Difference between revisions of "SanDiego"

From OWASP
Jump to: navigation, search
(24 intermediate revisions by 2 users not shown)
Line 1: Line 1:
 
{{Chapter Template|chaptername=San Diego|extra=The chapter leader is [mailto:jeromie@comsecinc.com Jeromie Jackson]
 
{{Chapter Template|chaptername=San Diego|extra=The chapter leader is [mailto:jeromie@comsecinc.com Jeromie Jackson]
<PAYPAL>SanDiego</PAYPAL>
+
 
 
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-sandiego|emailarchives=http://lists.owasp.org/pipermail/owasp-sandiego}}&nbsp;  
 
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-sandiego|emailarchives=http://lists.owasp.org/pipermail/owasp-sandiego}}&nbsp;  
 +
 +
<br>
  
 
<u>'''Local News'''</u>  
 
<u>'''Local News'''</u>  
  
Thank you for&nbsp;attending our previous chapter meeting and thanks to [http://www.websense.com Websense]&nbsp;for providing an excellent meeting space. Jeromie Jackson&nbsp;led the meeting with a great&nbsp;presentation and there were a variety of new ideas generated via open discussion. The next meeting is currently being planned so please check back here and/or join the mailing list for upcoming meeting details.<br>
+
'''OWASP San Diego – Things That Go Wrong With Web Application Encryption''' <br>
 +
The Open Web Application Security Project (OWASP) Chapter in San Diego is convening to discuss the latest developments in the OWASP organization, and new ideas in leading-edge secure web development. While the CRIME, BEAST, and padding oracle attacks have received a lot of recent attention, there are plenty of things that can go wrong with web application cryptography before even getting to those exploits. Gabriel Lawrence will guide us into a look at how documentation fails developers and how their use of cryptography within their applications is commonly broken. Whether you’re a seasoned security professional or an executive with high focus on mitigating IT risk, this event will take you beyond the OWASP Top 10 by providing valuable insight into common mistakes that can put your organization at risk. Enjoy refreshments from our friends at HP as you network with some of the best security researchers, auditors, and developers in the San Diego area. Intuit is graciously hosting this event at their San Diego office and we look forward to seeing you there!<br>
 +
 
 +
'''Date'''<br>
 +
Thursday May 9th, 2013<br>
  
'''<u>Meeting Notes October 22, 2009</u>'''<br>'''Ideas'''<br>-There are big python and ruby user groups in SD (Gabriel Lawrence is a good conduit)<br>-Many other user groups use meetup.com to publish meetings<br>-Create multisession curriculum (review tools and deep dive on different subject)<br>-Loosely couple presentations so new attendees can easily join in<br>-Discussed idea of charging small fee to attend meetings (decided not to entertain this until meeting matures)<br>-Possibly segregate training sessions from regular sessions and provide a some theme to the training sessions<br>-Vendors to possibly bring in (Rapid7 HDMoore, Breach, Modsecurity, McAfee, DBNetworks)<br>-Possibly provide CPE credits for attending OWASP events
+
'''Time'''<br>
 +
6:00pm - 8:00pm <br>
  
'''Future Meeting Topics<br>'''-Remediation vs. Mitigation<br>-Mitigation techniques when the code can’t be fixed<br>-Demo ESAPI in PHP and/or ASP.net<br>-How to run security testing when evaluating a new software product<br>-CFO level meeting regarding cost justification for security tools and risk assessment<br>-Web enumeration and data mining<br>-Vulnerability classification and remedation techniques <br><br>
+
'''Location'''<br>
 +
Intuit (Building 3, Cook Room)<br>
 +
7535 Torrey Santa Fe Rd.<br>
 +
San Diego, CA  92129<br>
 +
 +
'''Please RSVP''' <br>
 +
[mailto:rsvp@owasp-sd.org rsvp@owasp-sd.org] <br>
 +
858-754-9701 <br>
  
Date:    TBD
+
'''Speaker Bio'''<br>
Time:    TBD
+
Gabriel Lawrence has been a system administrator, application developer, entrepreneur, information security professional. He currently manages the Application Security group in Information Security and Risk Management at Qualcomm where he spends his days breaking web applications for fun and profit.<br>
  Location: Websense Corporate Office
+
   
          10240 Sorrento Valley Rd     
+
<u></u>
          San Diego, California  92121
+
  
Contact: Jeromie Jackson- CISSP, CISM
+
----
          Jeromie.Jackson@comsecinc.com
+
<br>
  858.205.3645
+
  
<br>
+
<u></u>  
  
<u>OWASP San Diego Board Formation</u>  
+
<u></u>  
  
[mailto:jeromie@owasp-sd.org Jeromie Jackson] - President<br>[mailto:jeff@owasp-sd.org Jeff Sutton] - Vice President<br>[mailto:matt@owasp-sd.org Matt Harrigan] - Director of Research<br>[mailto:steve@owasp-sd.org Steve Groom] - Director of Marketing<br>[mailto:andy@owasp-sd.org Andy Stovall] - Technical Director<br>[mailto:tom@owasp-sd.org Tom Spencer] - Program Director<br>
+
<u>OWASP San Diego Board</u><br> [mailto:jeromie@owasp-sd.org Jeromie Jackson] - President<br>[mailto:jeff@owasp-sd.org Jeff Sutton] - Vice President<br>[mailto:tom@owasp-sd.org Tom Spencer] - Program Director<br>[mailto:andy@owasp-sd.org Andy Stovall] - Technical Director<br> [mailto:stephan@owasp-sd.org Stephan Chenette] - Research Director
  
 
&nbsp;  
 
&nbsp;  
  
 
[[Category:California]]
 
[[Category:California]]

Revision as of 16:10, 29 April 2013

OWASP San Diego

Welcome to the San Diego chapter homepage. The chapter leader is Jeromie Jackson
Click here to join the local chapter mailing list.

Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is and open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

Btn donate SM.gif to this chapter or become a local chapter supporter.

Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG 


Local News

OWASP San Diego – Things That Go Wrong With Web Application Encryption
The Open Web Application Security Project (OWASP) Chapter in San Diego is convening to discuss the latest developments in the OWASP organization, and new ideas in leading-edge secure web development. While the CRIME, BEAST, and padding oracle attacks have received a lot of recent attention, there are plenty of things that can go wrong with web application cryptography before even getting to those exploits. Gabriel Lawrence will guide us into a look at how documentation fails developers and how their use of cryptography within their applications is commonly broken. Whether you’re a seasoned security professional or an executive with high focus on mitigating IT risk, this event will take you beyond the OWASP Top 10 by providing valuable insight into common mistakes that can put your organization at risk. Enjoy refreshments from our friends at HP as you network with some of the best security researchers, auditors, and developers in the San Diego area. Intuit is graciously hosting this event at their San Diego office and we look forward to seeing you there!

Date
Thursday May 9th, 2013

Time
6:00pm - 8:00pm

Location
Intuit (Building 3, Cook Room)
7535 Torrey Santa Fe Rd.
San Diego, CA 92129

Please RSVP
rsvp@owasp-sd.org
858-754-9701

Speaker Bio
Gabriel Lawrence has been a system administrator, application developer, entrepreneur, information security professional. He currently manages the Application Security group in Information Security and Risk Management at Qualcomm where he spends his days breaking web applications for fun and profit.



OWASP San Diego Board
Jeromie Jackson - President
Jeff Sutton - Vice President
Tom Spencer - Program Director
Andy Stovall - Technical Director
Stephan Chenette - Research Director