Kansas City

Upcoming Meetings
I am pleased to announce that the details for our next OWASP Kansas City chapter meeting have been finalized. We will get together on Wednesday, November 7th starting at 6:00 PM and finishing around 7:30 PM. Add the event to your calendar today so you don't miss this opportunity to learn about web application security and network with your peers. Here is the presentation planned for this meeting:

Speaker: Tom Stripling, CISSP on The Dangers of Third-Party Content

It is now commonplace for web applications to include content from other sites, partners, and advertisers. If this content isn’t handled correctly, applications are left vulnerable to attack. By examining a variety of attacks that can be executed through third-party content, we can better evaluate application risk and design countermeasures.

Session Learning Objectives
 * Determine the threat posed by third-party content, given trends in Internet content and specific risks associated with each form of third-party content inclusion
 * Demonstrate attacks against a live web application that exploit flawed security assumptions in the inclusion of third-party content
 * Analyze the effectiveness of various application security countermeasures to combat the threat
 * Enable developers and penetration testers to better identify and prevent the risks associated with the use of third-party content in web applications

Tom Stripling is a senior application security consultant with an extensive background in web application development, penetration testing, and risk assessment. In his role at Security PS, he helps clients uncover application vulnerabilities and secure the software development process. In his spare time, Tom is an avid researcher of application security attacks, vulnerabilities, and best practices.


 * We have time for another person to give a brief 15-45 minute presentation on web application security. This can be a technical demonstration, conference review, or open discussion about a web application security topic.  Please let me know if you'd like to grab this spot.

Date: November 7, 2007 – 6:00 PM – 7:30 PM

Location:

Centriq Training

8700 State Line Road

Suite 200

Leawood, KS 66206

(913) 322-7000

http://www.centriq.com/contactus.htm

Thanks to Centriq Training for volunteering to host another one of our chapter meeting. Attendance of OWASP meetings is free and anyone interested in web application security is welcome to attend. Pass on this meeting announcement to anyone else that would benefit from joining us.

Please note:
 * Attendance at an OWASP chapter meeting is free and open to anyone interested in web application security
 * No registration is required, although RSVPs to the chapter leader are appreciated
 * Professionals with CISSPs, or other certifications, can earn CPE credits by attending

We meet at least once a quarter to discuss application security. If you have an interesting topic you'd like to present or discuss at future meetings, please send an email to bmarshall[at]securityps com. Or, get a discussion going by posting a message to our mailing list.

Past Meetings
Thanks to the speakers for sharing with us at our past chapter meetings. Any presentation handouts or associated documents are shared through the following meeting summaries:


 * September 2007 Meeting
 * June 2007 meeting
 * March 2007 meeting
 * December 2006 meeting