Difference between revisions of "Los Angeles"

From OWASP
Jump to: navigation, search
(9 intermediate revisions by the same user not shown)
Line 44: Line 44:
 
== '''Next OWASP Meeting'''==
 
== '''Next OWASP Meeting'''==
 
''**NOTE: Date for this event **''
 
''**NOTE: Date for this event **''
==''' 7pm April 23, 2014 at Symantec offices, 900 Corporate Pointe, Culver City, CA 90230'''==
+
==''' 7pm May 28, 2014 at Symantec offices, 900 Corporate Pointe, Culver City, CA 90230'''==
  
   '''Topic:  Stop Chasing Vulnerabilities – Getting Started with Continuous Application Security'''
+
   '''Topic:  Cloud Security Through Threat Modeling
For too long, application security has been “experts-only” and practiced one-app-at-a-time. But modern software development, both technology and process, is mostly incompatible with this old approach and legacy appsec tools.  Software development has been transformed by practices like Continuous Integration and Continuous Integration, and the time has come to bring these efficiencies to security.  In this talk, Jeff will show you how you can transition to a “Continuous Application Security” approach that generates assurance automatically across an entire application security portfolio. Jeff will demonstrate how both open-source and commercial tools (including OWASP ZAP, Mozilla’s Minion, Gauntlt, and others) can be integrated to provide a comprehensive real time application security dashboard.  With this approach, we can leverage the power of big data analytics to gain unprecedented insight into enterprise application security and finally focus on enterprise application security strategy rather than simply chasing the next XSS.
+
  
   '''Speaker: Jeff Williams'''
+
One of the most effective tools developers can implement in their
Jeff Williams has over 20 years of experience in software development and security. Jeff is a founder and CTO of Contrast Security, offering a revolutionary application security technology that accurately identifies vulnerabilities at portfolio scale without requiring experts. Prior to founding Contrast, Jeff was a founder and CEO at Aspect Security. In addition, Jeff helped found the OWASP Foundation where he served as the Global Chair for 8 years and created many open-source standards, tools, libraries, and guidelines – including the OWASP Top Ten.  
+
security development lifecycle programs is threat modeling. Robert will
 +
discuss how effective threat modeling techniques enable developers to
 +
uncover security vulnerabilities before code is even written. Together
 +
they will reveal how threat modeling also applies to cloud environments.
 +
Whether building a hybrid model, purely commodity cloud, or Virtual
 +
Private Cloud (VPC) environment, threat modeling helps identify the
 +
attack surface area and likely threat vectors. Finally, they will explain
 +
to attendees that threat modeling allows developers and operations
 +
personnel to address vulnerabilities as enterprises migrate to the cloud.
 +
 
 +
   '''Speaker:   Robert Zigweid
 +
 
 +
Robert Zigweid As an IOActive Director of Services, Robert Zigweid is responsible to both perform and ensure quality on engagements, working with clients to discover and solve network and application problems that threaten their business goals and assets. Mr. Zigweid is an accomplished developer and application tester, with advanced skills in the creation and analysis of systems architecture and threat modeling.
 +
 
 +
In addition to his direct efforts on penetration tests, security reviews,
 +
and network and application audits, Mr. Zigweid frequently contributes to
 +
the advancement of more stable, secure systems through his research and
 +
development. His research‹and the resultant presentations at top industry
 +
conferences‹furthers the formal understanding of application and network
 +
security for audiences at varying levels of technical fluency.
 +
 
 +
Mr. Zigweid also helped develop IOActive's secure coding and Software
 +
Development Lifecycle training courses, sharing his deep understanding of
 +
industry best practices and guidelines to help our clients develop
 +
applications capable of resisting both internal and external threats.  
  
 
== '''Sponsor: Contrast Security'''==
 
== '''Sponsor: Contrast Security'''==
  
[[Image:Contrastlogo.jpg | 100px |thumb|center|link=http://www1.contrastsecurity.com/]]
+
[[Image:Contrastlogo.jpg | 100px |thumb|center|link=http://www.contrastsecurity.com/]]
 
   
 
   
  
Line 70: Line 93:
 
<!-- *''' [http://appseccali.org/ OWASP AppSec California Summit January 27-28, 2014-] ''' -->
 
<!-- *''' [http://appseccali.org/ OWASP AppSec California Summit January 27-28, 2014-] ''' -->
 
<!-- *''' February 19, 2014 at Symantec offices, 900 Corporate Pointe, Culver City, CA 90230''' -->
 
<!-- *''' February 19, 2014 at Symantec offices, 900 Corporate Pointe, Culver City, CA 90230''' -->
*''' March 19, 2014: Joint Dinner Meeting with ISSA'''
+
<!-- *''' March 19, 2014: Joint Dinner Meeting with ISSA''' -->
*'''April 23, 2014 at Symantec offices, 900 Corporate Pointe, Culver City, CA 90230'''
+
*'''May 28, 2014 at Symantec offices, 900 Corporate Pointe, Culver City, CA 90230'''
 +
    '''Topic: Cloud Security Through Threat Modeling'''
 +
    '''Speaker: Robert Zigweid'''  
  
 
== '''Other Events'''  ==
 
== '''Other Events'''  ==
  
*''' [http://issa-la-feb2014.eventbrite.com/ ISSA-LA February 19, 2014 lunch meeting at Taix French Restaurant - Wednesday, February 19, 2014 11:30am - 1:45pm ] '''
+
<!-- *''' [https://www.eventbrite.com/e/issa-la-april-lunch-meeting-tickets-11075766917?ref=ebtnebregn ISSA-LA April lunch meeting at Taix French Restaurant - Wednesday, April 16, 2014 11:30am - 1:45pm ] '''
 
+
  '''Topic: Hacking Information Security Management'''
*'''Topic: Defending against the largest DDoS attack in history and recent trends in DDoS'''
+
  '''Speaker: Mikhael Felker, Director of Security & Compliance for ReachLocal'''  
 
+
<br> -->
*'''Speaker: Matthew Prince – CEO, CloudFlare'''
+
 
+
 
*''' [http://www.issala.org/summit-vi-may-2014/ ISSA-LA 6th Annual Information Security Summit - Friday, May 16, 2014 at Universal City] '''
 
*''' [http://www.issala.org/summit-vi-may-2014/ ISSA-LA 6th Annual Information Security Summit - Friday, May 16, 2014 at Universal City] '''
  
Line 110: Line 133:
 
*[mailto:tin.zaw@owasp.org Tin Zaw] -- Board Member
 
*[mailto:tin.zaw@owasp.org Tin Zaw] -- Board Member
 
*[mailto:edward@owasp.org Edward Bonver] -- Board Member
 
*[mailto:edward@owasp.org Edward Bonver] -- Board Member
*[mailto:Kelly.Fitzgerald@owasp.org Kelly Fitzgerald] -- Board Member  
+
*[mailto:mike.francis@owasp.org Mike Francis] -- Board Member  
 
*[mailto:Stuart.Schwartz@owasp.org Stuart Schwartz] -- Board Member  
 
*[mailto:Stuart.Schwartz@owasp.org Stuart Schwartz] -- Board Member  
*Mike Francis -- Board Member  
+
*[mailto:aaron.guzman@owasp.org Aaron Guzman] -- Board Member  
*Dave W. -- Board Member  
+
*[mailto:dave.wettenstein@owasp.org Dave Wettenstein] -- Board Member
  
 
Volunteers: Yev Avidon and Mikhael Felker  <br>
 
Volunteers: Yev Avidon and Mikhael Felker  <br>
OWASP Wiki: Mike Francis <br>
+
OWASP Wiki: [mailto:mike.francis@owasp.org Mike Francis] <br>
 
The Los Angeles chapter was founded by Cassio Goldschmidt.  
 
The Los Angeles chapter was founded by Cassio Goldschmidt.  
  

Revision as of 08:25, 28 April 2014

Welcome to the Los Angeles Chapter!

Donatenow.jpg

Single Meeting Supporter: Organizations that wish to support the OWASP Los Angeles Chapter with a 100% tax deductible donation enable the OWASP Foundation to continue its mission

Get the following benefits::

- Meet upwards of 60-90 potential new clients
- Be recognized as a local supporter by posting your company logo on the local chapter page and on our Meetup site(Image size for logos: gif, jpg or png with a size of 150px X 45px at 72dpi or 55px X 80px at 72dpi) 
- Have your marketing write-up included in e-mail blasts sent prior to a monthly meeting.
- Have a table at local chapter meeting 
- Promote your products and services
- Bring a raffle prize to gather business cards

Contact us #Los Angeles Chapter for general questions relating to sponsorship and donations

Announcements

OWASP Los Angeles received the BEST Chapter Leaders award at AppSec USA NY


logo.png

We are on Meetup. Please join our community there.

If you are unable to access Meetup from your work computer as a result of filtering of social sites, we recommend that you view it on your smart phone or via your personal computer.
http://www.meetup.com/OWASP-Los-Angeles/


Become an OWASP Member TODAY

Support your LA Chapter: only $50 for the entire year!
https://www.owasp.org/index.php/Individual_Member


2013 December Holiday Party at Daily Grill in LA

Holiday.jpg


Next OWASP Meeting

**NOTE: Date for this event **

7pm May 28, 2014 at Symantec offices, 900 Corporate Pointe, Culver City, CA 90230

  Topic:  Cloud Security Through Threat Modeling

One of the most effective tools developers can implement in their security development lifecycle programs is threat modeling. Robert will discuss how effective threat modeling techniques enable developers to uncover security vulnerabilities before code is even written. Together they will reveal how threat modeling also applies to cloud environments. Whether building a hybrid model, purely commodity cloud, or Virtual Private Cloud (VPC) environment, threat modeling helps identify the attack surface area and likely threat vectors. Finally, they will explain to attendees that threat modeling allows developers and operations personnel to address vulnerabilities as enterprises migrate to the cloud.

  Speaker:   Robert Zigweid

Robert Zigweid As an IOActive Director of Services, Robert Zigweid is responsible to both perform and ensure quality on engagements, working with clients to discover and solve network and application problems that threaten their business goals and assets. Mr. Zigweid is an accomplished developer and application tester, with advanced skills in the creation and analysis of systems architecture and threat modeling.

In addition to his direct efforts on penetration tests, security reviews, and network and application audits, Mr. Zigweid frequently contributes to the advancement of more stable, secure systems through his research and development. His research‹and the resultant presentations at top industry conferences‹furthers the formal understanding of application and network security for audiences at varying levels of technical fluency.

Mr. Zigweid also helped develop IOActive's secure coding and Software Development Lifecycle training courses, sharing his deep understanding of industry best practices and guidelines to help our clients develop applications capable of resisting both internal and external threats.

Sponsor: Contrast Security

Contrastlogo.jpg


Please RSVP here: http://www.meetup.com/OWASP-Los-Angeles/events/


Would you like to speak at an OWASP Los Angeles Meeting?

Call for Papers (CFP) is NOW OPEN. To speak at upcoming OWASP Los Angeles meetings please submit your BIO and talk abstract via email to Richard Greenberg OR Stuart Schwartz. The talk must be vendor neutral and its content be available under Creative Common 3.0 license.


Upcoming OWASP Meetings

  • May 28, 2014 at Symantec offices, 900 Corporate Pointe, Culver City, CA 90230
   Topic: Cloud Security Through Threat Modeling
   Speaker: Robert Zigweid 

Other Events


Archives of Previous Meetings

2014 Meetings

2013 Meetings

2012 Meetings

2011 Meetings

2010 Meetings

2009 Meetings

2008 Meetings

Presentation Archive


Los Angeles Chapter

Volunteers: Yev Avidon and Mikhael Felker
OWASP Wiki: Mike Francis
The Los Angeles chapter was founded by Cassio Goldschmidt.


The AppSec USA 2010 conference received rave reviews. Thanks to all the volunteers and great speakers who helped make it a success!


Web archive: http://2010.AppSecUSA.org

Videos: http://vimeo.com/user4863863/videos

AppSec Logo.jpg