Columbus OWASP Q1 2013 Meeting
Thursday, March 7, 2013 from 1:00 PM to 4:00 PM (EST)
New location: OARnet on Kinnear road!!
Our Winter meeting will be March 7th at 1PM. We are meeting at OARnet, on Kinnear Road. NOT at Improving, who is moving offices. Hope to see all developers and security professionals there!
The first speaker will be Bill Sempf. He is speaking on Windows Store app security.
Security and privacy in mobile development has been a topic in the iOS and Android world for a few years now. Microsoft is entering the fray with be their first significant push into the mobile space. Will your apps be the next ones on the front page of Ars Technica (for the wrong reasons)? Bill would like to help you make sure that won’t happen. Learn the security considerations of HTML5, backend services, cloud computing and WinRT.
The second speaker will be Phil Grimes. He'll be speaking about CSRF, with the most awesome demo ever. Abstract is TBD, but I promise it is awesome.
UPDATE: Here is Phil's abstract!
In a discussion focused on Cross Site Request Forgery (CSRF), explore the trust vulnerability and walk through a demonstration of the exploit in action. Understand how these attacks take place and what they look like from the perspective of both victim AND attacker. Walk away with a grasp on the security implications of this weakness as well as understanding why the attack is possible and what steps should be done to prevent it. This session is a 45 minute demo with a 15 minute Q&A after. It is an advanced technical session intended for technicians, engineers, and developers with interest in web application security.
When & Where
The Open Web Application Security Project (OWASP) is a 501c3 not-for-profit worldwide charitable organization focused on improving the security of application software. Our mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks.