Difference between revisions of "Des Moines"

From OWASP
Jump to: navigation, search
(Tuesday September 23, 2014)
 
(9 intermediate revisions by 2 users not shown)
Line 8: Line 8:
  
 
==Upcoming Events ==
 
==Upcoming Events ==
 
+
=== Thursday, February 18, 2016 ===
=== Oct/Nov 2013 - '''TBD''' ===
+
<br/>Location: DHI Group, Inc. Urbandale office
 +
<p>
 +
<br/>OWASP DSM Leadership Round Table
 +
<br/>This is going to be a meeting for anyone willing to help organize events for the Des Moines OWASP chapter in 2016. Please come with ideas for topics, speakers, sponsors, and anything else you think would make the group better. Food and drink will be provided.
  
 
==Past Events ==
 
==Past Events ==
 +
 +
=== Tuesday September 23, 2014 ===
 +
<br/>Location: Dice Holdings, Inc. Urbandale office
 +
<br/>Sponsored by [http://www.midamericanenergy.com/ MidAmerican Energy]
 +
<p>
 +
<br/>ZAP ([https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project Zed Attack Proxy]) Workshop
 +
<br/>Remote training session by Russ McRee on the use of ZAP, followed by Q&A and a workshop session with local targets. Bring a laptop!
 +
<br/>Russ is Director of Threat Intelligence & Engineering at Microsoft, a handler at the Internet Storm Center, and author of the <em>toolsmith</em> column for the ISSA Journal.
 +
 +
</p>
 +
 +
=== Wed November 13, 2013 ===
 +
<br/>Location: Meredith Corporation
 +
<br/>Sponsored by [http://www.riverbed.com/products-solutions/products/application-delivery-stingray/ Riverbed Technology - Stingray BU]
 +
<p>
 +
<br/>Presenter: Matthew Sullivan, "Advanced Client-Side Protections"
 +
<br/>Web programmers often cover the web security basics, like implementing anti-XSS and anti-CSRF controls, but often remain unaware of new client-side security directives, like Content Security Policy, HTTP Strict Transport Security, and X-Frame-Origin.  This presentation will describe what these three controls do to protect end-users, and what technical challenges an organization might face if they wish to implement these controls in their web applications.
 +
<br/>Matthew is a Security Vulnerability Analyst for WebFilings
 +
 +
</p>
 +
 +
<br/>Presenter: Jason Braddy, "Self-Defending Web Infrastructure"
 +
<br/>While it seems clear that security can't effectively be "bolted on" to insecure applications, infrastructure elements still have a role to play in a comprehensive strategy. Thoughtful use of technologies that may already be in place can provide a number of options for improving detection, protection, and response capabilities.
 +
<br/>Jason is a Network Engineer for Dice Holdings, Inc.
  
 
 
Line 17: Line 44:
  
 
<br/>Location: Dice Holdings, Inc.
 
<br/>Location: Dice Holdings, Inc.
<br/>Sponsored by White Hat Security
+
<br/>Sponsored by [https://www.whitehatsec.com White Hat Security]
 
<p>
 
<p>
 
<br/>Presenter: Ethan Wilder, "CSRF: Inside the Magic"
 
<br/>Presenter: Ethan Wilder, "CSRF: Inside the Magic"
Line 27: Line 54:
 
[[Category:OWASP Chapter]]
 
[[Category:OWASP Chapter]]
 
[[Category:United_States]]
 
[[Category:United_States]]
 +
[[Category:Iowa]]

Latest revision as of 18:37, 8 February 2016

OWASP Des Moines

Welcome to the Des Moines chapter homepage. The chapter leader is Jason Braddy.
Click here to join the local chapter mailing list.

Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

Btn donate SM.gif to this chapter or become a local chapter supporter.

Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG

Local News

Everyone is welcome to join us at our chapter meetings.

Follow us on Twitter! https://www.twitter.com/owaspDSM

Upcoming Events

Thursday, February 18, 2016


Location: DHI Group, Inc. Urbandale office


OWASP DSM Leadership Round Table
This is going to be a meeting for anyone willing to help organize events for the Des Moines OWASP chapter in 2016. Please come with ideas for topics, speakers, sponsors, and anything else you think would make the group better. Food and drink will be provided.

Past Events

Tuesday September 23, 2014


Location: Dice Holdings, Inc. Urbandale office
Sponsored by MidAmerican Energy <p>
ZAP (Zed Attack Proxy) Workshop
Remote training session by Russ McRee on the use of ZAP, followed by Q&A and a workshop session with local targets. Bring a laptop!
Russ is Director of Threat Intelligence & Engineering at Microsoft, a handler at the Internet Storm Center, and author of the toolsmith column for the ISSA Journal.

Wed November 13, 2013


Location: Meredith Corporation
Sponsored by Riverbed Technology - Stingray BU


Presenter: Matthew Sullivan, "Advanced Client-Side Protections"
Web programmers often cover the web security basics, like implementing anti-XSS and anti-CSRF controls, but often remain unaware of new client-side security directives, like Content Security Policy, HTTP Strict Transport Security, and X-Frame-Origin. This presentation will describe what these three controls do to protect end-users, and what technical challenges an organization might face if they wish to implement these controls in their web applications.
Matthew is a Security Vulnerability Analyst for WebFilings


Presenter: Jason Braddy, "Self-Defending Web Infrastructure"
While it seems clear that security can't effectively be "bolted on" to insecure applications, infrastructure elements still have a role to play in a comprehensive strategy. Thoughtful use of technologies that may already be in place can provide a number of options for improving detection, protection, and response capabilities.
Jason is a Network Engineer for Dice Holdings, Inc.


Wed August 14, 2013 - OWASP Des Moines Inaugural Meeting


Location: Dice Holdings, Inc.
Sponsored by White Hat Security


Presenter: Ethan Wilder, "CSRF: Inside the Magic"
Ethan Wilder is a long time computer security enthusiast with a special interest in web application security. He's currently pursuing a masters degree in Information Assurance from Iowa State University by night and working as a software developer at Farmers Mutual Hail by day.