Difference between revisions of "Chicago Suburbs"

From OWASP
Jump to: navigation, search
(5 intermediate revisions by 2 users not shown)
Line 1: Line 1:
{{Chapter Template|chaptername=Chicago Suburbs|extra=The chapter leaders are [mailto:sam.curcio@owasp.org Sam Curcio] and [mailto:phillip.vandeman@owasp.org Phillip VanDeman].|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-chicago-suburbs|emailarchives=http://lists.owasp.org/pipermail/owasp-chicago-suburbs}}
+
{{Chapter Template|chaptername=Chicago Suburbs|extra=The chapter leaders are [mailto:sam.curcio@owasp.org Sam Curcio], [mailto:phillip.vandeman@owasp.org Phillip VanDeman] and [mailto:jay.schulman@owasp.org Jay Schulman].|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-chicago-suburbs|emailarchives=http://lists.owasp.org/pipermail/owasp-chicago-suburbs}}
  
'''Announcing the inaugural OWASP Chicago Suburbs chapter meeting!'''
+
 
 +
== Next Meeting ==
 +
 
 +
'''December 2013 Meeting:'''
  
 
'''What:''' An unbiased, practical, cost-effective gathering to discuss application security.
 
'''What:''' An unbiased, practical, cost-effective gathering to discuss application security.
  
'''When:'''  Thursday, October 10 @ 6pm CDT
+
'''When:'''  Wednesday, December 4th @ 6pm CST
  
'''Where:''' Zurich Insurance, South Tower, 1400 American Lane, Schaumburg, IL
+
'''Where:''' Crowe Horwath, One Mid America Plaza, Suite 700, Oak Brook Terrace, IL
  
'''Cost:''' Free
+
'''Cost:''' Absolutely Nothing!
  
 
'''Agenda:'''
 
'''Agenda:'''
6 - Pizza and soft drinks
 
630 -  9 Presentations
 
  
'''Please register in advance so building security can let you in with your ID:''' http://owaspchicagosuburbs1.eventbrite.com/
+
6:00p: Food and soft drinks
  
We are seeking presenters!  To date we have one presentation planned (see below).  If you have interest in presenting  or joining a panel on application security initiatives, please  email [mailto:sam.curcio@owasp.org Sam Curcio] and be prepared to submit an abstract and bio.
+
6:30pm -  9pm: Presentations
  
[https://lists.owasp.org/mailman/listinfo/owasp-chicago-suburbs '''Click Here''''''to join the local chapter mailing list.'''
+
We are seeking additional presenters!  If you have interest in presenting or joining a panel on application security initiatives, please email [mailto:jay.schulman@owasp.org jay.schulman@owasp.org] and be prepared to submit an abstract and bio.
 +
 +
'''Please register in advance so building security can let you in with your ID: [https://owaspchicagosuburbs.eventbrite.com https://owaspchicagosuburbs.eventbrite.com]'''
 +
 +
'''Abstract & Bio:'''
 +
 
 +
Pen testing being the sexy part of Infosec, the first thing most companies want to do when starting an application security program is to scan everything.  Unfortunately, learning from experience, this rarely leads to good results.  Using my experience in building an application security program and the best practices used by other companies, I’ll show you how to start an effective application security program in your organization. This will include laying the groundwork to ensure proper coverage, using your resources effectively and ensuring proper follow through on remediation activities.
 +
 +
Chris Pfoutz has 10 years of experience in a broad breadth of information security fields, including access controls, risk assessments and spending the last three years focused in his passion, software security.  He’s been employed or consulted for some of the largest financial services companies in the world and is currently working internally on the Global Application Security team for Deloitte, Touche, Tomatsu Ltd.  Chris is certified as a CISSP and GIAC Certified Web Application Pen Tester by the SANS Institute.
 +
 
 +
== Previous Meetings ==
 +
 
 +
'''October 2013 Inaugural Meeting:'''
 +
 
 +
'''What:''' An unbiased, practical, cost-effective gathering to discuss application security.
 +
 
 +
'''When:'''  Thursday, October 10 @ 6pm CDT
 +
 
 +
'''Where:''' Zurich Insurance, South Tower, 1400 American Lane, Schaumburg, IL
  
'''Repsheet:''' A Behavior Based Approach to Web Application SecuritY
+
'''Repsheet:''' A Behavior Based Approach to Web Application Security
  
 
Traditional static approaches to web application security are failing us. The interaction before, during, and after authentication is largely ignored. We don't ask the right questions of actors attempting to access our web applications. How sure are you that the act or accessing your site is who they say they are?  How sure are you that you want them accessing your site at all?  Join Aaron as he walks you through asking the questions you should be asking of your users, and how to help prevent abuse, fraud,and otherwise unwanted activity on your web applications. You will learn how to ask the right questions without disrupting user experience.
 
Traditional static approaches to web application security are failing us. The interaction before, during, and after authentication is largely ignored. We don't ask the right questions of actors attempting to access our web applications. How sure are you that the act or accessing your site is who they say they are?  How sure are you that you want them accessing your site at all?  Join Aaron as he walks you through asking the questions you should be asking of your users, and how to help prevent abuse, fraud,and otherwise unwanted activity on your web applications. You will learn how to ask the right questions without disrupting user experience.

Revision as of 17:15, 14 November 2013

Contents

OWASP Chicago Suburbs

Welcome to the Chicago Suburbs chapter homepage. The chapter leaders are Sam Curcio, Phillip VanDeman and Jay Schulman.
Click here to join the local chapter mailing list.

Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is and open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

Btn donate SM.gif to this chapter or become a local chapter supporter.

Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG


Next Meeting

December 2013 Meeting:

What: An unbiased, practical, cost-effective gathering to discuss application security.

When:  Wednesday, December 4th @ 6pm CST

Where: Crowe Horwath, One Mid America Plaza, Suite 700, Oak Brook Terrace, IL

Cost: Absolutely Nothing!

Agenda:

6:00p: Food and soft drinks

6:30pm - 9pm: Presentations

We are seeking additional presenters! If you have interest in presenting or joining a panel on application security initiatives, please email jay.schulman@owasp.org and be prepared to submit an abstract and bio.

Please register in advance so building security can let you in with your ID: https://owaspchicagosuburbs.eventbrite.com

Abstract & Bio:

Pen testing being the sexy part of Infosec, the first thing most companies want to do when starting an application security program is to scan everything. Unfortunately, learning from experience, this rarely leads to good results. Using my experience in building an application security program and the best practices used by other companies, I’ll show you how to start an effective application security program in your organization. This will include laying the groundwork to ensure proper coverage, using your resources effectively and ensuring proper follow through on remediation activities.

Chris Pfoutz has 10 years of experience in a broad breadth of information security fields, including access controls, risk assessments and spending the last three years focused in his passion, software security. He’s been employed or consulted for some of the largest financial services companies in the world and is currently working internally on the Global Application Security team for Deloitte, Touche, Tomatsu Ltd. Chris is certified as a CISSP and GIAC Certified Web Application Pen Tester by the SANS Institute.

Previous Meetings

October 2013 Inaugural Meeting:

What: An unbiased, practical, cost-effective gathering to discuss application security.

When:  Thursday, October 10 @ 6pm CDT

Where: Zurich Insurance, South Tower, 1400 American Lane, Schaumburg, IL

Repsheet: A Behavior Based Approach to Web Application Security

Traditional static approaches to web application security are failing us. The interaction before, during, and after authentication is largely ignored. We don't ask the right questions of actors attempting to access our web applications. How sure are you that the act or accessing your site is who they say they are?  How sure are you that you want them accessing your site at all?  Join Aaron as he walks you through asking the questions you should be asking of your users, and how to help prevent abuse, fraud,and otherwise unwanted activity on your web applications. You will learn how to ask the right questions without disrupting user experience.

Aaron Bedra is the Application Security Lead at Braintree Payments. He is the co-author of Programming Clojure, 2nd Edition as well as a frequent contributor to the Clojure language. Aaron is the creator of Repsheet, a reputation based intelligence and security tool for web applications.