Difference between revisions of "Kansas City"

From OWASP
Jump to: navigation, search
(Upcoming Meetings)
(Past Meetings)
(37 intermediate revisions by 2 users not shown)
Line 1: Line 1:
 
{{Chapter Template|chaptername=Kansas City|extra=If you have any questions about the Kansas City Chapter after reading this page, please send an email to our chapter leader [mailto:caughron@gmail.com Mat Caughron]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-kansascity|emailarchives=http://lists.owasp.org/pipermail/owasp-kansascity}}
 
{{Chapter Template|chaptername=Kansas City|extra=If you have any questions about the Kansas City Chapter after reading this page, please send an email to our chapter leader [mailto:caughron@gmail.com Mat Caughron]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-kansascity|emailarchives=http://lists.owasp.org/pipermail/owasp-kansascity}}
  
<paypal>Kansas City</paypal>
+
 
  
 
== Upcoming Meetings ==
 
== Upcoming Meetings ==
 
I am pleased to announce that the details for our next OWASP Kansas City chapter meeting have been finalized.  We will get together on Thursday, June 17, 2010 starting at 6:00 PM and finishing around 8:00 PM.  Add the event to your calendar today so you don't miss this opportunity to learn about web application security and network with your peers.  Note the location this month is right near Kansas City's Union Station, a block north of the World War I memorial.
 
 
  
 
'''Date:'''  
 
'''Date:'''  
June 17, 2010 6:00 PM - 8:00 PM
+
Thurs, June 20, 2013<br>
 
+
6:30 PM
'''Location:'''
+
 
+
Balance Point    2300 Main Street  Kansas City, MO 64108-2450
+
 
+
'''Agenda:'''
+
 
+
6:00-7:15: “The Role of Pen Testing and Application Scanning as part of an
+
Enterprise Information Systems Risk Management Framework.
+
Sub title: Selling the value of your work at the executive level
+
 
+
 
+
'''Speaker:'''
+
 
+
James Connolly, CISSP CISA, information security consultant
+
 
+
 
+
<ul><small>
+
Topic is on how to interface with management.
+
* Roles of penetration tests and application scans
+
* Risk management framework as a context for web application work
+
* How best to influence the executive
+
</small></ul>
+
  
 +
'''Location: (confirmed)'''
 +
Johnson County Community College<br>
 +
Regnier Center Room 344.
  
 +
'''Meeting Topic:'''
 +
Adding Risk Analysis and KPI Reporting to Your WebApp/Vuln Scanning
 +
<br>
 +
<br>
 +
Discovering your enterprise vulnerabilities has become much easier with scanning tools. However, many organizations still struggle with handling the vulnerabilities that have been identified. Which ones should we fix first, and which ones can we ignore? Who should be responsible for the remediation task, and how can we hold them accountable? These questions and others common struggles for organizations large and not-so-large. In this presentation, we will look at:
 +
<br>Methods to consolidate and de-duplicate scanning results from leading security tools,
 +
<br>Automatically correlate results with assets, incidents, controls, policies, and other compliance/security data,
 +
<br>Conduct risk scoring of each vulnerability and calculate inherent/residual risk scores for the vulnerability, asset, system, facility, and other records,
 +
<br>Assign remediation workflow for vulnerabilities and hold owners accountable,
 +
<br>Correlate scanning results with industry feeds such as US-CERT's NVD and iDefense,
 +
<br>Report on Key Performance Indicators (KPIs) such as workflow performance, trends per webapp/platform/Business Unit/Facility, and other categories.
  
 +
'''Speaker Bio:'''
 +
<br>
 +
Larry Slobodzian is a Senior Solution Engineer at LockPath and an Adjunct Professor of Information Systems at Baker University. With over 16 years of networking, compliance, and security experience, Larry has broad experience with solving complex business problems leveraging technology. He is a Veteran Marine with an MBA and technical certifications, making him one of the most dangerous Doctor Who fans in Kansas City.
  
'''7:15 - 8:00 open discussion and chapter business meeting and networking'''
+
<br>
 +
<br>
  
  
  
Attendance of OWASP meetings is free and anyone interested in web application security is welcome to attend.  Pass on this meeting announcement to anyone else that would benefit from joining us.
+
<br><br>
  
  
Line 54: Line 47:
 
== Past Meetings ==
 
== Past Meetings ==
 
Thanks to the speakers for sharing with us at our past chapter meetings.  Any presentation handouts or associated documents are shared through the following meeting summaries:
 
Thanks to the speakers for sharing with us at our past chapter meetings.  Any presentation handouts or associated documents are shared through the following meeting summaries:
 +
*[[Kansas_City_June_2013_Meeting|June 2013 Meeting]]
 +
*[[Kansas_City_JApril_2013_Meeting|April 2013 Meeting]]
 +
*[[Kansas_City_Jan_2013_Meeting|January 2013 Meeting]]
 +
*[[Kansas_City_Sept_2012_Meeting|September 2012 Meeting]]
 +
*[[Kansas_City_June_21_2012_Meeting|June 21 2012 Meeting]]
 +
*[[Kansas_City_April_2012_Meeting|April 2012 Meeting]]
 +
*[[Kansas_City_February_2012_Meeting|February 2012 Meeting]]
 +
*[[Kansas_City_November_17_2011_Meeting|November 17 2011 Meeting]]
 +
*[[Kansas_City_November_10_2011_Meeting|November 10 2011 Meeting]]
 +
*[[Kansas_City_September_2011_Meeting|September 2011 Meeting]]
 +
*[[Kansas_City_August_2011_Meeting|August 2011 Meeting]]
 +
*[[Kansas_City_June_2011_Event|June 2011 Event]]
 +
*[[Kansas_City_February_2011_Meeting|February 2011 Meeting]]
 +
*[[Kansas_City_October_2010_Meeting|October 2010 Meeting]]
 +
*[[Kansas_City_August_2010_Meeting|August 2010 Meeting]]
 +
*[[Kansas_City_June_2010_Meeting|June 2010 Meeting]]
 +
*[[Kansas_City_April_2010_Meeting|April 2010 Meeting]]
 
*[[Kansas_City_February_2010_Meeting|February 2010 Meeting]]
 
*[[Kansas_City_February_2010_Meeting|February 2010 Meeting]]
 
*[[Kansas_City_December_2009_Meeting|December 2009 Meeting]]
 
*[[Kansas_City_December_2009_Meeting|December 2009 Meeting]]

Revision as of 16:20, 30 May 2013

Contents

OWASP Kansas City

Welcome to the Kansas City chapter homepage. If you have any questions about the Kansas City Chapter after reading this page, please send an email to our chapter leader Mat Caughron
Click here to join the local chapter mailing list.

Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is and open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

Btn donate SM.gif to this chapter or become a local chapter supporter.

Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG


Upcoming Meetings

Date: Thurs, June 20, 2013
6:30 PM

Location: (confirmed) Johnson County Community College
Regnier Center Room 344.

Meeting Topic: Adding Risk Analysis and KPI Reporting to Your WebApp/Vuln Scanning

Discovering your enterprise vulnerabilities has become much easier with scanning tools. However, many organizations still struggle with handling the vulnerabilities that have been identified. Which ones should we fix first, and which ones can we ignore? Who should be responsible for the remediation task, and how can we hold them accountable? These questions and others common struggles for organizations large and not-so-large. In this presentation, we will look at:
Methods to consolidate and de-duplicate scanning results from leading security tools,
Automatically correlate results with assets, incidents, controls, policies, and other compliance/security data,
Conduct risk scoring of each vulnerability and calculate inherent/residual risk scores for the vulnerability, asset, system, facility, and other records,
Assign remediation workflow for vulnerabilities and hold owners accountable,
Correlate scanning results with industry feeds such as US-CERT's NVD and iDefense,
Report on Key Performance Indicators (KPIs) such as workflow performance, trends per webapp/platform/Business Unit/Facility, and other categories.

Speaker Bio:
Larry Slobodzian is a Senior Solution Engineer at LockPath and an Adjunct Professor of Information Systems at Baker University. With over 16 years of networking, compliance, and security experience, Larry has broad experience with solving complex business problems leveraging technology. He is a Veteran Marine with an MBA and technical certifications, making him one of the most dangerous Doctor Who fans in Kansas City.







Please note:

  • Attendance at an OWASP chapter meeting is free and open to anyone interested in web application security
  • No registration is required, although RSVPs to the chapter leader are appreciated
  • Professionals with CISSPs, or other certifications, can earn CPE credits by attending


We meet at least once a quarter to discuss application security. If you have an interesting topic you'd like to present or discuss at future meetings, please send an email to caughron[at]gmail com. Or, get a discussion going by posting a message to our mailing list.

Past Meetings

Thanks to the speakers for sharing with us at our past chapter meetings. Any presentation handouts or associated documents are shared through the following meeting summaries: