SanDiego

Local News

Sushi &amp; Sake- OWASP San Diego to Host Free Web Hacker Dojo

The Open Web Application Security Project (OWASP) Chapter in San Diego will be holding a FREE meeting to discuss the latest developments in the OWASP organization, and leading-edge web assessment technologies. Demonstrations will be provided on various web attack techniques and the best practices for defending against them, including web application firewalls. Bring your laptop to participate in the Web Hacker Dojo where everyone will have the opportunity to launch attacks against live lab web servers to see how they compare against today’s countermeasures. Sushi and Sake refreshments will be provided as you network with some of the best security auditors, researchers, and developers in the San Diego area. We look forward to seeing you there!

Date:    January 27th, 2010 Time:    6:00pm - 7:30pm Location: Websense Corporate Office 10240 Sorrento Valley Rd                 San Diego, California  92121

Contact: rsvp@owasp-sd.org 858-754-9701

 Meeting Notes From October 22, 2009  Ideas -There are big python and ruby user groups in SD (Gabriel Lawrence is a good conduit) -Many other user groups use meetup.com to publish meetings -Create multisession curriculum (review tools and deep dive on different subject) -Loosely couple presentations so new attendees can easily join in -Discussed idea of charging small fee to attend meetings (decided not to entertain this until meeting matures) -Possibly segregate training sessions from regular sessions and provide a some theme to the training sessions -Vendors to possibly bring in (Rapid7 HDMoore, Breach, Modsecurity, McAfee, DBNetworks) -Possibly provide CPE credits for attending OWASP events

Future Meeting Topics -Remediation vs. Mitigation -Mitigation techniques when the code can’t be fixed -Demo ESAPI in PHP and/or ASP.net -How to run security testing when evaluating a new software product -CFO level meeting regarding cost justification for security tools and risk assessment -Web enumeration and data mining -Vulnerability classification and remedation techniques

OWASP San Diego Board Formation

[mailto:jeromie@owasp-sd.org Jeromie Jackson] - President [mailto:jeff@owasp-sd.org Jeff Sutton] - Vice President [mailto:matt@owasp-sd.org Matt Harrigan] - Director of Research [mailto:steve@owasp-sd.org Steve Groom] - Director of Marketing [mailto:andy@owasp-sd.org Andy Stovall] - Technical Director [mailto:tom@owasp-sd.org Tom Spencer] - Program Director