Bay Area

NEXT EVENT:

January, 24th @ 6PM - PG&E Building

OWASP Bay Area will host its next meeting at the Pacific Gas & Electric on Thursday, January 24. As usual attendance is free and food and beverages will be provided. This will be an awesome event and a great opportunity to network with industry peers. The event is open to the public; please forward this invite to your colleagues and friends who are interested in computer and application security.

Agenda and Presentations:

6:00pm - 6:30pm ... Check-in and Holiday Reception (food & beverages)

6:30pm - 7:15pm ... Flash® Security – Peleus Uhley, Adobe Systems

7:15pm - 8:00pm ... Application Security and PCI Compliance – Jim Cowing, Digital Resource Group

8:00pm - 8:30pm ... Networking Session

Venue: Pacific Gas & Electric 245 Market Street San Francisco, CA 94105

Flash Security

Presented by: Peleus Uhley, Adobe Systems

Abstract: Adobe Flash Player is deployed on over 90% of all computer systems and is utilized by millions of websites. This talk will discuss the Flash Player security model, common Flash mistakes and tools for securing Flash content.

Bio: Peleus Uhley is a senior security researcher within the Secure Software Engineering team at Adobe. His primary focus is assisting with Adobe platform technologies, including Flash Player and Adobe AIR. Prior to working with Adobe, Peleus gained his security experience by working as a security consultant for @stake and Symantec, and as a developer for Anonymizer, Inc.

Presented by: James Cowing, CPA, CISSP, QSA, QPASP, Managing Director, Digital Resource Group

Abstract: Application security has greatly influenced the Payment Card Industry’s (PCI) efforts to reduce risk through the Data Security Standards. This talk will give you real world experiences on how organizations are addressing the application security requirements and what is coming in the near future. Topics will include:

·        PCI DSS Requirement 6: “Develop and maintain secure systems and applications” (with special attention to the June 30th deadline for Application firewalls)

·        How the new Payment Application Data Security Standard (PA-DSS) reported to release this calendar quarter effects merchants, service providers and the application development community

·        Requirements for testing including application-layer penetration tests

Bio: As the original founder of DRG in 1997, James Cowing leads DRG's Information Security Consulting practice. With over ten years of security consulting experience and twenty years of financial services industry experience, Mr. Cowing has helped thousands of government, financial services, ecommerce, enterprise, and health care companies maneuver through the often complex and stringent security compliance requirements of their respective industry. Mr. Cowing is a seasoned payment card industry professional, renowned speaker and trusted security advisor to industry leading financial institutions, merchants, and service providers. He holds a CPA certification in California and Hawaii, an MBA in Finance and a BA from UCLA in Economics. Mr. Cowing served as the co-chair of the Security Committee for the Financial Services Technology Consortium (FSTC) and is currently a member of ISACA, ISSA, Computer Security Institute and the American Institute of Certified Public Accountants (AICPA) Information Technology Division.

Please RSVP by responding to this email or visit http://owaspjan2008.eventbrite.com

Special thanks to Pacific Gas & Electric for hosting this event.