Difference between revisions of "Boulder"

From OWASP
Jump to: navigation, search
(16 intermediate revisions by 2 users not shown)
Line 3: Line 3:
  
 
== Upcoming Events ==
 
== Upcoming Events ==
 +
====Thursday, February 21st at 6pm – Analysis of Drupal Security====
  
'''Thursday, June 21st at 6pm – Discussion with Laz: How bad is it out there? '''
+
'''When''': Thursday, February 21st at 6:00pm
 +
<br>'''Where''': [https://aerstone.com/ Aerstone], located at [https://maps.google.com/maps?q=1711+Pearl+St,+Boulder,+CO+80302&hl=en&ll=40.018955,-105.272412&spn=0.005801,0.016512&sll=40.019446,-105.273058&layer=c&cbp=13,345.63,,0,0.03&cbll=40.019323,-105.273016&hnear=1711+Pearl+St,+Boulder,+Colorado+80302&t=m&z=17&panoid=5v0RhKi7sjpi-Z5HcgKFFw 1711 Pearl St.] (3rd floor).
 +
<br>'''Parking''': Free through the [http://files.meetup.com/3503072/Parking.png Whittier Neighborhood Zone].
 +
<br>'''RSVP''': available through [http://www.meetup.com/OWASP-Boulder/events/102677222/ MeetUp.com]
 +
<br>'''Virtual meeting options''': see  [http://www.meetup.com/OWASP-Boulder/events/102679412/ MeetUp.com] .
  
The Boulder chapter's June meeting will be held at the [https://maps.google.com/maps?q=1711+Pearl+St,+Boulder,+CO+80302&hl=en&ll=40.018955,-105.272412&spn=0.005801,0.016512&sll=40.019446,-105.273058&layer=c&cbp=13,345.63,,0,0.03&cbll=40.019323,-105.273016&hnear=1711+Pearl+St,+Boulder,+Colorado+80302&t=m&z=17&panoid=5v0RhKi7sjpi-Z5HcgKFFw Aerstone offices] on 17th and PearlJune's discussion is "Emerging Threats - How Bad is It out There?". Laz, Director of Strategy for [http://www.silvertailsystems.com/ Silver Tail Systems], brings extensive insight this topic, diving into:
+
'''Agenda'''
 +
<br>6:00 - 6:30 Food, drink, and networking
 +
<br>6:30 - 7:15 Chapter business and group discussion
 +
<br>7:15 - 8:00 Featured presentation
 +
 +
'''Featured Presentation: Analysis of Drupal Security'''
 +
<br>An overview of how Drupal, one of the most commonly used, open source content management systems, is secured against the OWASP Top Ten, some common configuration mistakes, and emerging trends on Drupal exploits.  What attacks are targeting Drupal applications?  Personal thoughts from a developer, user and admin of Drupal sites about clear steps that can be taken to improve security with Drupal applications.
 +
 +
'''Speaker Bio'''
 +
<br>Andrew has been a developer for 7 years. He began as a PHP and C# developer, where he entered web application development by designing and creating web services. For the last 5 years he has been a web developer in Boulder.  He has always had an interest in web application, network, and cyber security and has brought those interests into his web developer role with securing web applicationsHe is often amused how passwords are still stored as plain text, untrusted HTML input is not validated, and GET parameters are not sanitized.
 +
 +
Seating is limited and is prioritized for those who RSVP. Parking is available through the Whittier Neighborhood Zone. Food and drinks will be provided and there will be a networking session preceding the meeting. As always, meetings are free to attend.
  
*Emerging Threats (Real World Case Studies of What Cyber Criminals are doing)
+
====Special Thanks====
*Where is Mobile in the Mix
+
The Boulder chapter is grateful for the continued sponsorship of Aerstone. Thank you for providing the venue, refreshments, and other resources necessary to keep the chapter running strong.
*Quantifying the Threats and Risks
+
*Reporting – What Metrics are Leadership Teams Looking for Today
+
  
Laz came to Silver Tail Systems from the Sears Online Business Unit as Head of Information Security. Previously, Laz served as an IT security consultant and IT auditor who worked with Fortune 500 companies and government agencies. Laz is the inventor of several patents for controlling personally identifiable information, Information Security, and Information Technology. His involvement with security initiatives includes contributions for standards and policies regarding compliance and Information Security methodologies, policies, and Web application security.
+
[[File:BoulderSponsorAerstone.png]]
  
Laz is a published author, has served in the United States Air Force, holds a Masters in Computer Information Security from the University of Denver and an MBA from Pepperdine University.
+
====Wednesday, Wednesday, February 20th at 6pm – CTF Project Development====
  
As we learned from our May meeting, the conversation doesn't stop with the speaker. The meetings are meant to be interactive, and we appreciate the wonderful audience contributions throughout evening. Thanks to all who participated! What a lively discussion!
+
Plan, plot, hack, hang out.
  
Seating is limited! We can only accommodate seating for those who [http://www.meetup.com/OWASP-Boulder/ RSVP]. If you have a change of plans, please update your RSVP to allow those who are on the waiting list.
+
'''When''': Wednesday, February 20th at 6:00pm
 +
<br>'''Where''': [https://aerstone.com/ Aerstone], located at [https://maps.google.com/maps?q=1711+Pearl+St,+Boulder,+CO+80302&hl=en&ll=40.018955,-105.272412&spn=0.005801,0.016512&sll=40.019446,-105.273058&layer=c&cbp=13,345.63,,0,0.03&cbll=40.019323,-105.273016&hnear=1711+Pearl+St,+Boulder,+Colorado+80302&t=m&z=17&panoid=5v0RhKi7sjpi-Z5HcgKFFw 1711 Pearl St.] (3rd floor).
 +
<br>'''Parking''': Free through the [http://files.meetup.com/3503072/Parking.png Whittier Neighborhood Zone].
 +
<br>'''RSVP''': available through [http://www.meetup.com/OWASP-Boulder/ MeetUp.com]
 +
<br>'''Virtual meeting''': available through [https://questconsultants.webex.com/ WebEx].
 +
<br>(Please call me if the door is locked or WebEx is down.)
  
Parking is available through the Whittier Neighborhood Zone for up to three hours daily. As always, food and drinks are free and there will be an open networking session after the meeting.
+
The standing agenda includes status updates on:
 +
* Participant VM
 +
* Scoreboard
 +
* Challenge management
 +
* Challenge development
 +
* Challenge-framework integration
 +
* General project administration
 +
* Roadblocks
 +
 
 +
Any time left over will be used for collaboration and coding.
  
 
[[Category:OWASP Chapter]]
 
[[Category:OWASP Chapter]]
 
[[Category:Colorado]]
 
[[Category:Colorado]]

Revision as of 23:41, 19 February 2013

Contents

OWASP Boulder

Welcome to the Boulder chapter homepage. The chapter leader is Mark Major.
Click here to join the local chapter mailing list.

Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is and open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

Btn donate SM.gif to this chapter or become a local chapter supporter.

Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG

Upcoming Events

Thursday, February 21st at 6pm – Analysis of Drupal Security

When: Thursday, February 21st at 6:00pm
Where: Aerstone, located at 1711 Pearl St. (3rd floor).
Parking: Free through the Whittier Neighborhood Zone.
RSVP: available through MeetUp.com
Virtual meeting options: see MeetUp.com .

Agenda
6:00 - 6:30 Food, drink, and networking
6:30 - 7:15 Chapter business and group discussion
7:15 - 8:00 Featured presentation

Featured Presentation: Analysis of Drupal Security
An overview of how Drupal, one of the most commonly used, open source content management systems, is secured against the OWASP Top Ten, some common configuration mistakes, and emerging trends on Drupal exploits. What attacks are targeting Drupal applications? Personal thoughts from a developer, user and admin of Drupal sites about clear steps that can be taken to improve security with Drupal applications.

Speaker Bio
Andrew has been a developer for 7 years. He began as a PHP and C# developer, where he entered web application development by designing and creating web services. For the last 5 years he has been a web developer in Boulder. He has always had an interest in web application, network, and cyber security and has brought those interests into his web developer role with securing web applications. He is often amused how passwords are still stored as plain text, untrusted HTML input is not validated, and GET parameters are not sanitized.

Seating is limited and is prioritized for those who RSVP. Parking is available through the Whittier Neighborhood Zone. Food and drinks will be provided and there will be a networking session preceding the meeting. As always, meetings are free to attend.

Special Thanks

The Boulder chapter is grateful for the continued sponsorship of Aerstone. Thank you for providing the venue, refreshments, and other resources necessary to keep the chapter running strong.

BoulderSponsorAerstone.png

Wednesday, Wednesday, February 20th at 6pm – CTF Project Development

Plan, plot, hack, hang out.

When: Wednesday, February 20th at 6:00pm
Where: Aerstone, located at 1711 Pearl St. (3rd floor).
Parking: Free through the Whittier Neighborhood Zone.
RSVP: available through MeetUp.com
Virtual meeting: available through WebEx.
(Please call me if the door is locked or WebEx is down.)

The standing agenda includes status updates on:

  • Participant VM
  • Scoreboard
  • Challenge management
  • Challenge development
  • Challenge-framework integration
  • General project administration
  • Roadblocks

Any time left over will be used for collaboration and coding.