Difference between revisions of "San Jose"

From OWASP
Redirect page
Jump to: navigation, search
(Next Meeting - Wednesday, July 25, 2007)
 
(27 intermediate revisions by 3 users not shown)
Line 1: Line 1:
{{Chapter Template|chaptername=San Jose|extra=The chapter leader is [mailto:brian.bertacini@owasp.org Brian Bertacini]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-sanjose|emailarchives=http://lists.owasp.org/pipermail/owasp-sanjose}}
+
#REDIRECT [[Bay Area]]
  
== Next Meeting - Wednesday, July 25, 2007 ==
+
{{Chapter Template|chaptername=Bay Area|extra=|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-bayarea|emailarchives=http://lists.owasp.org/pipermail/owasp-bayarea}}
Open to the public, attendance is free
+
  
'''Agenda and Presentations:'''<br/>
+
[[Category:California]]
6:00pm - 6:30pm ... Check-in and reception (food & bev)<br/>
+
6:30pm - 8:00pm ... Attacking XML Security - Brad Hill<br/>
+
8:00pm - 8:15pm ... Upcoming Security Workshops - Brian Bertacini<br/>
+
8:15pm - 8:35pm ... Networking Session<br/>
+
 
+
'''Venue:'''<br/>
+
Ariba<br/>
+
807 11th Avenue<br/>
+
Sunnyvale, Ca 94089<br/>
+
[http://www.ariba.com/company/hq_map.cfm Map and Directions]<br/>
+
 
+
 
+
'''Attacking XML Security'''<br/>
+
'''''Presented by: Brad Hill, iSEC Partners'''''<br/>
+
 
+
'''Abstract:'''
+
Brad will present his ongoing research into attacking the XML Digital Signature and Encryption standards that underpin the security  of Web Services, mobile code, SAML, federated identity systems and more.  The talk will begin with a high-level, critical take on the emerging conventional wisdom about message-oriented security and continue with a detailed discussion of design and implementation weaknesses in the standards.  Technical material will include a root cause analysis of the recent iSEC advisory on cross-platform, remote code execution vulnerabilities discovered in multiple XML Digital Signature products. <br/>
+
 
+
'''Bio:''' Based out of Seattle, Brad Hill is a Senior Security Consultant at iSEC Partners, a full-service security consulting firm that provides penetration testing, secure systems development, security education and software design verification.  Brad brings a ten year background as a software developer and architect in the technology and financial services sectors to his work at iSEC, where he does design review, application assessment and development lifecycle improvement for some of the world’s leading software companies. 
+
<br/>
+
<br/>
+
<br/>
+
 
+
'''Upcoming Security Workshops'''<br/>
+
'''''Presented by: Brian Bertacini, Volunteer Chapter Organizer'''''<br/>
+
 
+
'''Abstract:''' Introduce local volunteer expert trainers that are planning web application and infrastructure security workshops.
+
 
+
Please RSVP to via email [mailto:brian.bertacini@owasp.org Brian Bertacini], call 408-979-0571 or visit [http://owasp.mollyguard.com OWASP.Mollyguard.com]
+
 
+
Special thanks to [http://www.ariba.com Ariba] for hosting this event and to [http://www.appsecconsulting.com AppSec Consulting] and [http://www.isecpartners.com iSEC Partners] for sponsoring.
+

Latest revision as of 11:03, 27 April 2011