Salt Lake City

The next meeting is scheduled for Thursday, May 7th in conjunction with UtahSec
Date:

 May 7th, 2015

Time:

6 - 8 pm

Meeting location:

LDS Riverton Office Building

3740 W 13400 S

Riverton, UT 84065

(Inform security guard at the front desk that you are attending OWASP)

'Agenda: "OAuth and Open-ID-Connect" presentation by Cameron Morris. Abstract: In 2014 Eran Hammer removed himself from the OAuth 2.0 spec that he helped create. He complained that the simple protocol had been converted into complex framework that will likely lead to security vulnerabilities. Despite his warning, the industry has marched forward with OAuth 2.0 and OpenID-Connect. In this discussion we'll dissect OAuth 2.0 and OpenID Connect enough help expose some common pitfalls and what to look for in a flawed implementation." '

Everyone is welcome to join us at our chapter meetings

OpenSAMM Project - Alan Jex - 3 Jan 2013
Alan discussed the Open Security Assurance Maturity Model (OpenSAMM) including his success at leveraging it to do a successful crawl/walk/run expansion of AppSec at his day job. HP hosted and served food (thanks!). Slides are available by clicking [[media:UtahSec-Software_Assurance_Maturity_Model.pptx|here.]]