Denver

Next Meeting
The next meeting will be on April 19 at 7:30PM in EchoStar's corporate headquarters. From I-25:
 * Turn east on Lincoln Ave. and drive almost ½ mile
 * Turn left (north) on Havana St
 * Take the first right (east) onto S. Meridian Blvd
 * Follow Meridian for about 1 mile as it curves to the North
 * Turn left (west) at the stoplight into EchoStar’s campus. There will be a large metallic sign.

There will be two presentations. Kartik Trivedi, Director of Application Assessment at Accuvant and also the Southern California OWASP leader will be presenting on Web 2.0 (AJAX, etc).

On the less technical side, Doug Staubach from EchoStar will be presenting on the Payment Card Industry Data Security Standard (PCI DSS). PCI applies to all companies that handle credit card numbers. For large companies, the PCI standard specifically references OWASP’s as a preferred methodology to secure web-applications.

Food & drink are being provided by BT INS.

Future Meetings
Below is a list of potential topics for future meetings. If you are interested in presenting, or at least contributing to the content of a presentation on any topic, please send [mailto:davidribyrne@yahoo.com David Byrne] an e-mail. Feel free to submit ideas for other topics as well.


 * Common security mistakes and best practices for
 * AJAX
 * .Net
 * J2EE
 * Performing security-oriented code reviews
 * HTTP message spliting attacksCommon mistakes and best practices for
 * Authentication: single-sign-on, identity managment, LDAP injection attacks, etc
 * Sarbanes Oxley (SOX) compliance, relating to web apps
 * Return on Security Investment (ROSI) calculations

Past Meetings
February 2007

January 2007

November 2006