Denver June 2007 meeting
The technical presentation was by David Byrne from EchoStar Satellite. He spoke on Anti-DNS pinning attacks, a technique that allows an attacker to leverage cross-site-scripting to turn a web browser into a proxy server. This is done using standard browser functionality; no client-side vulnerabilities are required. The end-result is that network firewalls can are completly bypassed to access internal servers. File:Anti-dns-pinning.ppt Slides
The non/less technical presentation was by David Stevens from Symplified. He discussed methods to calculate Return on Security Investment (ROSI). Considering how difficult it often is to get funding for security initiatives, this is a useful skill for any security professional or security manager.