Difference between revisions of "Los Angeles"

From OWASP
Jump to: navigation, search
(34 intermediate revisions by 2 users not shown)
Line 19: Line 19:
 
== '''Announcements'''  ==
 
== '''Announcements'''  ==
  
=== Mark Your Calendars: Silicon Beach OWASP Summit January 27-28, 2014 ===
+
=== ''' [http://appseccali.org/ Mark Your Calendars: OWASP AppSec California Summit January 27-28, 2014-] ===
  
=== Change in Leadership ===
 
Tin Zaw has been a strong and effective visionary President and Leader for OWASP Los Angeles for several years. He will remain an active member of the Board, but effective January 1, 2013, Tin will be stepping down as Leader. Richard Greenberg -- Current Board Member, will assume this role going forward. We give our thanks to Tin for his efforts and dedication and look forward to the new year under Richard's leadership.
 
  
 +
=== [https://www.owasp.org/index.php/WASPY_Awards_2013 Los Angeles OWASP Chapter Board Nominated for Best Chapter Leader] ===
 +
We have been nominated for the 2013 Global WASPY Awards, and are humbled to share this honor with the leading web application security professionals in the world.
 +
Join OWASP and become a member and show your support by casting your vote!
 +
 +
<br>
 +
===[[OWASP Los Angeles nominated for BEST CHAPTER LEADER]]===
 +
<br>
  
 
'''[http://www.meetup.com/OWASP-Los-Angeles/ http://img1.meetupstatic.com/892670376411449149876/img/header/logo.png]
 
'''[http://www.meetup.com/OWASP-Los-Angeles/ http://img1.meetupstatic.com/892670376411449149876/img/header/logo.png]
Line 39: Line 44:
 
<br>  
 
<br>  
  
== '''Next Meeting Wednesday, July 24, 2013 7PM @ Symantec Offices, 900 Corporate Pointe, Culver City, CA 90230'''==  
+
== '''Next Meeting [https://issaladinnermeeting.eventbrite.com/ OWASP-ISSA Joint Monthly Meeting-] Wednesday September 18, 2013 7PM '''==  
 +
@ [http://maps.google.com/maps?q=11301+Olympic+Blvd.+%23204%2C+West+Los+Angeles%2C+CA The Olympic Collection Banquet & Conference Center 11301 Olympic Blvd. #204, West Los Angeles, CA ]
  
*''' Topic: Security of Mobile Ad Hoc and Wireless Sensor Networks'''
+
'''Speaker''': Jerry Hoff'''<br>
 +
Whitehat Security, VP, Static Code Analysis Division; Managing Partner / Co-Founder, INFRARED SECURITY; Former Developer Security Consulting & FTE Across The Board; Over 10,000 Hours Delivering Technical Training; MS In Computer Science, Washington University
  
*''' Speaker: '''Edward Bonver, CISSP, CSSLP'''
+
'''Topic''': Demonstration of Common Web Vulnerabilities using WebGoat.NET'''<br>
 +
Developers cannot defend against unknown threats.  Understanding vulnerabilities and security controls is an absolute necessity – not only for developers, but for Architects, QA and anyone else involved in the creation of software. This talk starts by making a strong argument for developer education, and how it fits into any organization’s SDLC. From there, we discuss other OWASP resources and projects dedicated to developer education, and an in-depth discussion of OWASP WebGoat.NET – an ASP.NET specific re-design of OWASP which meets the needs and addresses the challenges of modern application security training programs.
 +
<br>
 +
<br>
  
Edward Bonver, CISSP, CSSLP
+
== '''Sponsor: Checkmarx and Trend Micro'''==
Senior Principal Software Engineer
+
Product Security Team, Office of the CTO
+
Symantec Corporation
+
  
== '''Sponsor: Symantec Corporation'''==
+
[[Image:Chx.png |link=http://www.checkmarx.com/]]
 +
<br>
 +
Checkmarx provides the best way for organizations to introduce security into their Software Development Lifecycle (SDLC) which systematically eliminates software risk.
  
[[Image:symantec.gif |link=http://http://www.symantec.com]]
+
The product enables developers and auditors to easily scan un-compiled / un-built code in all major coding languages and identify its security vulnerabilities.
  
Symantec was founded in 1982 by visionary computer scientists. The company has evolved to become one of the world’s largest software companies with more than 18,500 employees in more than 50 countries. They provide security, storage and systems management solutions to help their customers – from consumers and small businesses to the largest global organizations – secure and manage their information-driven world against more risks at more points, more completely and efficiently than any other company.
+
Static Code Analysis (SCA) delivers security and the requirement of incorporating security into the software development lifecycle (SDLC). It is the only proven method to cover the entire code base and identify all the vulnerable areas in the software. In static code analysis the entire code base is abstracted and all code properties and code data-flows are exposed.
 +
 
 +
With Checkmarx's CxSuite, auditors and developers have immediate access to the code analysis results and remediation advice. We provide user friendly, high productivity, flexible and accurate risk intelligence platform that ensures your application remains hacker-proof.
 +
 
 +
[[Image:Iab120x90_1855632.jpeg | link=http://www.trendmicro.com/]]
 +
<br>
 +
Trend Micro Incorporated, a global leader in security software, strives to make the world safe for exchanging digital information.  Our solutions for consumers, businesses and governments provide layered content security to protect information on mobile devices, endpoints, gateways, servers and the cloud.
 +
 
 +
Trend Micro enables the smart protection of information, with innovative security technology that is simple to deploy and manage, and fits an evolving ecosystem.  Leveraging these solutions, organizations can protect their end users, their evolving data center and cloud resources, and their information threatened by sophisticated targeted attacks.
 +
 
 +
All of their solutions are powered by cloud-based global threat intelligence, the Trend Micro™ Smart Protection Network™, and are supported by over 1,200 threat experts around the globe.  For more information, visit www.trendmicro.com.
  
 
===== Please RSVP here: http://www.meetup.com/OWASP-Los-Angeles/events/ =====
 
===== Please RSVP here: http://www.meetup.com/OWASP-Los-Angeles/events/ =====
Line 61: Line 80:
 
== Would you like to speak at an OWASP Los Angeles Meeting? ==  
 
== Would you like to speak at an OWASP Los Angeles Meeting? ==  
  
Call for Papers (CFP) is NOW OPEN. To speak at upcoming OWASP Los Angeles meetings please submit your BIO and talk abstract via email to [mailto:richard.greenberg@owasp.org Richard Greenberg]. The talk must be vendor neutral and its content be available under Creative Common 3.0 license.  
+
Call for Papers (CFP) is NOW OPEN. To speak at upcoming OWASP Los Angeles meetings please submit your BIO and talk abstract via email to [mailto:richard.greenberg@owasp.org Richard Greenberg] OR [mailto:Stuart.Schwartz@owasp.org Stuart Schwartz]. The talk must be vendor neutral and its content be available under Creative Common 3.0 license.  
  
 
<br>  
 
<br>  
Line 67: Line 86:
 
== '''Other Events'''  ==
 
== '''Other Events'''  ==
  
*''' [http://issa-lajulylunchmeeting.eventbrite.com/ ISSA LA Monthly Meeting -July 17, 2013-]
+
*''' [http://www.bsidesoc.org FIRST B-Sides Orange County Conference - Friday, October 4th, 2013 10:30 am - 5:00 pm ]
'''Topic''': HACKTIVISM: security leaks and moral outrage'''<br>
+
<br>
'''Speaker''': David Perry'''<br>
+
 
+
 
+
*''' [http://www.meetup.com/OWASP-OC/ OWASP Orange County Monthly Meeting -July 18, 2013-]
+
'''Topic''': TBD'''<br>
+
'''Speaker''': TBD'''<br>
+
 
+
  
 
*''' [http://www.appsecusa.org/2013/ AppSec USA 2013, NYC November 18-21 at Marriott, NYC] '''
 
*''' [http://www.appsecusa.org/2013/ AppSec USA 2013, NYC November 18-21 at Marriott, NYC] '''
 
AppSec USA is a world-class software security conference for technologists, auditors, risk managers, and entrepreneurs, gathering the world's top practitioner, to share the latest research and practices.
 
AppSec USA is a world-class software security conference for technologists, auditors, risk managers, and entrepreneurs, gathering the world's top practitioner, to share the latest research and practices.
  
 
+
*''' [http://appseccali.org/ OWASP AppSec California Summit January 27-28, 2014-] '''
=== Silicon Beach OWASP Summit January 27-28, 2014 === 
+
<br>
 
+
  
 
== Archives of Previous Meetings  ==
 
== Archives of Previous Meetings  ==
Line 97: Line 108:
 
[[Los Angeles/2008 Meetings|2008 Meetings]]  
 
[[Los Angeles/2008 Meetings|2008 Meetings]]  
  
[[Los Angeles Presentation Archive|List of presentations available from past meetings]] <!--A list of previous presentations conducted at the Los Angeles Chapter can be found [https://www.owasp.org/index.php/Los_Angeles_Previous_Presentations here].-->  
+
[[Los Angeles Presentation Archive | Presentation Archive ]] <!--A list of previous presentations conducted at the Los Angeles Chapter can be found [https://www.owasp.org/index.php/Los_Angeles_Previous_Presentations here].-->  
  
 
<br>  
 
<br>  

Revision as of 14:18, 13 September 2013

Contents

Welcome to the Los Angeles Chapter!

Donatenow.jpg

Single Meeting Supporter: Organizations that wish to support the OWASP Los Angeles Chapter with a 100% tax deductible donation enable the OWASP Foundation to continue its mission

Get the following benefits::

- Meet upwards of 60-90 potential new clients
- Be recognized as a local supporter by posting your company logo on the local chapter page and on our Meetup site(Image size for logos: gif, jpg or png with a size of 150px X 45px at 72dpi or 55px X 80px at 72dpi) 
- Have your marketing write-up included in e-mail blasts sent prior to a monthly meeting.
- Have a table at local chapter meeting 
- Promote your products and services
- Bring a raffle prize to gather business cards

Contact us #Los Angeles Chapter for general questions relating to sponsorship and donations

Announcements

Mark Your Calendars: OWASP AppSec California Summit January 27-28, 2014-

Los Angeles OWASP Chapter Board Nominated for Best Chapter Leader

We have been nominated for the 2013 Global WASPY Awards, and are humbled to share this honor with the leading web application security professionals in the world. Join OWASP and become a member and show your support by casting your vote!


OWASP Los Angeles nominated for BEST CHAPTER LEADER


logo.png

We are on Meetup. Please join our community there.

If you are unable to access Meetup from your work computer as a result of filtering of social sites, we recommend that you view it on your smart phone or via your personal computer.
http://www.meetup.com/OWASP-Los-Angeles/


Become an OWASP Member TODAY

Support your LA Chapter: only $50 for the entire year!
https://www.owasp.org/index.php/Individual_Member


Next Meeting OWASP-ISSA Joint Monthly Meeting- Wednesday September 18, 2013 7PM

@ The Olympic Collection Banquet & Conference Center 11301 Olympic Blvd. #204, West Los Angeles, CA

Speaker: Jerry Hoff
Whitehat Security, VP, Static Code Analysis Division; Managing Partner / Co-Founder, INFRARED SECURITY; Former Developer Security Consulting & FTE Across The Board; Over 10,000 Hours Delivering Technical Training; MS In Computer Science, Washington University

Topic: Demonstration of Common Web Vulnerabilities using WebGoat.NET
Developers cannot defend against unknown threats. Understanding vulnerabilities and security controls is an absolute necessity – not only for developers, but for Architects, QA and anyone else involved in the creation of software. This talk starts by making a strong argument for developer education, and how it fits into any organization’s SDLC. From there, we discuss other OWASP resources and projects dedicated to developer education, and an in-depth discussion of OWASP WebGoat.NET – an ASP.NET specific re-design of OWASP which meets the needs and addresses the challenges of modern application security training programs.

Sponsor: Checkmarx and Trend Micro

Chx.png
Checkmarx provides the best way for organizations to introduce security into their Software Development Lifecycle (SDLC) which systematically eliminates software risk.

The product enables developers and auditors to easily scan un-compiled / un-built code in all major coding languages and identify its security vulnerabilities.

Static Code Analysis (SCA) delivers security and the requirement of incorporating security into the software development lifecycle (SDLC). It is the only proven method to cover the entire code base and identify all the vulnerable areas in the software. In static code analysis the entire code base is abstracted and all code properties and code data-flows are exposed.

With Checkmarx's CxSuite, auditors and developers have immediate access to the code analysis results and remediation advice. We provide user friendly, high productivity, flexible and accurate risk intelligence platform that ensures your application remains hacker-proof.

Iab120x90 1855632.jpeg
Trend Micro Incorporated, a global leader in security software, strives to make the world safe for exchanging digital information. Our solutions for consumers, businesses and governments provide layered content security to protect information on mobile devices, endpoints, gateways, servers and the cloud.

Trend Micro enables the smart protection of information, with innovative security technology that is simple to deploy and manage, and fits an evolving ecosystem. Leveraging these solutions, organizations can protect their end users, their evolving data center and cloud resources, and their information threatened by sophisticated targeted attacks.

All of their solutions are powered by cloud-based global threat intelligence, the Trend Micro™ Smart Protection Network™, and are supported by over 1,200 threat experts around the globe. For more information, visit www.trendmicro.com.

Please RSVP here: http://www.meetup.com/OWASP-Los-Angeles/events/


Would you like to speak at an OWASP Los Angeles Meeting?

Call for Papers (CFP) is NOW OPEN. To speak at upcoming OWASP Los Angeles meetings please submit your BIO and talk abstract via email to Richard Greenberg OR Stuart Schwartz. The talk must be vendor neutral and its content be available under Creative Common 3.0 license.


Other Events


AppSec USA is a world-class software security conference for technologists, auditors, risk managers, and entrepreneurs, gathering the world's top practitioner, to share the latest research and practices.


Archives of Previous Meetings

2013 Meetings

2012 Meetings

2011 Meetings

2010 Meetings

2009 Meetings

2008 Meetings

Presentation Archive


Los Angeles Chapter

Volunteers: Yev Avidon and Mikhael Felker
Volunteer OWASP Wiki: Mike Francis
The Los Angeles chapter was founded by Cassio Goldschmidt.


The AppSec USA 2010 conference received rave reviews. Thanks to all the volunteers and great speakers who helped make it a success!

Web archive: http://2010.AppSecUSA.org

Videos: http://vimeo.com/user4863863/videos

AppSec Logo.jpg