Difference between revisions of "Tampa"

From OWASP
Jump to: navigation, search
(Next Meeting)
Line 15: Line 15:
 
== Next Meeting  ==
 
== Next Meeting  ==
  
We will be holding our 2009-Q3 meeting on Wednesday, September 9 from 6PM to 8PM. [http://www.ioactive.com IOActive's] '''Wes Brown''' will be presenting '''So You Want To Analyze Malware?'''
+
== Next Meeting  ==
  
:''Malware is a broad category of ‘malicious’ software that covers trojans, viruses, worms, rootkits, and other software that steals information or subverts computers into unintended purposes. There are many reasons why one would want to analyze malware, and they can range from professional interest in defending networks from them, to personal fascination in the techniques involved in crafting them.''
 
  
:''Whatever one’s reason for analyzing malware, Wes will share many of the techniques that he’s utilized in the course of his career working on client incident response engagements as well as a full time analyst on a heuristic detection product.''
+
We will be holding our 2009-Q3 meeting on Wednesday, September 9 from 6PM to 8PM. '''Wes Brown''' of [http://www.ioactive.com IOActive] had to cancel due to a conflict. '''Tony Flick''' of [http://www.fyrmassociates.com FYRM Associates] will fill in and present his Black Hat USA 2009 and DEFCON 17 '''Hacking the Smart Grid''' presentation.
  
:''Many might think that the techniques are dominated by methods such as reverse engineering and binary analysis, and indeed it is a major part of any analyst’s toolkit. However, statistical analysis, and static forensics can often play just as key a role, combined with scripting, systems management, and data warehousing.''
+
:''"The city of Miami and several commercial partners plan to rollout a "smart grid" citywide electrical infrastructure by the year 2011. This rollout proceeds on the heels of news that foreign agents have infiltrated our existing electrical infrastructure and that recent penetration tests have uncovered numerous vulnerabilities in the proposed technologies. Simultaneously, the National Institute for Standards in Technology (NIST) has recently released a roadmap for producing Smart Grid standards. In this presentation, Tony will discuss the flaws with the current guidelines and map them to the criticisms of similar regulatory mandates, including the Payment Card Industry Data Security Standard (PCI DSS), that rely heavily on organizations policing themselves."''
 
 
:''Wes will describe and show examples of such techniques, as well as supporting tools. The emphasis will be on doing this with low cost or free tools, so that an audience member can get up and running quickly with malware analysis even on a shoestring budget.''
 
  
 
[[Category:OWASP_Chapter]] [[Category:Florida]]
 
[[Category:OWASP_Chapter]] [[Category:Florida]]

Revision as of 20:49, 1 September 2009

Welcome to the OWASP Tampa Local Chapter

<paypal>Tampa</paypal>

Anyone in our area interested in information security is welcome to attend. Our meetings are informal and encourage open discussion of all aspects of application security. We invite attendees to give short presentations about specific topics.

We have a mailing list at: https://lists.owasp.org/mailman/listinfo/owasp-tampa

If you have any questions about the Tampa chapter, please send an email to the chapter leader Justin Morehouse.

The Tampa chapter is sponsored by FYRM Associates.

A reminder that CISSPs can earn 1 CPE credit for every hour of attendance at OWASP meetings.

Next Meeting

Next Meeting

We will be holding our 2009-Q3 meeting on Wednesday, September 9 from 6PM to 8PM. Wes Brown of IOActive had to cancel due to a conflict. Tony Flick of FYRM Associates will fill in and present his Black Hat USA 2009 and DEFCON 17 Hacking the Smart Grid presentation.

"The city of Miami and several commercial partners plan to rollout a "smart grid" citywide electrical infrastructure by the year 2011. This rollout proceeds on the heels of news that foreign agents have infiltrated our existing electrical infrastructure and that recent penetration tests have uncovered numerous vulnerabilities in the proposed technologies. Simultaneously, the National Institute for Standards in Technology (NIST) has recently released a roadmap for producing Smart Grid standards. In this presentation, Tony will discuss the flaws with the current guidelines and map them to the criticisms of similar regulatory mandates, including the Payment Card Industry Data Security Standard (PCI DSS), that rely heavily on organizations policing themselves."

Meeting Location

We meet quarterly at the Kforce building in Ybor. The address is:

1001 East Palm Ave. Tampa, FL 33605

Park in the Visitor spaces in the main parking lot that is off of East Palm Avenue. You will need to identify yourself at the security desk and ask how to get to Training Room B.

Presentation Archives

2009-Q2 - Open SAMM - Zate Berg - Presentation slides here.

2009-Q1 - XSS Anonymous Browser - Matt Flick - Presentation slides here.

2008-Q4 - Google Code Search : The pitfalls of Copy/Paste - Tony Flick - Presentation slides here.