Hartford

Hartford

Sponsors
We would like to thank Fortify, Veracode, Oracle, The 451 Group, The Hartford and IBM for their generous sponsorship and helping make application security visible...

If you would like to sponsor either the food and/or door prizes for an upcoming meeting, please email [mailto:owasp@jamesmcgovern.com James McGovern] with your proposal. Independent of any financial considerations, sponsorship priority is driven by those who drive participation in OWASP to their employees and customers.

Jun 10th 2009
Hartford We are seeking a sponsor for food and beverages. Alternatively donations are appreciated.

OPENING REMARKS: 5:00 - 5:15 PM James McGovern, OWASP Hartford Chapter Leader BEST PRACTICES FOR NETWORK SECURITY: IF YOU ONLY KNEW WHAT HACKERS CAN DO! : 5:15 - 6:00 PM Kent Browne, Security Solutions Architect for IBM FOOD BREAK: 6:00 - 6:15 PM THE ANATOMY OF SECURITY DISASTERS: 6:15 - 7:00 PM Marcus Ranum CTO, Tenable Security KENT BROWNE Noted participant in the security arena for over 20 years, Kent is widely recognized as an authority on security issues with unique perspectives on such topics as "the need for policies and procedures", "honeypots on the net", "protecting your children", "hacktivism", "hackers and ethics", and many others. Featured guest on Television (BBC, RAI, ABC News, Silicon Spin, etc.), Radio and in magazines (Computer World, Business News, New York Times etc.) Kent is currently Security Solutions Architect for IBM. MARCUS RANUM Marcus J. Ranum, Chief Security Officer of Tenable Security, Inc., is a world-renowned expert on security system design and implementation. Since the late 1980's, he has designed a number of groundbreaking security products including the DEC SEAL, the TIS firewall toolkit, the Gauntlet firewall, and NFR's Network Flight Recorder intrusion detection system. He has been involved in every level of operations of a security product business, from developer, to founder and CEO of NFR. Marcus has served as a consultant to many FORTUNE 500 firms and national governments, as well as serving as a guest lecturer and instructor at numerous high-tech conferences.

UPCOMING 2009 EVENTS
Hartford It's the generosity and commitment of our sponsors that enables us to provide our attendees with high-caliber speakers they've come to expect...

September 2009

FRAMEWORK-LEVEL THREAT ANALYSIS: ADDING SCIENCE TO THE ART OF SOURCE CODE REVIEW: 3:30 - 4:15 PM Rohit Sethi, Security Compass

ROHIT SETHI

Rohit Sethi, Manager of Professional Services, Security Compass, is a specialist in threat modeling, application security reviews, and building security controls into the software development life cycle (SDLC). Mr. Sethi is a frequent guest speaker and instructor at several conferences, including RSA, Shmoocon, and CSI. He has written articles for Security Focus and the Web Application Security Consortium (WASC), and has been quoted as an expert in application security for ITWorldCanada and Computer World.

At Security Compass, Rohit teaches students various topics on web application security in cities across North America. He has also managed and performed extensive threat analysis, source code reviews, and penetration testing for clients in financial services, utilities, telecommunications and healthcare.

He is often consulted for his dual expertise in information security and software engineering.

Call for Speakers
This is a call for speakers/papers. If we haven't approached you, but you believe you have a significant discovery or new research that the security community would value, or enjoy hearing about, we invite you to submit your presentation topic for serious consideration. Preference will be given to speakers who can present new and innovative technical content to a broad audience. Of course, all presentations are expected to challenge the brightest and quickest of attendees - we wouldn't have it any other way.

OWASP is not a vendor fair. Consequently, there will be very little tolerance for commercial content within presentations. Attendees will be encouraged to quell any shameless marketing that is not immediately backed up with rationale for its inclusion.

Some topics of interest for upcoming meetings include (but are not limited to):
 * Breaking CAPTCHA
 * Hacking Cardspace and Identity 2.0
 * Breaking Commercial Software for Fun and Profit
 * Tactics for breaking software licensing schemes
 * Gaming, the next overlooked security hole
 * Hacking Mainframes
 * Database rootkits

Past Events
Agenda: Tuesday, April 30th 2009 RECRUITING ELITE IT TALENT Jordan Haberfield (Agile Elephant), SVP of System One

DETECTING BACKDOORS IN WEB APPLICATIONS Chris Wysopal CTO, Veracode

Agenda: Monday, April 13th 2009 AGILE SOFTWARE DEVELOPMENT AND SECURITY: 4:00 - 6:45 PM Scott Ambler, Agile Practice Leader, IBM Powerpoint presentation is located here

Agenda: Tuesday, February 10th 2009 OPEN SOURCE IDENTITY SERVICES (The Higgins Project) Mary Ruddy, Meristic

ENABLING STRONGER/MULTI-FACTOR AUTHENTICATION FOR ENTERPRISE APPLICATIONS Ramesh Nagappan, Security Architect at Sun Microsystems

STATE OF WEB APPLICATION SECURITY Gunnar Peterson, CTO of Artec Group and Twin Cities OWASP Agenda: Wednesday, November 11th 2008 LIGHTWEIGHT SECURITY USING IDENTITY-BASED ENCRYPTION: 6:00 - 7:00 PM Richard Eisenberg, Architect at Voltage Security

Agenda: Wednesday, September 24th 2008

TOP TEN BOGUS TECH QUOTES OF THE YEAR: 6:00 - 6:45 PM Paul Roberts, Industry Analyst, The 451 Group Powerpoint presentation is located here

MAKING APPLICATIONS SECURE BY REMOVING SECURITY: 6:45 - 7:30 PM Andrew Stone, Senior Manager, Accenture Powerpoint presentation is located here

Agenda: Wednesday, June 11th 2008

CARDSPACE AND USER CENTRIC IDENTITY Chris Winn, Security Evangelist, Microsoft

IDENTITY GOVERNANCE FRAMEWORK Prateek Mishra, Product Manager, Oracle Powerpoint Presentation is here

Agenda: Wednesday, April 30th 2008

THE IDIOTS GUIDE TO DEVELOPING BAD ENTERPRISE APPLICATIONS AND WORST LOGGING PRACTICES Anton Chuvakin, Chief Logging Evangelist, LogLogic

KEEPING SECRETS: APPLICATION SECURITY IS A BUSINESS IMPERATIVE Jack Danahy, CTO and Founder, Ounce Labs

Agenda: Thursday, February 28th 2008

HOW WEB 2.0 HAS CHANGED THE LANDSCAPE OF APPLICATION SECURITY Chenxi Wang, Principal Analyst, Forrester Research

EXPLOITING ONLINE GAMES Gary McGraw, CTO, Cigital

Locations
All meetings are held at the headquarters of The Hartford Financial Services Group (The Hartford), One Hartford Plaza, Hartford CT 06115 in the Tower Building, Atrium Conference Room. Free parking is available in our Tower Ramp Garage.