OWASP San Diego
Welcome to the San Diego chapter homepage. The chapter leader is Jeromie Jackson
Click here to join the local chapter mailing list.
OWASP Foundation (Overview Slides) is a professional association of global members and is and open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.
Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member?
Sushi & Sake- OWASP San Diego to Host Free Web Hacker Dojo
The Open Web Application Security Project (OWASP) Chapter in San Diego will be holding a FREE meeting to discuss the latest developments in the OWASP organization, and leading-edge web assessment technologies. Demonstrations will be provided on various web attack techniques and the best practices for defending against them, including web application firewalls. Bring your laptop to participate in the Web Hacker Dojo where everyone will have the opportunity to launch attacks against live lab web servers to see how they compare against today’s countermeasures. Sushi and Sake refreshments will be provided as you network with some of the best security auditors, researchers, and developers in the San Diego area. We look forward to seeing you there!
Date: January 27th, 2010 Time: 6:00pm - 7:30pm Location: Websense Corporate Office 10240 Sorrento Valley Rd San Diego, California 92121
Contact: email@example.com 858-754-9701
Meeting Notes From October 22, 2009
-There are big python and ruby user groups in SD (Gabriel Lawrence is a good conduit)
-Many other user groups use meetup.com to publish meetings
-Create multisession curriculum (review tools and deep dive on different subject)
-Loosely couple presentations so new attendees can easily join in
-Discussed idea of charging small fee to attend meetings (decided not to entertain this until meeting matures)
-Possibly segregate training sessions from regular sessions and provide a some theme to the training sessions
-Vendors to possibly bring in (Rapid7 HDMoore, Breach, Modsecurity, McAfee, DBNetworks)
-Possibly provide CPE credits for attending OWASP events
Future Meeting Topics
-Remediation vs. Mitigation
-Mitigation techniques when the code can’t be fixed
-Demo ESAPI in PHP and/or ASP.net
-How to run security testing when evaluating a new software product
-CFO level meeting regarding cost justification for security tools and risk assessment
-Web enumeration and data mining
-Vulnerability classification and remedation techniques
OWASP San Diego Board Formation