Difference between revisions of "New Jersey"

From OWASP
Jump to: navigation, search
(PRIMARY SPONSOR: [http://aboutus.vzw.com/aboutusoverview.html VERIZON WIRELESS])
Line 1: Line 1:
 
{{Chapter Template|chaptername=NY/NJ |extra= | mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-newjersey|emailarchives=http://lists.owasp.org/pipermail/owasp-newjersey}}   
 
{{Chapter Template|chaptername=NY/NJ |extra= | mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-newjersey|emailarchives=http://lists.owasp.org/pipermail/owasp-newjersey}}   
  
==SEPTEMBER 6th MEETING==
+
==OCTOBER 25th MEETING==
OWASP supports Global Security Week (Sept. 3rd-9th) [http://www.globalsecurityweek.com/index.html Click Here More Info...]. In local support of this worldwide effort, the next NY/NJ OWASP Chapter meeting will be on <b> <u>September 6th 5:30pm-9:00pm </u></b>
+
Full Day, information security summit happening in New Jersey on October 25th. At this all day event, learn from industry experts on topics of information security.  There is no charge for this event. <b> <u>October 25th 9:00am-4:30pm </u></b>
  
===PRIMARY SPONSOR: [http://www.amex.com AMERICAN STOCK EXCHANGE]===
+
<CENTER> [http://fs7.formsite.com/OWASP/form185709121/index.html RSVP NOW] </CENTER>
Special thanks to OWASP Board Member: Doug Shin of the AMEX
+
<b>Meeting Address:</b> 86 Trinity Place, NY NY 10006 ~ [http://tinyurl.com/2c5ohu Directions]
+
 
+
<b>Event coSponsors:</b> [http://signacert.com SIGNACERT] ~~ [http://www.ouncelabs.com OUNCE LABS] ~~ [http://www.accessitgroup.com ACCESSIT] ~~ [http://www.fortifysoftware.com FORTIFY SOFTWARE] ~~ [http://www.cenzic.com CENZIC]
+
 
+
---
+
 
+
TOPIC: <b>Global Security Week Working Group</b> - [http://www.globalsecurityweek.com/html/global_initiatives.html GSW]
+
What is the current state of Privacy on Web Application Security?
+
What should we be focusing on?
+
 
+
Panel Leader: Tom Brennan [http://www.owasp.org OWASP NY/NJ Metro President]
+
 
+
---
+
 
+
TOPIC: <b>Why today's vulnerability assessments are failing and a case for industry standardization</b>
+
 
+
As organizations mature their information security capabilities they start to extend their requirements to their partners and providers.  Providing for the identification and management of information security issues are becoming part of contractual language. Vulnerability Assessment / ethical reports today are used today as one measurable data point to build a confidence in the status of other parties’ web applications and is generally an accepted set in due diligence.  The challenge today is these Vulnerability Assessments are inconsistent in scope & rigor, and reported in a form that makes them incomparable between institutions.  It is frequently impossible to understand what test design was used (black box/white box), what set of conditions were tested (OWASP top ten only, CVE, items found by common scanning tools, manually exercised conditions, etc) and how issues were rated for severity (CVSS, vendor provided, customer provided, etc).  A similar problem existed with information security assessments of operational and physical security at outsourced service providers used by financial institutions and was address by developing an “agreed upon procedures” approach to outline common things needed by institutions so that assessments could be done once by a neutral party and then reused. This presentation, while not offering the complete answer for application security testing, will attempt to outline the components needed for such a solution.
+
 
+
SPEAKER BIO: Mark Clancy is Senior Vice President at [http://www.citigroup.com Citigroup]
+
 
+
---
+
 
+
TOPIC: <b>Hackers...BotNets oh My!</b>
+
FBI Cybercrimes task force to discuss global status of BotNets.
+
 
+
SPEAKER BIO: Chris Stangel [http://newyork.fbi.gov/nyfohome.htm NYC FBI Cyber Crime Unit]
+
 
+
---
+
 
+
TOPIC: <b>OWASP Project JBroFuzz: Fuzzing for Network and Web Applications </b>
+
 
+
JBroFuzz is a OWASP stateless network protocol fuzzer that emerged from the
+
needs of penetration testing. This presentation will aim to illustrate
+
efficient ways of fuzzing in order to minimize the amount of time spent in
+
discovering application and network protocol vulnerabilities.
+
 
+
SPEAKER: Dr. Yiannis Pavlosoglou is a Security Project Manager at
+
[http://www.irmplc.com Information Risk Management]
+
 
+
---
+
 
+
TOPIC: <b>Stock fluctuation from an unrecognized influence. </b>
+
 
+
SPEAKER: Justine Bone - Aitel - [http://www.immunityinc.com Immunity Security]
+
 
+
---
+
 
+
<center><b> Meetings are FREE and open to the PUBLIC - </b>[http://fs7.formsite.com/OWASP/form185804020/index.html RSVP IS REQUESTED] </center>
+
 
+
<hr>
+
 
+
==OCTOBER 25th MEETING==
+
Full Day, information security summit happening in New Jersey on October 25th. At this all day event, learn from industry experts on topics of information security.  There is no charge for this event. <b> <u>October 25th 9:30am-4:30pm </u></b>
+
  
 
===PRIMARY SPONSOR: [http://aboutus.vzw.com/aboutusoverview.html VERIZON WIRELESS]===
 
===PRIMARY SPONSOR: [http://aboutus.vzw.com/aboutusoverview.html VERIZON WIRELESS]===
Special thanks to: Philip Varughese
+
Special thanks to: Philip Varughese of Verizon
 
<b>Meeting Address:</b> 295 N Maple Ave, Basking Ridge, NJ 07920 ~ [http://tinyurl.com/2vuh7f Directions]
 
<b>Meeting Address:</b> 295 N Maple Ave, Basking Ridge, NJ 07920 ~ [http://tinyurl.com/2vuh7f Directions]
  
 
<b>Event coSponsors:</b> [http://www.accessitgroup.com ACCESSIT] ~~ [http://www.cenzic.com CENZIC]
 
<b>Event coSponsors:</b> [http://www.accessitgroup.com ACCESSIT] ~~ [http://www.cenzic.com CENZIC]
~~ [http://www.archer-tech.com ARCHER TECHNOLOGIES]  ~~ [http://www.intrepidusgroup.com INTREPIDUS GROUP] ~~ [http://www.mandiant.com MANDIANT]
+
~~ [http://www.archer-tech.com ARCHER TECHNOLOGIES]  ~~ [http://www.intrepidusgroup.com INTREPIDUS GROUP] ~~ [http://www.mandiant.com MANDIANT] - want to be a co-sponsor? Call 973-202-0122
 +
 
 +
 
 
---
 
---
  
 
TOPIC: <b>Keynote</b>  
 
TOPIC: <b>Keynote</b>  
  
SPEAKER: Renato Delatorre, Verizon Wireless
+
SPEAKER: Renato Delatorre, [http://www.verizonwireless.com Verizon Wireless]
  
 
---
 
---
Line 76: Line 24:
 
TOPIC: <b>Social Engineering</b>  
 
TOPIC: <b>Social Engineering</b>  
  
SPEAKER: Kevin Mitnick
+
SPEAKER: Kevin Mitnick [http://www.kevinmitnick.com Mitnick Consulting]
  
 
---
 
---
Line 82: Line 30:
 
TOPIC: <b>ISO 27001 What is it... Why do you care?</b>
 
TOPIC: <b>ISO 27001 What is it... Why do you care?</b>
  
SPEAKER BIO: Mahi Dontamsetti
+
SPEAKER BIO: Mahi Dontamsetti [http://www.m3-security.net M3]
  
 
--  
 
--  
Line 92: Line 40:
 
--
 
--
  
TOPIC: <b>Internet Fraud - War Stories</b>
+
TOPIC: <b>Internet Fraud </b>  
  
SPEAKER BIO: Mike Esposito
+
SPEAKER BIO: Mike Esposito [http://www.enterprisesecuritysolutions.net ESS]
  
 
---
 
---
Line 101: Line 49:
  
 
SPEAKER BIO:  Richard Bowen
 
SPEAKER BIO:  Richard Bowen
 
+
[http://www.fortifysoftware.com Fortify]
 
--  
 
--  
  
 
TOPIC: <b>Mobile Security </b>
 
TOPIC: <b>Mobile Security </b>
  
SPEAKER: Philip Varughese, Corey Benninger  
+
SPEAKER: Philip Varughese, Corey Benninger [www.verizonwireless.com Verizon Wireless]
  
  
 +
---
  
--
+
<CENTER>[http://fs7.formsite.com/OWASP/form185709121/index.html RSVP NOW] </CENTER>
 
+
<center><b> Meetings are FREE and open to the PUBLIC - </b> </center>
+
  
 
<hr>
 
<hr>
Line 124: Line 71:
 
*<b>Vice President:</b> [mailto:pperfetti(at)nba.com Pete Perfetti]  
 
*<b>Vice President:</b> [mailto:pperfetti(at)nba.com Pete Perfetti]  
 
*<b>Secretary:</b> [mailto:santoniewicz(at)net2s.com Steve Antoniewicz]  
 
*<b>Secretary:</b> [mailto:santoniewicz(at)net2s.com Steve Antoniewicz]  
*<b>Treasurer:</b> [mailto:tom.ryan(at)providesecurity.com Tom Ryan]  
+
*<b>Treasurer:</b> [mailto:mdontamsetti(at)gmail.com Mahi Dontamsetti]
 
Board of Directors
 
Board of Directors
*<b>Board Member:</b> [mailto:mdontamsetti(at)gmail.com Mahi Dontamsetti]
+
*<b>Board Member:</b> [mailto:tom.ryan(at)providesecurity.com Tom Ryan]
 
*<b>Board Member:</b> [mailto:pstern100(at)gmail.com Peter Stern]  
 
*<b>Board Member:</b> [mailto:pstern100(at)gmail.com Peter Stern]  
 
*<b>Board Member:</b> [mailto:KReiter(at)insidefsi.net Kevin Reiter]  
 
*<b>Board Member:</b> [mailto:KReiter(at)insidefsi.net Kevin Reiter]  

Revision as of 13:02, 7 September 2007

OWASP NY/NJ

Welcome to the NY/NJ chapter homepage.
Click here to join the local chapter mailing list.

Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is and open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

Btn donate SM.gif to this chapter or become a local chapter supporter.

Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG

OCTOBER 25th MEETING

Full Day, information security summit happening in New Jersey on October 25th. At this all day event, learn from industry experts on topics of information security. There is no charge for this event. October 25th 9:00am-4:30pm

RSVP NOW

PRIMARY SPONSOR: VERIZON WIRELESS

Special thanks to: Philip Varughese of Verizon Meeting Address: 295 N Maple Ave, Basking Ridge, NJ 07920 ~ Directions

Event coSponsors: ACCESSIT ~~ CENZIC ~~ ARCHER TECHNOLOGIES ~~ INTREPIDUS GROUP ~~ MANDIANT - want to be a co-sponsor? Call 973-202-0122


---

TOPIC: Keynote

SPEAKER: Renato Delatorre, Verizon Wireless

---

TOPIC: Social Engineering

SPEAKER: Kevin Mitnick Mitnick Consulting

---

TOPIC: ISO 27001 What is it... Why do you care?

SPEAKER BIO: Mahi Dontamsetti M3

--

TOPIC: VOIP - Can you hear me now?

SPEAKER BIO: Paul Rohmeyer, Michael McCobb

--

TOPIC: Internet Fraud

SPEAKER BIO: Mike Esposito ESS

---

TOPIC: Dig Your Own Hole: 12 Ways to Go Wrong with Java Security

SPEAKER BIO: Richard Bowen Fortify --

TOPIC: Mobile Security

SPEAKER: Philip Varughese, Corey Benninger [www.verizonwireless.com Verizon Wireless]


---

RSVP NOW

To submit educational topic for upcoming meeting please provide submit your powerpoint using the OWASP Template and include a speaker BIO. If you wish to become a sponsor or co-sponsor please click on one of the below email addresses of our active board members.

NY/NJ OWASP Chapter Leaders


The chapter mailing address is:

NY/NJ Metro OWASP 759 Bloomfield Ave #172 West Caldwell, New Jersey 07006
973-202-0122











~