Difference between revisions of "Los Angeles"

From OWASP
Jump to: navigation, search
(4 intermediate revisions by 2 users not shown)
Line 1: Line 1:
 
== Welcome to the Los Angeles Chapter!  ==
 
== Welcome to the Los Angeles Chapter!  ==
  
'''Sponsors and Supporters Donate Here:'''
+
==== [http://www.regonline.com/donation_1044369 Sponsors and Supporters Donate Here] ====
 +
 
 
=====https://www.cvent.com/events/owasp-sponsorship-and-donation/registration-99bc1441e2684ff5b214b0df6b3a9ae3.aspx=====
 
=====https://www.cvent.com/events/owasp-sponsorship-and-donation/registration-99bc1441e2684ff5b214b0df6b3a9ae3.aspx=====
  
 
Single Meeting Supporter:
 
Single Meeting Supporter:
Organizations that wish to support the OWASP Los Angeles Chapter with a 100% tax deductible donation enable the OWASP Foundation to continue its mission  
+
Organizations that wish to support the OWASP Los Angeles Chapter with a 100% tax deductible donation enable the OWASP Foundation to continue its mission  
  
 
Get the following benefits::
 
Get the following benefits::
  - Meet upwards of 60-70 potential new clients
+
  - Meet upwards of 60-90 potential new clients
  - Be recognized as a local supporter by posting your company logo on the local chapter page(Image size for logos: gif, jpg or png with a size of 150px X 45px at 72dpi or 55px X 80px at 72dpi)  
+
  - Be recognized as a local supporter by posting your company logo on the local chapter page and on our Meetup site(Image size for logos: gif, jpg or png with a size of 150px X 45px at 72dpi or 55px X 80px at 72dpi)  
 
  - Have your marketing write-up included in e-mail blasts sent prior to a monthly meeting.
 
  - Have your marketing write-up included in e-mail blasts sent prior to a monthly meeting.
 
  - Have a table at local chapter meeting  
 
  - Have a table at local chapter meeting  
Line 17: Line 18:
 
Contact us [[#Los Angeles Chapter]] for general questions relating to sponsorship and donations  
 
Contact us [[#Los Angeles Chapter]] for general questions relating to sponsorship and donations  
  
== Announcements  ==
+
== '''Announcements''' ==
  
*'''Change in Leadership'''
+
=== Change in Leadership ===
 
Tin Zaw has been a strong and effective visionary President and Leader for OWASP Los Angeles for several years. He will remain an active member of the Board, but effective January 1, 2013, Tin will be stepping down as Leader. Richard Greenberg -- Current Board Member, will assume this role going forward. We give our thanks to Tin for his efforts and dedication and look forward to the new year under Richard's leadership.
 
Tin Zaw has been a strong and effective visionary President and Leader for OWASP Los Angeles for several years. He will remain an active member of the Board, but effective January 1, 2013, Tin will be stepping down as Leader. Richard Greenberg -- Current Board Member, will assume this role going forward. We give our thanks to Tin for his efforts and dedication and look forward to the new year under Richard's leadership.
  
  
*'''http://img1.meetupstatic.com/892670376411449149876/img/header/logo.png
+
'''[http://www.meetup.com/OWASP-Los-Angeles/ http://img1.meetupstatic.com/892670376411449149876/img/header/logo.png]
===== We are on Meetup. Please join our community there. =====
+
==== We are on Meetup. Please join our community there. ====
 +
===== If you are unable to access Meetup from your work computer as a result of filtering of social sites, we recommend that you view it on your smart phone or via your personal computer. =====
  
 
===== http://www.meetup.com/OWASP-Los-Angeles/ =====
 
===== http://www.meetup.com/OWASP-Los-Angeles/ =====
  
 
+
<br>
 
+
== '''OWASP Mailing List'''==
*'''OWASP Mailing List'''
+
 
===== Sign up for the OWASP Los Angeles mailing list, very low volume and spam free.  =====
 
===== Sign up for the OWASP Los Angeles mailing list, very low volume and spam free.  =====
  
Line 37: Line 38:
 
<br>  
 
<br>  
  
== Next Meeting  January 23, 7PM:==  
+
== '''Next Meeting  February 20, 7PM:'''==  
 
*'''At: Symantec Offices'''
 
*'''At: Symantec Offices'''
  
 
*900 Corporate Pointe, Culver City, CA 90230
 
*900 Corporate Pointe, Culver City, CA 90230
  
 +
*Note the change in date, due to RSA
  
== Speaker: Jim Manico from Whitehat Security==
 
*'''Abstract: Top Ten Web Defenses'''
 
  
We cannot “firewall” or “patch” our way to secure websites. In the past, security professionals thought firewalls, Secure Sockets Layer (SSL), patching, and privacy policies were enough. Today, however, these methods are outdated and ineffective, as attacks on prominent, well-protected websites are occurring every day. Website developers must learn to code in a secure fashion to have any chance of providing organizations with proper defenses in the current threat-scape. The session will provide specific tips and guidelines to make website code both low risk and less vulnerable.
 
  
*'''Bio:''' Jim Manico
+
== '''Speaker: iMan Louis''' ==
Jim is the VP of Security Architecture for WhiteHat Security. Jim is also the host of the OWASP Podcast Series, is the committee chair of the OWASP Connections Committee, is the project manager of the OWASP Cheatsheet series, and is a significant contributor to several additional OWASP projects. Jim provides secure coding and developer awareness training for WhiteHat Security using his 8+ years of experience delivering developer-training courses for SANS, Aspect Security and others. He brings 16 years of database-driven Web software development and analysis experience to WhiteHat and OWASP as well. Jim works on the beautiful island of Kauai, Hawaii where he lives with his wife Tracey.
+
*''' Abstract: Secure Password Storage Practices '''
 +
(or Why "Hashing + Salting != Secure Passwords")
  
== Sponsor: Whitehat Security==
+
Many web applications require passwords that are hard for users to remember, cumbersome to type, yet easy for hackers to crack. With affordable, lightning-fast hardware aiding hackers, we have recently seen a number of large organizations in the news for user-password security failures. Join us as we discuss common attacks on password lists/tables as well as some password storage practices that can make any cracking attempts not worth the attackers’ time.
Founded in 2001 and headquartered in Santa Clara, California, WhiteHat Security provides end-to-end solutions for Web security. The company's cloud technology platform and leading security engineers turn verified security intelligence into actionable insights for customers. Through a combination of core products and strategic partnerships, WhiteHat Security provides complete Web security at a scale unmatched in the industry. WhiteHat Sentinel, the company's flagship product line, manages thousands of websites --
+
 
including sites in the most regulated industries as well as top ecommerce, finance and healthcare companies.
+
 
www.whitehatsec.com
+
*'''Bio: iMan Louis '''
 +
iMan is a Senior Consultant with Cigital Inc., where he conducts security code reviews, ethical hacking, and web application security assessments for some of the largest global corporations. He has also developed courseware for Cigital's Defensive Programming course series and delivered instructor-led training for many years. He brings 12 years of experience in software development and application security. iMan has recently moved from San Francisco to the Greater L.A. area and is looking forward to being an active member of our L.A. OWASP chapter.
 +
 
 +
 
 +
== '''Sponsors: Arxan Technologies and Cigital'''==
 +
''' Arxan Technologies '''
 +
 
 +
Sharing thought leadership & best practices on mobile apps security.
 +
 
 +
MOBILE APPLICATION PROTECTION
 +
Application Security for Digital Media, Enterprise, Financial Institutions, Gaming, Software Publishers and more.
 +
 
 +
WORLD LEADER IN PROTECTING THE APP ECONOMY
 +
Security for Mobile, Desktop, Embedded and Server Applications.
 +
 
 +
ACTIVE CONTENT PROTECTION TO SECURE PREMIUM CONTENT AND DIGITAL MEDIA APPLICATIONS
 +
 
 +
ANTI-TAMPER, ANTI-PIRACY SOFTWARE PROTECTION
 +
Prevent lost revenue and compromise of intellectual property from hacker attacks in global markets
 +
 
 +
 
 +
''' Cigital '''
 +
 
 +
The world’s largest consulting firm specializing in software security
 +
 
 +
Cigital, Inc is the global leader in helping organizations design, build, and maintain secure software. Our unique expertise, technologies, and training services are a culmination of over twenty years of research and thousands of successful software security consulting engagements at leading public and private organizations throughout the world.
  
  
Line 60: Line 85:
 
<br>
 
<br>
  
<br>
 
 
== Would you like to speak at an OWASP Los Angeles Meeting? ==  
 
== Would you like to speak at an OWASP Los Angeles Meeting? ==  
  
Call for Papers (CFP) is NOW OPEN. To speak at upcoming OWASP Los Angeles meetings please submit your BIO and talk abstract via email to [mailto:tin.zaw@owasp.org Tin Zaw]. The talk must be vendor neutral and its content be available under Creative Common 3.0 license.  
+
Call for Papers (CFP) is NOW OPEN. To speak at upcoming OWASP Los Angeles meetings please submit your BIO and talk abstract via email to [mailto:richard.greenberg@owasp.org Richard Greenberg]. The talk must be vendor neutral and its content be available under Creative Common 3.0 license.  
  
 
<br>  
 
<br>  
  
== Other Events  ==
+
== '''Other Events''' ==
 
*'''ISSA Los Angeles Monthly Meeting'''
 
*'''ISSA Los Angeles Monthly Meeting'''
        Special Discount for OWASP Members
+
        Special Discount for OWASP Members
         WEDNESDAY, January  16, 2013 11:30 AM - 1:45 PM
+
         WEDNESDAY, Feb 20, 2013 11:30 AM - 1:45 PM
 
         at Les Freres Taix French Restaurant
 
         at Les Freres Taix French Restaurant
 
         1911 West Sunset Blvd., LA, Ca 90026
 
         1911 West Sunset Blvd., LA, Ca 90026
Line 76: Line 100:
 
         issala.org
 
         issala.org
  
*'''OWASP Orange County Q1 Meeting'''
+
*''' [http://www.issala.org/summit/ Early Bird Registration now open for the ISSA LA Security Summit May 21 at the Universal City Hilton] '''
        January 17 6PM
+
        Topic: Putting your robots to work: security automation at Twitter
+
        Presenter: Neil Matatall and Justin Collins
+
        http://www.meetup.com/OWASP-OC/events/96085252/
+
  
  
Line 107: Line 127:
  
 
Volunteer OWASP Leaders: Yev Avidon and Mikhael Felker  <br>
 
Volunteer OWASP Leaders: Yev Avidon and Mikhael Felker  <br>
Los Angeles chapter was founded by Cassio Goldschmidt.  
+
The Los Angeles chapter was founded by Cassio Goldschmidt.  
  
 
<br>The AppSec USA 2010 conference received rave reviews. Thanks to all the volunteers and great speakers who helped make it a success!  
 
<br>The AppSec USA 2010 conference received rave reviews. Thanks to all the volunteers and great speakers who helped make it a success!  

Revision as of 05:00, 9 February 2013

Contents

Welcome to the Los Angeles Chapter!

Sponsors and Supporters Donate Here

https://www.cvent.com/events/owasp-sponsorship-and-donation/registration-99bc1441e2684ff5b214b0df6b3a9ae3.aspx

Single Meeting Supporter: Organizations that wish to support the OWASP Los Angeles Chapter with a 100% tax deductible donation enable the OWASP Foundation to continue its mission

Get the following benefits::

- Meet upwards of 60-90 potential new clients
- Be recognized as a local supporter by posting your company logo on the local chapter page and on our Meetup site(Image size for logos: gif, jpg or png with a size of 150px X 45px at 72dpi or 55px X 80px at 72dpi) 
- Have your marketing write-up included in e-mail blasts sent prior to a monthly meeting.
- Have a table at local chapter meeting 
- Promote your products and services
- Bring a raffle prize to gather business cards

Contact us #Los Angeles Chapter for general questions relating to sponsorship and donations

Announcements

Change in Leadership

Tin Zaw has been a strong and effective visionary President and Leader for OWASP Los Angeles for several years. He will remain an active member of the Board, but effective January 1, 2013, Tin will be stepping down as Leader. Richard Greenberg -- Current Board Member, will assume this role going forward. We give our thanks to Tin for his efforts and dedication and look forward to the new year under Richard's leadership.


logo.png

We are on Meetup. Please join our community there.

If you are unable to access Meetup from your work computer as a result of filtering of social sites, we recommend that you view it on your smart phone or via your personal computer.
http://www.meetup.com/OWASP-Los-Angeles/


OWASP Mailing List

Sign up for the OWASP Los Angeles mailing list, very low volume and spam free.
https://lists.owasp.org/mailman/listinfo/owasp-losangeles


Next Meeting February 20, 7PM:

  • At: Symantec Offices
  • 900 Corporate Pointe, Culver City, CA 90230
  • Note the change in date, due to RSA


Speaker: iMan Louis

  • Abstract: Secure Password Storage Practices

(or Why "Hashing + Salting != Secure Passwords")

Many web applications require passwords that are hard for users to remember, cumbersome to type, yet easy for hackers to crack. With affordable, lightning-fast hardware aiding hackers, we have recently seen a number of large organizations in the news for user-password security failures. Join us as we discuss common attacks on password lists/tables as well as some password storage practices that can make any cracking attempts not worth the attackers’ time.


  • Bio: iMan Louis

iMan is a Senior Consultant with Cigital Inc., where he conducts security code reviews, ethical hacking, and web application security assessments for some of the largest global corporations. He has also developed courseware for Cigital's Defensive Programming course series and delivered instructor-led training for many years. He brings 12 years of experience in software development and application security. iMan has recently moved from San Francisco to the Greater L.A. area and is looking forward to being an active member of our L.A. OWASP chapter.


Sponsors: Arxan Technologies and Cigital

Arxan Technologies

Sharing thought leadership & best practices on mobile apps security.

MOBILE APPLICATION PROTECTION Application Security for Digital Media, Enterprise, Financial Institutions, Gaming, Software Publishers and more.

WORLD LEADER IN PROTECTING THE APP ECONOMY Security for Mobile, Desktop, Embedded and Server Applications.

ACTIVE CONTENT PROTECTION TO SECURE PREMIUM CONTENT AND DIGITAL MEDIA APPLICATIONS

ANTI-TAMPER, ANTI-PIRACY SOFTWARE PROTECTION Prevent lost revenue and compromise of intellectual property from hacker attacks in global markets


Cigital

The world’s largest consulting firm specializing in software security

Cigital, Inc is the global leader in helping organizations design, build, and maintain secure software. Our unique expertise, technologies, and training services are a culmination of over twenty years of research and thousands of successful software security consulting engagements at leading public and private organizations throughout the world.


Please RSVP here: http://www.meetup.com/OWASP-Los-Angeles/events/


Would you like to speak at an OWASP Los Angeles Meeting?

Call for Papers (CFP) is NOW OPEN. To speak at upcoming OWASP Los Angeles meetings please submit your BIO and talk abstract via email to Richard Greenberg. The talk must be vendor neutral and its content be available under Creative Common 3.0 license.


Other Events

  • ISSA Los Angeles Monthly Meeting
       Special Discount for OWASP Members
       WEDNESDAY, Feb 20, 2013 11:30 AM - 1:45 PM
       at Les Freres Taix French Restaurant
       1911 West Sunset Blvd., LA, Ca 90026
       (213) 484-1265
       issala.org


Archives of Previous Meetings

2012 Meetings

2011 Meetings

2010 Meetings

2009 Meetings

2008 Meetings

List of presentations available from past meetings


Los Angeles Chapter

Volunteer OWASP Leaders: Yev Avidon and Mikhael Felker
The Los Angeles chapter was founded by Cassio Goldschmidt.


The AppSec USA 2010 conference received rave reviews. Thanks to all the volunteers and great speakers who helped make it a success!

Web archive: http://2010.AppSecUSA.org

Videos: http://vimeo.com/user4863863/videos

AppSec Logo.jpg