Difference between revisions of "Dallas"

From OWASP
Jump to: navigation, search
m
 
(60 intermediate revisions by 4 users not shown)
Line 1: Line 1:
 
{{Chapter Template|chaptername=Dallas|extra=The chapter leaders are
 
{{Chapter Template|chaptername=Dallas|extra=The chapter leaders are
 
Chapter Lead- [mailto:mparsons@parsonsisconsulting. Matt Parsons]
 
 
Hospitality/Facilities Lead- [mailto:rikjones@dcccd.edu Rik Jones]
 
 
Membership Lead- [mailto:norm.smith75022@gmail.com Norm Smith]
 
  
Speakers Lead- [mailto:pperfetti@impactsecurityllc.com Peter Perfetti]
+
Chapter Lead- [mailto:dsheridan@cigital.com Denis Sheridan]
  
Technology Lead- [mailto:mynoralva@gmail.com Mynor Alvarado]
+
Board Member- [mailto:mparsons@parsonsisconsulting.com Matt Parsons]
 
 
Web Lead- [mailto:jeromme.lawler@astechconsulting.com Jeromme Lawler]
 
 
 
Board Member- [mailto:tshelton@hawkdefense.com Tim Shelton]
 
  
 +
Board Member- [mailto:jeromme.lawler@guggenheimpartners.com Jeromme Lawler]
 
<br>
 
<br>
 
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-dallas|emailarchives=http://lists.owasp.org/pipermail/owasp-dallas}}  
 
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-dallas|emailarchives=http://lists.owasp.org/pipermail/owasp-dallas}}  
  
'''THANKS TO OUR SPONSORS:'''
 
'''The Dallas Chapter of OWASP would like to thank Richland College for hosting our meetings.'''
 
  
 
== Get Connected and Stay Connected  ==
 
== Get Connected and Stay Connected  ==
Line 33: Line 22:
 
| [[Image:Join-us-on-Facebook.jpg|175px|link=http://on.fb.me/fHr5XY]]  
 
| [[Image:Join-us-on-Facebook.jpg|175px|link=http://on.fb.me/fHr5XY]]  
 
| [[Image:Linkedin-button.gif|135px|link=http://linkd.in/g3WxGG]]
 
| [[Image:Linkedin-button.gif|135px|link=http://linkd.in/g3WxGG]]
 +
| [[Image:meetup-button.png|108px|link=https://www.meetup.com/Dallas-The-Open-Web-Application-Security-Project-Meetup/]]
 
|}
 
|}
 +
 +
=== Announcements  ===
 +
 +
== July Meeting ==
 +
 +
 +
'''When:''' Wednesday, July 19, 2017 - 6:00 PM
 +
 +
 +
'''Topic: ''' IoT Security Landscape: Survey & Analysis
 +
 +
 +
Technology allows society to accelerate exponentially. People are connecting Things to the Internet but the benefits aren’t realized without tradeoffs. Companies are embracing IoT to enhance their business plans. Due to many difficult challenges, some IoT Security Alliances have begun to form. At the federal government level, FTC, FCC, DHS and NIST have become involved. Finally, security companies are now proposing IoT security architectures to complement Enterprise solutions. We will review and discuss all these topics.
 +
 +
 +
'''Who:''' Mark Szewczul, CISSP, is an IoT Security Architect at Zimperium with over 20 years of experience from Semiconductor, Telecom/Datacom, and Computing sectors.
  
  
 +
He currently is Director of Marketing at the Dallas/Fort Worth Cisco Users Group, has led the IEEE-Electromagnetic Compatibility Society and co-founded the IEEE-Consumer Electronics Society, both in Dallas. Along the journey, he has mastered design, testing, integration and deployment of numerous systems.  His passion entails implementing best practices of security and privacy principles at all 7-layers and beyond.  He has his MS in Information Science and Systems from Texas A&M University and 3 patents.
  
==== Announcements  ====
 
  
== September Meeting ==
+
'''Where:''' Goldman Sachs - 6011 Connection Drive, Irving, TX 75039, Dallas, TX
  
'''When:''' Wednesday September 11, 2013 from 11:30 AM – 1:00 PM
+
http://meetu.ps/39Tcvb
 +
  
 +
The meeting food & drinks will be sponsored by Security Compass.
  
'''Topic: ''' PCI Mobile Payment Acceptance Security Guidelines for Developers
 
  
The presentation will include a brief introduction to the PCI Mobile Payment Acceptance Security Guidelines documents.  It then describes how Open Web Application Security Project (OWASP) guidance, especially that of the OWASP Mobile Security Project, was referenced in the PCI Mobile Payment Acceptance Security Guidelines for Developers document.  Additionally, this discusses the state of national and international standards that may influence mobile security.
+
IMPORTANT Meeting Notes:
  
 +
The location is a gun-free zone.  Please do not attempt to bring in any guns, holsters, ammo, etc. into their office space.  Also, backpacks, suitcases, and other bags larger than a small purse cannot be brought into the building by guests.
 +
  
'''Who:''' Ralph Spencer Poore, Director, Emerging Standards at PCI Security Standards Council
+
=== Previous Meetings  ===
  
Ralph has over 35 years of information security experience including over twenty years of applied cryptography.  He has written extensively on information security and cryptography; his work is cited in academic papers, national standards, professional journals, and books.  He came to PCI SSC from a small business that was a QSAC where he was a QSA.  In various capacities, he designed and lead teams of developers in cryptographic system projects resulting in patents of systems based on cryptography, e.g., Patent 6,202,933 "Transaction card and methods and apparatus therefor," issued on March 20, 2001, and Patent 20050114218 “Third party privacy system,” issued on May 26, 2005.  In support of classified government projects, assisted in the development of cryptanalytic tools.  Ralph has extensive experience in financial services industry, national and international standards development.
+
== June Meeting ==
  
 +
'''When:''' Tuesday, June 20, 2017 - 6:00 PM
  
'''Where:''' Richland College, 12800 Abrams Road, Dallas, TX 75243, Room: Sabine Hall: SH117
+
'''Topic: ''' From Hot Rodding to Hacking, Securing the Modern Automobile
  
 +
'''Who:''' Art Dahnert is a Managing Consultant who has over 19 years of experience in the software industry with over 8 years Application Security experience. 
  
[http://www.richlandcollege.edu/map/ Map]
+
'''Where:''' Toyota - 5360 Legacy Drive, Building 1, 2nd Floor, Plano, TX
  
 +
'''Materials''': [[media:Hot_Rodding_and_Hacking_v3.pdf]]
  
 
== May Meeting ==
 
== May Meeting ==
'''When:''' Wednesday May 8, 2013 from 11:30 AM – 1:00 PM  
+
'''When:''' Tuesday, May 16, 2017 - 6:00 PM
 +
 
 +
'''Topic: ''' OWASP Dallas Social
 +
 
 +
'''Who:''' OWASP Dallas
 +
 
 +
'''Where:''' Dots Hop House & Cocktail Courtyard - 2645 Commerce Street , Dallas, TX (map)
 +
 
 +
== April Meeting ==
 +
'''When:''' Monday, April 17, 2017 - 6:00 PM
 +
 
 +
'''Topic: ''' AWS Security: Staying on Top of the Cloud
 +
 
 +
'''Who:''' Kurtis Miller is a Principal Security Consultant for NCC Group, North America.
 +
 
 +
'''Where:''' Goldman Sachs - 6011 Connection Drive, Irving, TX 75039, Dallas, TX
 +
 
 +
'''Materials''': [[media:AWS_Security_-_Staying_on_Top_of_the_Cloud.pdf]]
 +
 
 +
== March Meeting ==
 +
'''When:''' Tuesday, March 21, 2017 - 6:00 PM
  
'''Topic: ''' Implementation Patterns for Software Security Programs
+
'''Topic: ''' Secrets Revealed: How Your Competitors are Scaling Application Security
  
'''Who:''' Dan Cornell, Principal, Denim Group
+
'''Who:''' Nishchal Bhalla, is a noted expert, speaker and a published author who has been in the information security field for two decades.
  
'''Where:''' Richland College, 12800 Abrams Road, Dallas, TX 75243, Room: Sabine Hall: SH117
+
'''Where:''' Intuit, Inc. - 5601 Headquarters Dr, Plano, TX
  
[http://www.richlandcollege.edu/map/ Map]
+
'''Materials''': [[media:2017.03_OWASP_Dallas_Presentation_v5.pdf ]] [https://www.securitycompass.com/managingapplicationsecurity2017/ (More Info)]
  
 
== February Meeting ==
 
== February Meeting ==
'''When:''' Wednesday February 6, 2013 from 11:30 AM – 1:00 PM
+
'''When:''' Tuesday, February 21, 2017 - 6:00 PM
 +
 
 +
'''Topic: ''' Secure Architecture In The Land of Microservices
 +
 
 +
'''Who:''' Jack is the CEO at nVisium and focuses on building solutions to make security and education scale in fast-paced software development organizations.
 +
 
 +
'''Where:''' 8000 Dominion Pkwy, Plano, TX - Capital One
 +
 
 +
'''Materials''': [[Media:Microservice_Security.pdf]]
  
'''Topic: ''' Using Webappsec Vulns to Break Censorship
+
== January Meeting ==
 +
'''When:''' January 17 - 6:00 PM
  
'''Who:''' Robert Hansen, a.k.a. rsnake
+
'''Topic: ''' Helping Developers Embrace Security with OWASP Tools
  
'''Where:''' Richland College, 12800 Abrams Road, Dallas, TX 75243, Room: Sabine Hall: SH117
+
'''Who:''' Joseph Konieczka is a Lead Technology Solutions Specialist on the Remedy on Demand infrastructure team at BMC Software.
  
[http://www.richlandcollege.edu/map/ Map]
+
'''Where:''' 6011 Connection Drive, Irving, TX 75039, Dallas, TX - Goldman Sachs
  
 
== November Meeting ==
 
== November Meeting ==
'''When:''' Wednesday November 7, 2012 from 11:30 AM – 1:00 PM  
+
'''When:''' Tuesday, November 8, 2016 - 5:30 PM
 
 
'''Topic: ''' Flame, Stuxnet, One to be Named and the Elderwood Project - Today’s Threat Landscape
 
  
'''Who:''' John R. Hill, CISSP, Principal Security Strategist Security Business Practice Symantec
+
'''Topic: ''' Privacy Preserving Big Data Analytics
  
'''Where:''' Richland College, 12800 Abrams Road, Dallas, TX 75243, Room: Sabine Hall: SH118
+
'''Who:''' Hassan Takabi is Assistant Professor of Computer Science and Engineering at the University of North Texas, Denton, TX, USA.
  
[http://www.richlandcollege.edu/map/ Map]
+
'''Where:'''  Epsilon - 6021 Connection Drive, Irving, TX
  
 
== October Meeting ==
 
== October Meeting ==
'''When:''' Wednesday October 3, 2012 from 11:30 AM – 1:00 PM  
+
'''When:''' Monday, October 17, 2016 - 5:30 PM
  
'''Topic: ''' Exploitation Techniques and Mitigation
+
'''Topic: ''' NoSQL: "No Injections" or "No Security"?
  
'''Who:''' James McFadyen, Information Security Engineer and Director of Customer Support at HAWK Network Defense, Inc
+
'''Who:''' Stark Riedesel is a Security Consultant for Cigital, an industry leader in application security.
  
'''Where:''' Richland College, 12800 Abrams Road, Dallas, TX 75243, Room: Sabine Hall: SH118
+
'''Where:''' Akamai - 15950 Dallas Parkway, Dallas, TX
 
 
[http://www.richlandcollege.edu/map/ Map]
 
  
 
== September Meeting ==
 
== September Meeting ==
'''When:''' Wednesday September 12, 2012 from 11:30 AM – 1:00 PM  
+
'''When:''' Monday, September 19, 2016 - 5:30 PM
  
'''Topic: ''' The Importance of Application Security.
+
'''Topic: ''' Web Attacker’s Toolkit: An in depth analysis of RFI in the wild
  
'''Who:''' Peter Perfetti; Director, Security Services & Operations IMPACT Security, LLC
+
'''Who:''' Tony Lauro is a Lead Sr. Enterprise Security Architect for Akamai's Web Security division.
  
'''Where:''' Richland College, 12800 Abrams Road, Dallas, TX 75243, Room: Sabine Hall: SH118
+
'''Where:''' Akamai - 15950 Dallas Parkway, Dallas, TX
 
 
[http://www.richlandcollege.edu/map/ Map]
 
  
 
== August Meeting ==
 
== August Meeting ==
'''When:''' Wednesday August 1, 2012 from 11:30 AM – 1:00 PM
+
'''When:''' Tuesday, August 16, 2016 - 5:30 PM
 
 
'''Topic: ''' Malicious Math: Recent Real-World Cryptographical and Computational Threats on the Web.
 
 
 
'''Who:''' Derek Soeder, founder, Ridgeway Internet Security
 
  
'''Where:''' Richland College, 12800 Abrams Road, Dallas, TX 75243, Room: Sabine Hall: SH118
+
'''Topic: ''' OWASP Dallas August Social
  
[http://www.richlandcollege.edu/map/ Map]
+
'''Who:''' Dallas OWASP Community
  
'''Slides''': [[Media:Malicious Math - Final.pptx‎]]
+
'''Where:''' Braindead Brewing - 2625 Main St, Dallas, TX
  
 
== July Meeting ==
 
== July Meeting ==
'''When:''' Wednesday July 11, 2012 from 11:30 AM – 1:00 PM
+
'''When:''' Tuesday, July 19, 2016 - 5:30 PM
  
'''Topic: ''' Reinventing Dynamic Testing: Real-Time Hybrid
+
'''Topic: ''' Pen Testing with Powershell
  
'''Who:''' Adam Hils; Senior Product Manager HP Enterprise Security Products
+
'''Who:''' Rajganesh Pandurangan is a Lead Managing Consultant at US Bank and the creator of Web Application Exploitation Distro (http://www.waed.info)
  
'''Where:''' Richland College, 12800 Abrams Road, Dallas, TX 75243, Room: Sabine Hall: SH118
+
'''Where:''' 6011 Connection Drive, Irving, TX 75039, Dallas, TX - Goldman Sachs
  
[http://www.richlandcollege.edu/map/ Map]
+
'''Materials''': [[Media:OWASP-pentest-with-powershell.pptx]]
  
 
== June Meeting ==
 
== June Meeting ==
'''When:''' Wednesday June 6, 2012 from 11:30 AM – 1:00 PM
+
'''When:''' Tuesday, June 21, 2016 - 5:30 PM
  
'''Topic: ''' Is There An End to Testing Ourselves Secure?
+
'''Topic: ''' Web App Testing Stats Compared to The OWASP Top 10
  
'''Who:''' Rohit Sethi; Vice President, Product Development, SD Elements
+
'''Who:''' Joel Scambray is a Principal at Cigital.
  
'''Where:''' Richland College, 12800 Abrams Road, Dallas, TX 75243, Room: Sabine Hall: SH118
+
'''Where:''' 8000 Dominion Pkwy, Plano, TX - Capital One
  
[http://www.richlandcollege.edu/map/ Map]
+
'''Materials''': [[Media:Cigital_Top10_DallasOWASP-062116.pdf]]
  
 
== May Meeting ==
 
== May Meeting ==
 +
'''When:''' Tuesday, May 17, 2016 - 5:30 PM
 +
 +
'''Topic: ''' Can we do better than Passwords?
 +
 +
'''Who:''' Dr. Girish Chiruvolu, CISSP, CISM is Director, Information security and Risk Management at Thomson Reuters, Carrollton TX.
 +
 +
'''Where:''' 6011 Connection Drive, Irving, TX 75039 - Goldman Sachs.
 +
 +
'''Materials''': [[Media:OWASP_May17th_Password-less-logins.pdf]]
  
'''When:''' Wednesday, May 2, 2012 from 11:30 AM to 1:00 PM
+
== April Meeting ==
 +
'''When:''' Tuesday, April 19, 2016 - 5:30 PM
  
'''Topic: ''' OWASP and PCI DSS Requirement 6.5
+
'''Topic: ''' OWASP Happy Hour
  
OWASP and PCI DSS Requirement 6.5. Keeping current with the OWASP top 10 and how it impacts companies PCI compliance and training. Tony will discuss how McAfee complies to the requirement and how McAfee must make changes to match the current top 10 as well has making sure that developers keep up to date on training.
+
'''Who:''' OWASP Dallas Members
 
'''Who:''' Tony Gunn; Director of Security Operations for McAfee
 
 
'''Where:'''
 
North Lake College (Central Campus)
 
5001 N. MacArthur Blvd.
 
Irving, TX 75038
 
Phone: 972-273-3000
 
Building: A
 
Room: 206
 
  
[http://www.northlakecollege.edu/pages/central-campus-directions.aspx Map]
+
'''Where:''' Humperdinks NW Highway - 2208 W Northwest Hwy, Dallas, TX
  
 
== March Meeting ==
 
== March Meeting ==
 +
'''When:''' Tuesday, March 15, 2016 - 5:30 PM
 +
 +
'''Topic: ''' Integrating Security into the Software/System Development Life Cycle (SDLC) Process—Myths and Facts
 +
 +
'''Who:''' Rick Brunner is an Assistant Faculty member at Collin College and is an active member of Collin’s Cyber Security Advisory Board.
 +
 +
'''Where:''' Epsilon - 6021 Connection Drive, Irving, TX.
 +
 +
'''Materials''': [[Media:March_2016_OWASP_-_Secure_SDLC_Presentation_and_Related_Material.zip]]
 +
 +
== February Meeting ==
 +
'''When:''' Wednesday, February 17, 2016 - 5:30 PM
 +
 +
'''Topic: ''' DNS Attack Vectors
 +
 +
'''Who:''' John Devasia is a Senior Product Manager in the Cloud Security BU at Akamai Technologies.
 +
 +
'''Where:''' 6011 Connection Drive, Irving, TX 75039 - Goldman Sachs.
 +
 +
== January Meeting ==
 +
'''When:''' Tuesday, January 19, 2016 - 5:30 PM
 +
 +
'''Topic: ''' Bountiful Bugs and DRM Breakage
 +
 +
'''Who:'''  Dave Ferguson is a Solution Architect at Qualys and has been a specialist in Application Security since 2006.
 +
 +
'''Where:''' 6011 Connection Drive, Irving, TX 75039 - Goldman Sachs.
 +
 +
== November Meeting ==
 +
'''When:''' Tuesday, November 17th, 2015 from 5:30 PM – ?:?? PM
 +
 +
'''Topic: ''' OWASP Dallas Happy Hour
 +
 +
'''Where:''' Mexican Sugar at Shops at Legacy - 7501 Lone Star Drive, Suite 8150, Plano, TX
 +
 +
== October Meeting ==
 +
'''When:''' Wednesday October 7th, 2015 from 11:30 AM – 1:00 PM
  
'''When:''' March 7, 2012, 11:30am - 1:00pm
+
'''Topic: ''' Anatomy of a Logic Flaw
  
'''Topic: ''' AAA for Hybrid Cloud Environment
+
'''Who:''' Charles Henderson is the Vice President of Managed Security Testing at Trustwave.
  
During this session, presented by Symplified, we will explore four areas of interest.
+
'''Where:''' 6011 Connection Drive, Irving, TX 75039.  
  
Web, SaaS, Mobile Application Adoption
+
== September Meeting ==
Protecting sensitive data
+
'''When:''' Thursday September 17th, 2015 from 5:30PM – 6:30 PM
WAM for the Public Cloud
 
Identity Sprawl
 
  
'''Who:''' Cullen Landrum, CISSP is a Senior Systems Engineer at Symplified.
+
'''Topic: ''' Application Security Trends
  
'''Where:'''  
+
'''Who:''' Stephen Pasco is a Vice President of Application Risk at Goldman Sachs
North Lake College (Central Campus), 5001 N. MacArthur Blvd. Irving, TX 75038
 
Phone: 972-273-3000
 
Building: A
 
Room: 206
 
  
[http://www.northlakecollege.edu/pages/central-campus-directions.aspx Map]
+
'''Where:''' 6011 Connection Drive, Irving, TX 75039.  
  
== February Meeting ==
+
== May Meeting ==
 +
'''When:''' Wednesday May 6, 2015 from 11:30 AM – 1:00 PM
  
'''When:''' February 1, 2012, 11:30am - 1:00pm
+
'''Topic: ''' The Future of Mobile Payments: Secure Mobile Architecture
  
'''Topic: ''' Web Application Vulnerability Testing with Nessus
+
'''Who:''' Denis M. Sheridan is a Managing Consultant at Cigital. 
  
'''Who:''' Rik A. Jones is a Senior Information Security Analyst for the Dallas County Community College District (DCCCD)
+
'''Where:''' North Lake College Central Campus, 5001 North MacArthur Boulevard, Irving, Texas 75038, Room: A-215
  
'''Where:'''  
+
== October Meeting ==
SMU
+
'''When:''' Wednesday October 1, 2014 from 11:30 AM – 1:00 PM
Caruth Hall
 
Palmer Conference Center / 406 Caruth Hall
 
3145 Dyer Street
 
Dallas, Texas 75205
 
  
[http://smu.edu/maps/campus.asp Map]
+
'''Topic: '''Succeeding with Enterprise Software Security Key Performance Indicators
(Caruth Hall is building 44 on the campus map link.)
 
  
== January Meeting ==
+
'''Who:''' Rafal Los, Director, Office of the CISO
  
'''When:''' January 11, 2012, 11:30am - 1:00pm
+
'''Where:''' Richland College, 12800 Abrams Road, Dallas, TX 75243, Room: Sabine Hall: SH117
  
'''Topic: ''' OWASP TOP 10
+
== March Meeting ==
 +
'''When:''' Wednesday March 5, 2014 from 11:30 AM – 1:00 PM
  
Power point demonstration of OWASP Top Ten Web Application Security Vulnerabilities with actual hacking examples.  This presentation will cover such vulnerabilities as SQL injection, XSS and CSRF.  Discussion, hands on exercise and question and answer session.
+
'''Topic: ''' OWASP Dallas basic Python tutorial
  
'''Who:''' Matt Parsons, VP Parsons Software Security Consulting
+
'''Who:''' Matt Parsons, CISSP MSM
  
'''Where:'''  
+
'''Where:''' Richland College, 12800 Abrams Road, Dallas, TX 75243, Room: Sabine Hall: SH117
North Lake College (Central Campus)
 
5001 N. MacArthur Blvd.
 
Irving, TX 75038
 
Phone: 972-273-3000
 
Building: G
 
Room: 405
 
  
[http://www.northlakecollege.edu/pages/central-campus-directions.aspx Map]
+
== September Meeting ==
 +
'''When:''' Wednesday September 11, 2013 from 11:30 AM – 1:00 PM
  
 +
'''Topic: ''' PCI Mobile Payment Acceptance Security Guidelines for Developers
  
==== Presentation Archives  ====
+
'''Who:''' Ralph Spencer Poore, Director, Emerging Standards at PCI Security Standards Council
  
== November 7, 2012 ==
+
'''Where:''' Richland College, 12800 Abrams Road, Dallas, TX 75243, Room: Sabine Hall: SH117
  
'''Title: ''' Internet Security Threat Report
+
'''Slides''': [[Media:Dallas OWASP 9-11-2013.pdf]]
  
'''Speaker:''' John R. Hill, CISSP, Principal Security Strategist Security Business Practice Symantec
+
== May Meeting ==
 +
'''When:''' Wednesday May 8, 2013 from 11:30 AM – 1:00 PM
  
'''Slides''':
+
'''Topic: ''' Implementation Patterns for Software Security Programs
[[Media:Symantec_ISTR_17.pdf‎]]
 
  
==February 1, 2012==
+
'''Who:''' Dan Cornell, Principal, Denim Group
  
'''Title''': Web Application Vulnerability Testing with Nessus
+
'''Where:''' Richland College, 12800 Abrams Road, Dallas, TX 75243, Room: Sabine Hall: SH117
  
'''Speaker''': Rik A. Jones, Senior Information Security Analyst for the Dallas County Community College District (DCCCD)
+
[http://www.richlandcollege.edu/map/ Map]
  
'''Slides''':  
+
== February Meeting ==
[[Media:Web Application Vul Testing with Nessus 2012.02.01.pdf‎]]<br>
+
'''When:''' Wednesday February 6, 2013 from 11:30 AM – 1:00 PM
[[Media:OWASP Broken Web Applications 2012.02.01.pdf‎]]
 
  
==January 11, 2012==
+
'''Topic: ''' Using Webappsec Vulns to Break Censorship
  
'''Title''': OWASP TOP 10
+
'''Who:''' Robert Hansen, a.k.a. rsnake
  
'''Speaker''': Matt Parsons, VP Parsons Software Security Consulting
+
'''Where:''' Richland College, 12800 Abrams Road, Dallas, TX 75243, Room: Sabine Hall: SH117
  
'''Slides''': [[Media:OWASPtopTen.pdf‎]]
+
[http://www.richlandcollege.edu/map/ Map]
  
  
 
  __NOTOC__
 
  __NOTOC__
<headertabs />
+
<headertabs></headertabs>
  
 
[[Category:Texas]]
 
[[Category:Texas]]

Latest revision as of 11:21, 23 June 2017

OWASP Dallas

Welcome to the Dallas chapter homepage. The chapter leaders are

Chapter Lead- Denis Sheridan

Board Member- Matt Parsons

Board Member- Jeromme Lawler

Click here to join the local chapter mailing list.

Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

Btn donate SM.gif to this chapter or become a local chapter supporter.


Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG


Get Connected and Stay Connected

In addition to our Mailing List we also have a Dallas OWASP Twitter Feed a Dallas OWASP Facebook Page and a Dallas OWASP Linkedin Group. We invite you to join or follow whichever groups suit you, get involved with your fellow Dallas OWASP Chapter members, and we'll keep them all up to date with the latest official news and announcements from the chapter leadership.

Click any of the links below to visit the corresponding Dallas OWASP social networking groups:

Join the list.png Follow-us-on-twitter.png Join-us-on-Facebook.jpg Linkedin-button.gif Meetup-button.png

Announcements

July Meeting

When: Wednesday, July 19, 2017 - 6:00 PM


Topic: IoT Security Landscape: Survey & Analysis


Technology allows society to accelerate exponentially. People are connecting Things to the Internet but the benefits aren’t realized without tradeoffs. Companies are embracing IoT to enhance their business plans. Due to many difficult challenges, some IoT Security Alliances have begun to form. At the federal government level, FTC, FCC, DHS and NIST have become involved. Finally, security companies are now proposing IoT security architectures to complement Enterprise solutions. We will review and discuss all these topics.


Who: Mark Szewczul, CISSP, is an IoT Security Architect at Zimperium with over 20 years of experience from Semiconductor, Telecom/Datacom, and Computing sectors.


He currently is Director of Marketing at the Dallas/Fort Worth Cisco Users Group, has led the IEEE-Electromagnetic Compatibility Society and co-founded the IEEE-Consumer Electronics Society, both in Dallas. Along the journey, he has mastered design, testing, integration and deployment of numerous systems. His passion entails implementing best practices of security and privacy principles at all 7-layers and beyond. He has his MS in Information Science and Systems from Texas A&M University and 3 patents.


Where: Goldman Sachs - 6011 Connection Drive, Irving, TX 75039, Dallas, TX

http://meetu.ps/39Tcvb


The meeting food & drinks will be sponsored by Security Compass.


IMPORTANT Meeting Notes:

The location is a gun-free zone. Please do not attempt to bring in any guns, holsters, ammo, etc. into their office space. Also, backpacks, suitcases, and other bags larger than a small purse cannot be brought into the building by guests.


Previous Meetings

June Meeting

When: Tuesday, June 20, 2017 - 6:00 PM

Topic: From Hot Rodding to Hacking, Securing the Modern Automobile

Who: Art Dahnert is a Managing Consultant who has over 19 years of experience in the software industry with over 8 years Application Security experience.

Where: Toyota - 5360 Legacy Drive, Building 1, 2nd Floor, Plano, TX

Materials: media:Hot_Rodding_and_Hacking_v3.pdf

May Meeting

When: Tuesday, May 16, 2017 - 6:00 PM

Topic: OWASP Dallas Social

Who: OWASP Dallas

Where: Dots Hop House & Cocktail Courtyard - 2645 Commerce Street , Dallas, TX (map)

April Meeting

When: Monday, April 17, 2017 - 6:00 PM

Topic: AWS Security: Staying on Top of the Cloud

Who: Kurtis Miller is a Principal Security Consultant for NCC Group, North America.

Where: Goldman Sachs - 6011 Connection Drive, Irving, TX 75039, Dallas, TX

Materials: media:AWS_Security_-_Staying_on_Top_of_the_Cloud.pdf

March Meeting

When: Tuesday, March 21, 2017 - 6:00 PM

Topic: Secrets Revealed: How Your Competitors are Scaling Application Security

Who: Nishchal Bhalla, is a noted expert, speaker and a published author who has been in the information security field for two decades.

Where: Intuit, Inc. - 5601 Headquarters Dr, Plano, TX

Materials: media:2017.03_OWASP_Dallas_Presentation_v5.pdf (More Info)

February Meeting

When: Tuesday, February 21, 2017 - 6:00 PM

Topic: Secure Architecture In The Land of Microservices

Who: Jack is the CEO at nVisium and focuses on building solutions to make security and education scale in fast-paced software development organizations.

Where: 8000 Dominion Pkwy, Plano, TX - Capital One

Materials: Media:Microservice_Security.pdf

January Meeting

When: January 17 - 6:00 PM

Topic: Helping Developers Embrace Security with OWASP Tools

Who: Joseph Konieczka is a Lead Technology Solutions Specialist on the Remedy on Demand infrastructure team at BMC Software.

Where: 6011 Connection Drive, Irving, TX 75039, Dallas, TX - Goldman Sachs

November Meeting

When: Tuesday, November 8, 2016 - 5:30 PM

Topic: Privacy Preserving Big Data Analytics

Who: Hassan Takabi is Assistant Professor of Computer Science and Engineering at the University of North Texas, Denton, TX, USA.

Where: Epsilon - 6021 Connection Drive, Irving, TX

October Meeting

When: Monday, October 17, 2016 - 5:30 PM

Topic: NoSQL: "No Injections" or "No Security"?

Who: Stark Riedesel is a Security Consultant for Cigital, an industry leader in application security.

Where: Akamai - 15950 Dallas Parkway, Dallas, TX

September Meeting

When: Monday, September 19, 2016 - 5:30 PM

Topic: Web Attacker’s Toolkit: An in depth analysis of RFI in the wild

Who: Tony Lauro is a Lead Sr. Enterprise Security Architect for Akamai's Web Security division.

Where: Akamai - 15950 Dallas Parkway, Dallas, TX

August Meeting

When: Tuesday, August 16, 2016 - 5:30 PM

Topic: OWASP Dallas August Social

Who: Dallas OWASP Community

Where: Braindead Brewing - 2625 Main St, Dallas, TX

July Meeting

When: Tuesday, July 19, 2016 - 5:30 PM

Topic: Pen Testing with Powershell

Who: Rajganesh Pandurangan is a Lead Managing Consultant at US Bank and the creator of Web Application Exploitation Distro (http://www.waed.info)

Where: 6011 Connection Drive, Irving, TX 75039, Dallas, TX - Goldman Sachs

Materials: Media:OWASP-pentest-with-powershell.pptx

June Meeting

When: Tuesday, June 21, 2016 - 5:30 PM

Topic: Web App Testing Stats Compared to The OWASP Top 10

Who: Joel Scambray is a Principal at Cigital.

Where: 8000 Dominion Pkwy, Plano, TX - Capital One

Materials: Media:Cigital_Top10_DallasOWASP-062116.pdf

May Meeting

When: Tuesday, May 17, 2016 - 5:30 PM

Topic: Can we do better than Passwords?

Who: Dr. Girish Chiruvolu, CISSP, CISM is Director, Information security and Risk Management at Thomson Reuters, Carrollton TX.

Where: 6011 Connection Drive, Irving, TX 75039 - Goldman Sachs.

Materials: Media:OWASP_May17th_Password-less-logins.pdf

April Meeting

When: Tuesday, April 19, 2016 - 5:30 PM

Topic: OWASP Happy Hour

Who: OWASP Dallas Members

Where: Humperdinks NW Highway - 2208 W Northwest Hwy, Dallas, TX

March Meeting

When: Tuesday, March 15, 2016 - 5:30 PM

Topic: Integrating Security into the Software/System Development Life Cycle (SDLC) Process—Myths and Facts

Who: Rick Brunner is an Assistant Faculty member at Collin College and is an active member of Collin’s Cyber Security Advisory Board.

Where: Epsilon - 6021 Connection Drive, Irving, TX.

Materials: Media:March_2016_OWASP_-_Secure_SDLC_Presentation_and_Related_Material.zip

February Meeting

When: Wednesday, February 17, 2016 - 5:30 PM

Topic: DNS Attack Vectors

Who: John Devasia is a Senior Product Manager in the Cloud Security BU at Akamai Technologies.

Where: 6011 Connection Drive, Irving, TX 75039 - Goldman Sachs.

January Meeting

When: Tuesday, January 19, 2016 - 5:30 PM

Topic: Bountiful Bugs and DRM Breakage

Who: Dave Ferguson is a Solution Architect at Qualys and has been a specialist in Application Security since 2006.

Where: 6011 Connection Drive, Irving, TX 75039 - Goldman Sachs.

November Meeting

When: Tuesday, November 17th, 2015 from 5:30 PM – ?:?? PM

Topic: OWASP Dallas Happy Hour

Where: Mexican Sugar at Shops at Legacy - 7501 Lone Star Drive, Suite 8150, Plano, TX

October Meeting

When: Wednesday October 7th, 2015 from 11:30 AM – 1:00 PM

Topic: Anatomy of a Logic Flaw

Who: Charles Henderson is the Vice President of Managed Security Testing at Trustwave.

Where: 6011 Connection Drive, Irving, TX 75039.

September Meeting

When: Thursday September 17th, 2015 from 5:30PM – 6:30 PM

Topic: Application Security Trends

Who: Stephen Pasco is a Vice President of Application Risk at Goldman Sachs

Where: 6011 Connection Drive, Irving, TX 75039.

May Meeting

When: Wednesday May 6, 2015 from 11:30 AM – 1:00 PM

Topic: The Future of Mobile Payments: Secure Mobile Architecture

Who: Denis M. Sheridan is a Managing Consultant at Cigital.

Where: North Lake College Central Campus, 5001 North MacArthur Boulevard, Irving, Texas 75038, Room: A-215

October Meeting

When: Wednesday October 1, 2014 from 11:30 AM – 1:00 PM

Topic: Succeeding with Enterprise Software Security Key Performance Indicators

Who: Rafal Los, Director, Office of the CISO

Where: Richland College, 12800 Abrams Road, Dallas, TX 75243, Room: Sabine Hall: SH117

March Meeting

When: Wednesday March 5, 2014 from 11:30 AM – 1:00 PM

Topic: OWASP Dallas basic Python tutorial

Who: Matt Parsons, CISSP MSM

Where: Richland College, 12800 Abrams Road, Dallas, TX 75243, Room: Sabine Hall: SH117

September Meeting

When: Wednesday September 11, 2013 from 11:30 AM – 1:00 PM

Topic: PCI Mobile Payment Acceptance Security Guidelines for Developers

Who: Ralph Spencer Poore, Director, Emerging Standards at PCI Security Standards Council

Where: Richland College, 12800 Abrams Road, Dallas, TX 75243, Room: Sabine Hall: SH117

Slides: Media:Dallas OWASP 9-11-2013.pdf

May Meeting

When: Wednesday May 8, 2013 from 11:30 AM – 1:00 PM

Topic: Implementation Patterns for Software Security Programs

Who: Dan Cornell, Principal, Denim Group

Where: Richland College, 12800 Abrams Road, Dallas, TX 75243, Room: Sabine Hall: SH117

Map

February Meeting

When: Wednesday February 6, 2013 from 11:30 AM – 1:00 PM

Topic: Using Webappsec Vulns to Break Censorship

Who: Robert Hansen, a.k.a. rsnake

Where: Richland College, 12800 Abrams Road, Dallas, TX 75243, Room: Sabine Hall: SH117

Map