Difference between revisions of "Boulder"

From OWASP
Jump to: navigation, search
m
(20 intermediate revisions by 2 users not shown)
Line 2: Line 2:
 
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-boulder|emailarchives=http://lists.owasp.org/pipermail/owasp-boulder}}
 
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-boulder|emailarchives=http://lists.owasp.org/pipermail/owasp-boulder}}
  
== Upcoming Events ==
+
====Special Thanks====
 +
The Boulder chapter is grateful for the continued sponsorship of Aerstone. Thank you for providing the venue, refreshments, and other resources necessary to keep the chapter running strong.
  
'''Thursday, November 15th at 6pm – Identity Management with Ram'''
+
[[File:BoulderSponsorAerstone.png]]
  
November's topic is "Identity and Access Management for OWASP" by Ram.  There are various aspects to security -- and this talk will explain the Identity and Access Management part of the security spectrum. Web applications typically need authenticated access and they have various roles that need to be authorized depending on business needs.
 
  
In addition to our presentation, we welcome everyone's participation in the open topic discussion.  While entirely impromptu, October's discussion on PEN testing was detailed and informative, demonstrating the value of collaborating with peers.  Security professionals: Remember to invite a developer!
+
== Upcoming Events ==
 +
 
 +
====Thursday, September 19th at 6pm – Bill Jackson: Secure Coding Mechanics====
  
Presenter Bio: Ram graduated from Perry Mason thrillers to reading about Pascal, C, C++ and OOP by the time he was 16. Corporate life started him off on IBM mainframes. That did not last long before he got back into Java and C++. The 9/11 incident threw him into Security and he got to dabble a fair bit in the Identity and Access Management space. He is very fortunate to have been able to add to his geek credentials by gaining soft skills (very important skill for security folks) in dealing with "situations" on numerous occasions in a customer facing role. He also loves the outdoor pursuits of Colorado.
 
October's topic is "Quantity vs Quality: Choosing Wisely" (or possibly "DevOps") featuring Rafał Łoś, aka Wh1t3Rabbit, Security Strategist at HP.
 
  
Many thanks to [http://www.aerstone.com/ Aerstone] for hosting and refreshments.
+
'''About the speaker'''<br>
 +
'''Bill Jackson''' has been a software engineer with Raytheon for 15 years. He has worked as the secure coding lead for the GPS program (yeah, that GPS), and has helped define and implement secure coding processes and practices for several other programs. His experience extends to Java EE, Agile software development, concurrency, and user interface design.  Bill has MS in computer science from the University of Colorado at Denver and a BS from Colorado State University and holds a CISSP and CompTIA Security+ certification.
  
Seating is limited and is prioritized for those who [http://www.meetup.com/OWASP-Boulder/ RSVP].  If you have a change of plans, please update your RSVP status to allow space for those on the waiting list.
+
{| style="width:100%;" border="0" align="left" cellpadding="5"
 +
|-
 +
| style="width:6em;" | '''When'''
 +
|                    | Thursday, September 19th
 +
|-
 +
| style="width:6em;vertical-align:text-top;" | '''Agenda'''
 +
|                    | 6:00 - 6:30: Food, drink, and networking<br>6:30 - 7:00: Chapter business and group discussion<br>7:00 - 8:00: '''Secure Coding Mechanics:''' Bill will bring his experience as a software engineer and secure coding lead to discuss common vulnerabilities in both development and architecture including:
 +
*Integer overflow/underflow
 +
*Filename/path validation
 +
*Excessive logging
 +
*Debug modes/maintenance hooks/configuration by convention
 +
*Insecure password handling (back-end handling)
 +
*Insecure start-up and shut-down
 +
|-
 +
|                    | '''Location'''
 +
|                    | [https://aerstone.com/ Aerstone], located at [https://maps.google.com/maps?q=1711+Pearl+St,+Boulder,+CO+80302&hl=en&ll=40.018955,-105.272412&spn=0.005801,0.016512&sll=40.019446,-105.273058&layer=c&cbp=13,345.63,,0,0.03&cbll=40.019323,-105.273016&hnear=1711+Pearl+St,+Boulder,+Colorado+80302&t=m&z=17&panoid=5v0RhKi7sjpi-Z5HcgKFFw 1711 Pearl St.] (3rd floor).
 +
|-
 +
|                    | '''Parking'''
 +
|                    | Free parking one block north of Aerstone through the [http://files.meetup.com/3503072/Parking.png Whittier Neighborhood Zone].
 +
|-
 +
|                    | '''RSVP'''
 +
|                    | Available through [http://www.meetup.com/OWASP-Boulder/events/135038952/ MeetUp.com].
 +
  |}
  
The meeting will be held at the [https://maps.google.com/maps?q=1711+Pearl+St,+Boulder,+CO+80302&hl=en&ll=40.018955,-105.272412&spn=0.005801,0.016512&sll=40.019446,-105.273058&layer=c&cbp=13,345.63,,0,0.03&cbll=40.019323,-105.273016&hnear=1711+Pearl+St,+Boulder,+Colorado+80302&t=m&z=17&panoid=5v0RhKi7sjpi-Z5HcgKFFw Aerstone offices] on 17th and Pearl. Parking is available through the [http://files.meetup.com/3503072/Parking.png Whittier Neighborhood Zone] for up to three hours daily. As always, food and drinks are free and there will be an open networking session after the meeting.
+
<br><br>
 +
  
 
[[Category:OWASP Chapter]]
 
[[Category:OWASP Chapter]]
 
[[Category:Colorado]]
 
[[Category:Colorado]]

Revision as of 22:24, 4 September 2013

Contents

OWASP Boulder

Welcome to the Boulder chapter homepage. The chapter leader is Mark Major.
Click here to join the local chapter mailing list.

Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is and open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

Btn donate SM.gif to this chapter or become a local chapter supporter.

Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG

Special Thanks

The Boulder chapter is grateful for the continued sponsorship of Aerstone. Thank you for providing the venue, refreshments, and other resources necessary to keep the chapter running strong.

BoulderSponsorAerstone.png


Upcoming Events

Thursday, September 19th at 6pm – Bill Jackson: Secure Coding Mechanics

About the speaker
Bill Jackson has been a software engineer with Raytheon for 15 years. He has worked as the secure coding lead for the GPS program (yeah, that GPS), and has helped define and implement secure coding processes and practices for several other programs. His experience extends to Java EE, Agile software development, concurrency, and user interface design. Bill has MS in computer science from the University of Colorado at Denver and a BS from Colorado State University and holds a CISSP and CompTIA Security+ certification.

When Thursday, September 19th
Agenda 6:00 - 6:30: Food, drink, and networking
6:30 - 7:00: Chapter business and group discussion
7:00 - 8:00: Secure Coding Mechanics: Bill will bring his experience as a software engineer and secure coding lead to discuss common vulnerabilities in both development and architecture including:
  • Integer overflow/underflow
  • Filename/path validation
  • Excessive logging
  • Debug modes/maintenance hooks/configuration by convention
  • Insecure password handling (back-end handling)
  • Insecure start-up and shut-down
Location Aerstone, located at 1711 Pearl St. (3rd floor).
Parking Free parking one block north of Aerstone through the Whittier Neighborhood Zone.
RSVP Available through MeetUp.com.