- 1 Welcome to the Los Angeles Chapter!
- 2 Announcements
- 2.1 Mark Your Calendars: OWASP AppSec California Summit January 27-28, 2014-
- 2.2 Los Angeles OWASP Chapter Nominated for Best Chapter Leader
- 3 Become an OWASP Member TODAY
- 4 Next Meeting Wednesday, August 28, 2013 7PM @ Symantec Offices, 900 Corporate Pointe, Culver City, CA 90230
- 5 Sponsor: SecureAuth
- 6 Would you like to speak at an OWASP Los Angeles Meeting?
- 7 Other Events
- 8 Archives of Previous Meetings
- 9 Los Angeles Chapter
Welcome to the Los Angeles Chapter!
Single Meeting Supporter: Organizations that wish to support the OWASP Los Angeles Chapter with a 100% tax deductible donation enable the OWASP Foundation to continue its mission
Get the following benefits::
- Meet upwards of 60-90 potential new clients - Be recognized as a local supporter by posting your company logo on the local chapter page and on our Meetup site(Image size for logos: gif, jpg or png with a size of 150px X 45px at 72dpi or 55px X 80px at 72dpi) - Have your marketing write-up included in e-mail blasts sent prior to a monthly meeting. - Have a table at local chapter meeting - Promote your products and services - Bring a raffle prize to gather business cards
Contact us #Los Angeles Chapter for general questions relating to sponsorship and donations
Los Angeles OWASP Chapter Nominated for Best Chapter Leader
We have been nominated for the 2013 Global WASPY Awards, and are humbled to share this honor with the leading web application security professionals in the world. Best Chapter Leaders
We are on Meetup. Please join our community there.
Become an OWASP Member TODAY
Support your LA Chapter: only $50 for the entire year!
Next Meeting Wednesday, August 28, 2013 7PM @ Symantec Offices, 900 Corporate Pointe, Culver City, CA 90230
- Topic: Layer 7 DDos Attacks
In this talk we will examine different DoS attack techniques used against cloud services. Many attacks discussed in the presentation target the application layer of the service, are highly efficient and asymmetric. In some cases, a single HTTP request of less than 50 bytes is sufficient to knock out a server until reboot. In addition to describing the attacks, we will also investigate the application design issues that lead to vulnerability, and demonstrate coding fixes as well as cloud based defenses that can be used to mitigate the problem.
- Speaker: Cassio Goldschmidt is a former president of the OWASP Los Angeles Chapter
Cassio Goldschmidt is a globally recognized application security leader with strong background in both product and program-level security. Outside work, Cassio is known for his contributions to Open Web Application Security Project (OWASP), Software Assurance Forum for Excellence in Code (SAFECode), the Common Weakness Enumeration (CWE)/SysAdmin, Audit, Network, Security (SANS) Top 25 Most Dangerous Software Errors, along with contributing to the security education curriculum of numerous universities and helping to create International Information Systems Security Certification Consortium (ISC)2’s Certified Secure Software Lifecycle Professional (CSSLP) certification.
Cassio was one of the three finalist in the first (ISC)² Americas Information Security Leadership (ISLA) Awards 2011 in the Information Security Practitioner category and endowed with the special Community Service Star award during the same occasion. In 2012 Cassio was selected as one of the finalist for the OWASP Web Application Security Person of the Year (WASPY) Award. Cassio holds a number of US patents and is an accomplished writer and presenter in the field of application security.
SecureAuth offers Mobile, Web, and Identity Access Mgmt, including single signon (SSO) and 2-factor authentication for cloud, mobile, and network applications.
Please RSVP here: http://www.meetup.com/OWASP-Los-Angeles/events/
Would you like to speak at an OWASP Los Angeles Meeting?
Call for Papers (CFP) is NOW OPEN. To speak at upcoming OWASP Los Angeles meetings please submit your BIO and talk abstract via email to Richard Greenberg. The talk must be vendor neutral and its content be available under Creative Common 3.0 license.
Speaker: Christopher Elisan
Topic: Malware Automation
Automation is key when it comes to production. The same is true for malware. Malware production has moved on from the traditional manual method to a more efficient automated assembly line. In this talk, I will take the audience on an over-the-shoulder look at how attackers automate malware production. Discussion will focus on the tools and methodologies the attackers use to produce thousands of malware on a daily basis. The talk will then conclude with a live demonstration of how malware is produced in an automated fashion.
Speaker: Jerry Hoff
Topic: Demonstration of Common Web Vulnerabilities using WebGoat.NET
Developers cannot defend against unknown threats. Understanding vulnerabilities and security controls is an absolute necessity – not only for developers, but for Architects, QA and anyone else involved in the creation of software. This talk starts by making a strong argument for developer education, and how it fits into any organization’s SDLC. From there, we discuss other OWASP resources and projects dedicated to developer education, and an in-depth discussion of OWASP WebGoat.NET – an ASP.NET specific re-design of OWASP which meets the needs and addresses the challenges of modern application security training programs.
AppSec USA is a world-class software security conference for technologists, auditors, risk managers, and entrepreneurs, gathering the world's top practitioner, to share the latest research and practices.
Archives of Previous Meetings
Los Angeles Chapter
- Richard Greenberg -- Chapter Leader and President
- Tin Zaw -- Board Member
- Edward Bonver -- Board Member
- Kelly Fitzgerald -- Board Member
- Stuart Schwartz -- Board Member
Volunteers: Yev Avidon and Mikhael Felker
Volunteer OWASP Wiki: Mike Francis
The Los Angeles chapter was founded by Cassio Goldschmidt.
The AppSec USA 2010 conference received rave reviews. Thanks to all the volunteers and great speakers who helped make it a success!
Web archive: http://2010.AppSecUSA.org