Difference between revisions of "Bay Area"

From OWASP
Jump to: navigation, search
(Sept 2013)
(27 intermediate revisions by 7 users not shown)
Line 1: Line 1:
 
{{Chapter Template|chaptername=Bay Area|extra=|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-bayarea|emailarchives=http://lists.owasp.org/pipermail/owasp-bayarea}}  
 
{{Chapter Template|chaptername=Bay Area|extra=|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-bayarea|emailarchives=http://lists.owasp.org/pipermail/owasp-bayarea}}  
  
==== Chapter Meetings  ====
+
== Geographic Area of Bay Area Chapter ==
  
== Date and Location ==
+
The 'Bay Area' is actually the San Francisco Bay Area in California, which is near other large towns that are across the bay from San Francisco such as Berkeley and Oakland, and south of San Francisco are San Mateo, Palo Alto, and the whole San Jose area. Currently, the Bay Area OWASP Chapter covers this whole geographic region.
  
=== Next Event  ===
+
== Social Hour(s) ==
  
November 30, 2011
+
=== Sept 2013 ===
  
Stanford Campus, Alumni Center, Lane/Ladato rooms<br>
+
OWASP Social Hour in Mountain View
Directions: http://www.stanfordalumni.org/aboutsaa/alumni_center/directions.html<br>
+
Hosted by [http://www.shapesecurity.com/ Shape Security]
Parking will be available on Galvez field right next to the center.<br>
+
'''Agenda'''
+
  
5:30pm - Welcome
+
'''RSVP'''
 +
https://owasp-bayarea.eventbrite.com/ <br>
 +
''Please RSVP so we can gauge attendance''
  
5:40pm - Jason Chan, Practical Cloud Security [[Media:JasonChan-PracticalCloudSecurity.pdf | Slides]]
+
'''When:'''
 +
* Wednesday 9/25/13
 +
* 5:30-7:30p Shape Security, 800 W El Camino Real, Mountain View, CA
 +
* 7:30-8:30p Cascal, 400 Castro St, Mountain View, CA
 +
 +
'''Where:'''
 +
* Shape Security Office & later Cascal restaurant
 +
* Meet at 800 W El Camino Real, Mountain View, CA
 +
 +
The purpose of the OWASP social gathering is:
  
6:15pm - Luca Carettoni, From CVE-2010-0738 to the recent JBoss worm [http://www.matasano.com/research/OWASP3011_Luca.pdf Slides]
+
* Informal security chat - the benefits of "hallway con" and security talk with others in the industry
 +
* Networking - meet other people in the field and industry
 +
* After work drinks - a nice break after a long work day
  
6:50pm - David Fifield, Evading censorship with browser-based proxies [[Media:Davidfifield-FlashProxy.pdf|Slides]]
+
 +
Note: These events won't have any formal presentations. They're meant to be social gatherings to meet others in the industry and chat about security. Check our quarterly OWASP Bay Area schedule for the security presentation events.
 +
https://www.owasp.org/index.php/Bay_Area
 +
  
7:25pm - Abraham Kang, DOM-based XSS and output encoding [[Media:AbrahamKang-DOMBasedXSS.pptx|Slides]]
+
Is your organization interested in hosting an OWASP social hour in the bay area (San Francisco, South Bay, East Bay)? Contact michael.coates@owasp.org
  
'''You must RSVP''' at http://owaspbayareanov2011.eventbrite.com/ prior to attending, we need to know how many people are coming to make sure we have the correct room sizing.
+
== Chapter Meetings ==
  
----
 
  
'''Jason Chan - Practical Cloud Security''' Over the past several years, there has been much hand wringing and teeth gnashing related to public cloud security. Because of this, many organizations have limited or delayed their cloud usage. Faced with business and market imperatives that demanded scale and elasticity that traditional data center architectures could not provide, Netflix jumped head first into the public cloud two years ago. As we continue to mature our environment, we’ve also begun leveraging the benefits of the public cloud to enhance our security posture and capabilities. This presentation will be a practical examination of Netflix’s approach to cloud security. Topics covered include: • Using public cloud automation and APIs to enhance security visibility • Netflix’s “Security Monkey” tool for cloud security monitoring and alerting • Inter-host reachability and connectivity analysis for firewall policy evaluation and optimization • Netflix’s model-driven architecture for securing and managingsystems and applications • Call to action: Cloud Security Gap Analysis and Next Steps
+
=== July 2013 ===
 +
'''When''': Thursday, July 11, 2013 from 5:30 PM to 8:30 PM (PST)
  
'''Luca Carettoni - From CVE-2010-0738 to the recent JBoss worm''' Being a widely deployed enterprise application server, JBoss has always been a juicy target for attackers. Security vulnerabilities and misconfigurations in critical components, such as the infamous JMX-console, can be exploited in order to execute arbitrary code and harm the confidentiality, integrity and availability of the entire system. Our quick journey through JBoss insecurity will start from the analysis of a critical authentication bypass flaw to the recent JBoss worm which affected numerous installations worldwide. This presentation will also cover practical aspects on how to detect misconfigurations and secure your application server.  
+
'''Location''': Room 150, University Hall, UC Berkeley.
  
'''David Fifield - Evading censorship with browser-based proxies''' Proxy systems like Tor and VPNs can be used to get around Internet censorship and access blocked resources, but what happens when the circumvention system itself is blocked? A flash proxy is a miniature proxy that runs in a web browser, that can be activated just by viewing a web page. Web site visitors provide a large and constantly changing pool of proxy addresses that are difficult to block. Even though each proxy may last only seconds or minutes, it is possible to switch between them in a way that makes web browsing more or less seamless. We will share details of our flash proxy implementation and explain how to add a proxy to your web page.  
+
The room is to the immediate left after entering the building from
 +
Addison street at ground level (not basement level).
  
'''Abraham Kang - DOM-based XSS and output encoding''' An interactive presentation that intends to turn all of the listeners of the presentation into XSS experts and help them understand how to mitigate XSS properly using output encoding.
+
For driving/public-transit directions, look up:
 +
2199 Addison St., Berkeley, CA, 94720
  
=== Previous Event ===
 
  
'''WHAT''': OWASP Silicon Valley Chapter Meeting
 
  
'''WHEN''': Thursday, August 25th, 2011 - From 6 PM to 8.30 PM
+
'''No RSVP Required'''
  
'''WHERE''': Mozilla Foundation Offices - 650 Castro Street, Unit 300, Mountain View , CA 94041
+
Details:
  
(right next to Starbucks)
+
5:30 - 5:45 Social gathering
  
REGISTER EARLY AS SEATING IS LIMITED
+
5:45 - 6:00 Welcome (Cory Scott) / OWASP Update (Sarah Baso)
  
Please RSVP by registering at http://www.regonline.com/owaspsiliconvalleychaptermeeting
+
6:00 - 6:15 An Empirical Study of Vulnerability Rewards Programs, Devdatta Akhawe
  
Agenda:
+
6:15 - 7:15 "Putting Your Robots to Work", Twitter Security Team
* 6:00 PM - 6:30 PM .............Check-in, registration, networking
+
* 6:30 PM – 6:35 PM ........... Welcome Remarks/Agenda - Mandeep Khera
+
* 6:35 PM - 7:45 PM ............ Enabling Browser Security in Web Applications- Michael Coates, Mozilla
+
* 7:45 PM – 8:30 PM…......... Blackhat spam SEO - Julien Sobrier, Zscaler
+
  
'''SPONSORS''': Special Thanks to our host and sponsor - Mozilla Foundation.
 
  
  
==== Donate Funds to Bay Area Chapter  ====
+
Getting There:
  
<paypal>Bay Area</paypal>
+
BART:
 +
The "Downtown Berkeley" BART station is two blocks away.
  
= Bay Area Past Events  =
+
Parking:
 +
It's Summer, and metered street parking is available nearby.
  
[[Bay Area Past Events]]
+
Paid off-street parking is also available.  One street south on Center street, the Bank of America lot is cheap but small, and there is a large
 +
lot on Alston street between Shattuck and Milvia.
  
==== Bay Area OWASP Chapter Leaders  ====
+
== Bay Area Past Events ==
  
*[mailto:teresa-ann-stevens@comcast.net Teresa Stevens]  
+
[[Bay Area Past Events]]
*[mailto:mandeep@cenzic.com Mandeep Khera]  
+
 
 +
== Bay Area Chapter Leaders ==
 +
 
 +
*[mailto:teresa.ann.stevens2009@gmail.com Teresa Stevens]  
 
*[mailto:cory@crazypenguin.com Cory Scott]
 
*[mailto:cory@crazypenguin.com Cory Scott]
  
__NOTOC__ <headertabs />
 
  
 
[[Category:California]]
 
[[Category:California]]
 
[[Category:OWASP Chapter]]
 
[[Category:OWASP Chapter]]

Revision as of 16:37, 14 September 2013

Contents

OWASP Bay Area

Welcome to the Bay Area chapter homepage.
Click here to join the local chapter mailing list.

Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is and open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

Btn donate SM.gif to this chapter or become a local chapter supporter.

Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG

Geographic Area of Bay Area Chapter

The 'Bay Area' is actually the San Francisco Bay Area in California, which is near other large towns that are across the bay from San Francisco such as Berkeley and Oakland, and south of San Francisco are San Mateo, Palo Alto, and the whole San Jose area. Currently, the Bay Area OWASP Chapter covers this whole geographic region.

Social Hour(s)

Sept 2013

OWASP Social Hour in Mountain View Hosted by Shape Security

RSVP https://owasp-bayarea.eventbrite.com/
Please RSVP so we can gauge attendance

When:

  • Wednesday 9/25/13
  • 5:30-7:30p Shape Security, 800 W El Camino Real, Mountain View, CA
  • 7:30-8:30p Cascal, 400 Castro St, Mountain View, CA

Where:

  • Shape Security Office & later Cascal restaurant
  • Meet at 800 W El Camino Real, Mountain View, CA

The purpose of the OWASP social gathering is:

  • Informal security chat - the benefits of "hallway con" and security talk with others in the industry
  • Networking - meet other people in the field and industry
  • After work drinks - a nice break after a long work day


Note: These events won't have any formal presentations. They're meant to be social gatherings to meet others in the industry and chat about security. Check our quarterly OWASP Bay Area schedule for the security presentation events. https://www.owasp.org/index.php/Bay_Area


Is your organization interested in hosting an OWASP social hour in the bay area (San Francisco, South Bay, East Bay)? Contact michael.coates@owasp.org

Chapter Meetings

July 2013

When: Thursday, July 11, 2013 from 5:30 PM to 8:30 PM (PST)

Location: Room 150, University Hall, UC Berkeley.

The room is to the immediate left after entering the building from Addison street at ground level (not basement level).

For driving/public-transit directions, look up: 2199 Addison St., Berkeley, CA, 94720


No RSVP Required

Details:

5:30 - 5:45 Social gathering

5:45 - 6:00 Welcome (Cory Scott) / OWASP Update (Sarah Baso)

6:00 - 6:15 An Empirical Study of Vulnerability Rewards Programs, Devdatta Akhawe

6:15 - 7:15 "Putting Your Robots to Work", Twitter Security Team


Getting There:

BART: The "Downtown Berkeley" BART station is two blocks away.

Parking: It's Summer, and metered street parking is available nearby.

Paid off-street parking is also available. One street south on Center street, the Bank of America lot is cheap but small, and there is a large lot on Alston street between Shattuck and Milvia.

Bay Area Past Events

Bay Area Past Events

Bay Area Chapter Leaders