Archive for the ‘OWASP’ Category

« Older Entries

AppSec DC Update

Friday, October 2nd, 2009

Most of my time these days is going into AppSecDC. So I thought I’d share a bit of a shameless plug here that I just sent out to the conference mailing list:

People are registering, hotel rooms are being booked, classes are being enrolled in, and we’re just over a month out!

First off, if you haven’t registered or approached us about volunteering yet, today is the LAST day for early bird registration.

The link for registration is here

Secondly, if you are interested in volunteering, and haven’t contacted us about it yet, please contact Jon Rose, who is handling the volunteer coordination these days. He will be sending out a volunteer information packet in the next few days that should have answers to some of your questions, and he should be able to hook you up with getting “signed up” for specific positions.

Also, got Web 2.0? If so, we’re out there, and need your help. Follow, join, repost, talk about, and all those other good things. Every bit of extra visibility gives people who don’t know about the conference a chance to join in and participate!

Follow @AppSecDC09 on Twitter!

Join the event on Facebook, Linked In, or Upcoming !!

If you can, publish the event to your profile about it on whatever service, and tell your friends!

Look for more announcement soon. Next week, we’ll be highlighting some of the training options, and talking about what’s going on with our panels and some of our other events.

Posted in AppSecDC, OWASP, OWASP AppSec, Web Security, conferences, web people | No Comments »

Podcast Love

Thursday, October 1st, 2009

I (among others) are appearing in a few podcasts this week.

Amrit Williams interviewed me for his “Beyond the Perimeter” podcast, where in several parts I discuss AppSecDC, OWASP, and web application security. The first of these is up today, the others will follow next Tuesday and Thursday. BTP is also on iTunes.

Jim Manico, host of the wildly successful OWASP podcast, was nice enough to have a bunch of us over for some friendly banter about security inside the beltway a while back. You can hear that as of today, or if you subscribe through iTunes, you can get it there as well. This features myself, Matt Fisher of Piscis Security, Jack Whitsitt, Dan Philpott of Fismapedia and Guerilla-CISO. Mike Smith of Guerilla-CISO just missed us, and will be on another episode coming out soon!

Posted in OWASP, OWASP AppSec, Web Security, podcast, web people | No Comments »

CapSec and OWASP DC

Tuesday, July 28th, 2009

CapSec’s “Not at Black Hat” Edition is tomorrow night at Stetsons’s. You can come down and pretend you’re at the reception — the drinks are more expensive but the food is cheaper (if you consider the cost to get in the door).

CapSec DC
Wednesday July 29th 5:00 PM

Stetson’s
1610 U St NW
Washington DC 20009

Next Wednesday, OWASP DC will be having  chapter meeting at GWU. Dan Cornell of the Denim Group will be speaking on Vulnerability Management in an Application Security World, and Mike Smith of Deloitte will be speaking on SCAP and integration with Web Application Security. I’ll also be giving an update on the upcoming AppSec DC 2009, which is only a few months away now!

OWASP DC August Meeting
Wednesday August 5, 2009 at 6:30pm
George Washington University, Duques Hall Rm 553D
2201 G St.
Washington, District of Columbia 20037

Posted in CapSecDC, OWASP, Web Security, web people | No Comments »

OWASP DC this week, CapSec next week

Monday, April 20th, 2009

Just a reminder about some upcoming events:

This Wednesday, Jon Rose will be presenting his Deblaze tool, and I will be talking about some of the recent activity in OWASP, including (hopefully) the official announcement of AppSec US 2009 being hosted in November in Washington DC.

OWASP DC
Thursday April 22nd 6:30 PM

Duques Hall Rm 650D
George Washington University
2201 G St. NW
Washington DC 20037

Please note that this is NOT the same room as last time. It’s nearby, and hopefully we’ll have signs up to show you the way.

Next week, CapSec DC will have its April incarnation at Stetson’s. Hopefully this time we will outnumber marauding birthday parties. Though it was nice to have free balloons.

CapSec DC
Wednesday April 29th, 7:00 PM

Stetson’s
1610 U St NW
Washington DC 20009

Posted in CapSecDC, OWASP, OWASP AppSec, Web Security, meetups, web people | No Comments »

OWASP DC February Meeting

Wednesday, February 4th, 2009

The next OWASP DC Meeting is tomorrow!

OWASP DC
Thursday February 5th 6:30 PM

Duques Hall Rm 553
George Washington University
2201 G St. NW
Washington DC 20037

This month’s pre-Shmoo meeting will have two speakers, so you get two excellent presentations for the price of one OWASP meeting!

The meeting is at GWU near Foggy Bottom Metro. Using public transportation is advisable. Hope to see you there!

Meeting Agenda:

6:30 – 6:45 Introductions and OWASP Buisness – Mark Bristow
6:45 – 7:45 WAF Virtual Patching Challenge: Securing WebGoat with ModSecurity – Ryan Barnett
7:45 – 8:00 Break
8:00 – 9:00 Software Assurance Maturity Model (SAMM) – Pravir Chandra

Parking and Transportation

The Marvin Center Garage operates from 7am – midnight Monday through Friday and is closed on weekends. Make sure you have your car out by 11:45pm. A visitor’s parking garage is located between 23rd and 22nd Streets and H and Eye Streets. The visitor entrance is on Eye Street.

Parking on campus is at a premium and visitors are encouraged to use public transportation when visiting the campus. The nearest METRO stop, Foggy Bottom/GWU located on the Orange/Blue lines, is a short 3 block walk from the Marvin Center

Posted in OWASP, meetups | No Comments »

« Older Entries