Difference between revisions of "Orlando"

From OWASP
Jump to: navigation, search
Line 25: Line 25:
 
   
 
   
  
*Tom Brennan is a Director at Spiderlabs/Trustwave, an OWASP Global Board Member and Chapter Leader for OWASP NY/NJ Metro
+
*Tom Brennan is a Director at Spiderlabs/Trustwave, an OWASP Global Board Member and Chapter Leader for OWASP NY/NJ Metro. His talk is "OWASP Where are we... Where are we going in 2012"
*Jim Manico is the VP of Security Architecture at Whitehat Security, OWASP Connections Committee Chair, OWASP Podcast Host and Project Manager for the OWASP ESAPI Java project.
+
*Jim Manico is the VP of Security Architecture for WhiteHat Security, a web security firm.  Jim is a participant and project manager of the OWASP Developer Cheatsheet series. He is also the producer and
 +
host of the OWASP Podcast Series. This talk will discuss the past methods used for cross-site scripting (XSS) defense that were only partially effective. Learning from these lessons, we will also discuss present day defensive methodologies that are effective, but place an undue burden on the developer. We will then finish with a discussion of future XSS defense mythologies that shift the burden of XSS defense from the developer to various frameworks. These include auto-escaping template technologies, browser-based defenses such as Content Security Policy, and Javascript sandboxes such as the Google CAJA project and JSReg.
  
 
   
 
   

Revision as of 14:26, 18 January 2012

Contents

OWASP Orlando

Welcome to the Orlando chapter homepage. The chapter leader is Tony Turner.
Click here to join the local chapter mailing list.

Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is and open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

Btn donate SM.gif to this chapter or become a local chapter supporter.

Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG

OWASP Orlando Chapter Meetings

Q1 2012 Meeting February 22

Please Register at http://owasp-orlando.eventbrite.com

To bring in the New Year and kick off OWASP Orlando for 2012, we have some excellent speakers that have agreed to come down to Orlando and help us get things going!


5:45 - 6:00 Arrive

6:00 - 6:15 Welcome and Opening Remarks

6:15 - 7:00 "OWASP Where are we... Where are we going in 2012" - Tom Brennan

7:00 - 7:15 Break

7:15 - 8:00 "XSS" - Jim Manico

8:00 - ? After event social gathering - Location TBD


  • Tom Brennan is a Director at Spiderlabs/Trustwave, an OWASP Global Board Member and Chapter Leader for OWASP NY/NJ Metro. His talk is "OWASP Where are we... Where are we going in 2012"
  • Jim Manico is the VP of Security Architecture for WhiteHat Security, a web security firm. Jim is a participant and project manager of the OWASP Developer Cheatsheet series. He is also the producer and

host of the OWASP Podcast Series. This talk will discuss the past methods used for cross-site scripting (XSS) defense that were only partially effective. Learning from these lessons, we will also discuss present day defensive methodologies that are effective, but place an undue burden on the developer. We will then finish with a discussion of future XSS defense mythologies that shift the burden of XSS defense from the developer to various frameworks. These include auto-escaping template technologies, browser-based defenses such as Content Security Policy, and Javascript sandboxes such as the Google CAJA project and JSReg.


Refreshments will be provided at the event and have been donated by Security Innovations.


University of Central Florida has graciously agreed to provide meeting space at the Medical College campus. Building and room number will be forthcoming.


College of Medicine 6850 Lake Nona Blvd. Orlando, Fl 32827

  • Meeting Date: February 22, 2012 6:00 - 8:00 PM
  • Meeting Location: UCF College of Medicine
  • Google maps link: http://goo.gl/ztZTF

Meeting History

Inaugural Meeting October 19, 2011 6:30 PM at Seasons 52

We will be holding our first meeting on October 19 for an informal gathering of those interested in the OWASP mission. This is a chance to get to know the other members of the chapter and engage in the initial dialogue that will drive the direction of the group. We want to know what kinds of technologies you use or are interested in learning about, the challenges you are facing in your daily work and get a sense for the types of content you want to see at future meetings. I will bring some copies of various OWASP guides and possibly some other OWASP shwag to this initial meeting. We will be covering the OWASP mission, culture, and a high level view of OWASP projects. The format for this meeting will largely be discussion oriented. This is not currently a sponsored event, but we do have interested parties asking about sponsorship opportunities so this may change.

Chapter Information

OWASP Orlando is newly formed as of August 2011. The first meeting was held on October 19, 2011 and was designed largely as a social event to bring new members together. After this initial informal meeting we are continuing with our first major content meeting on february 22, 2012. Keep watching this space for announcements about upcoming events. If you are interested in being a speaker or taking a more active leadership role within the chapter, please contact the chapter leader at the link above. Everyone is welcome to join us at our chapter meetings. We track membership based on participation at the mailing list linked on this page and this will be the primary means of communication for the chapter. We also have a Linkedin group at http://goo.gl/BB9fu