OWASP COLUMBUS].

Thank you!

September (Q3) 2008 Meeting
When: September 16th, 2008, 11:00 AM - 1:00 PM, Doors open at 10:30 AM; ** Refreshments Provided **

Where: Conference Room G, 215 N. Front St, Columbus, OH 43215 (corner of N. Front and W. Spring). http://maps.google.com/maps?f=q&hl=en&geocode=&q=215+N.+Front+Street,+Columbus,+OH&sll=37.0625,-95.677068&sspn=58.731174,113.203125&ie=UTF8&layer=x&ll=39.96903,-83.005207&spn=0.007038,0.013819&z=16

RSVP: Send email to owasp@hayesdf.com. This is highly recommended for security and logistical purposes. Those that RSVP will receive a calendar/meeting invite from owaspcmh@gmail.com. Virtual meeting details will be provided to those who RSVP and declare they will not be able to attend in person.

Parking: Recommend parking at the Front St. Garage; (about 120 yards from 215 N. Front St.) Signs will be posted at 215 N. Front St.

General Session Topic: Centralized Security Functionality In a .NET World – The OWASP .NET ESAPI Project

Who: Alex Smolen, Consultant, Foundstone Professional Services

The Enterprise Security Application Programming Interface, or ESAPI, is a one-stop security shop for developers looking to implement security mechanisms in their code. The OWASP .NET ESAPI project intends to help .NET developers avoid introducing security vulnerabilities into their code by providing a full port of the original ESAPI project from Java to C#.

This talk will explore the gains, gripes, and gotchas of converting the ESAPI to .NET from the .NET ESAPI project lead himself. It will discuss features of the .NET frameworks security model, key differences between the Java and .NET platforms, and ASP.NET web security issues. Additionally, future ideas for .NET specific functionality will be proposed and discussed. Participation and feedback from the attendees is expected and encouraged.

Foundstone® Professional Services, a division of McAfee. Inc., offers expert services and education to help organizations continuously and  measurably protect their most important assets from the most critical threats. Through a strategic approach to security, Foundstone identifies and implements the right balance of technology, people, and process to manage digital risk and  leverage security investments more effectively. The company’s professional services team consists of recognized security experts and authors with broad  security experience with multinational corporations, the public sector, and the  US military.