[PLUG] [Fwd: [OWASP-Philadelphia] February 19th 2008, 6:00 PM

Darian Anthony Patrick on 13 Feb 2008 09:28:21 -0800

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[PLUG] [Fwd: [OWASP-Philadelphia] February 19th 2008, 6:00 PM - 8:00 PM *Patten Auditorium Drexel University*]

From: Darian Anthony Patrick <darian@criticode.com>

To: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>

Subject: [PLUG] [Fwd: [OWASP-Philadelphia] February 19th 2008, 6:00 PM - 8:00 PM *Patten Auditorium Drexel University*]

Date: Wed, 13 Feb 2008 12:28:10 -0500

Organization: Criticode LLC

Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>

Sender: plug-bounces@lists.phillylinux.org

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello all, Just a heads up regarding the next Philly OWASP meeting, next Tuesday. Please RSVP to darian@criticode.com if you plan on attending. Thanks! - - - ------------------------------------------------------------------------------------------- - - - Philadelphia OWASP Patten Auditorium Drexel University - - - - ------------------------------------------------------------------------------------------- Come join us in Philadelphia as we discuss web application security and determine the content for upcoming meetings this year! We are looking forward to a good year in web application security. At this meeting we'll discuss what's happening in web application security, plan our upcoming meetings, and then discuss secure PHP development and a fun way to spam your printer using JavaScript. Please RSVP to darian@criticode.com if you plan on attending. - - --------------------------------------------------------------------- - - - HOW-TO: Secure PHP Deployment Patterns - - - --------------------------------------------------------------------- Philadelphia-area application security consultant and Philly OWASP Chapter Leader Darian Anthony Patrick will present secure PHP deployment patterns in shared hosting and application-dedicated deployment environments. PHP has become one of the most frequently noted development platforms of vulnerable web applications. This talk will describe best practices for separation of PHP applications to minimize effect of a successful penetration, and the hardening and isolation of PHP itself to mitigate the effect of successful exploitation of problems in the language implementation. - - ---------------------------------------------------------------------- - - - HACK: Cross Site Printing - - - ---------------------------------------------------------------------- Philadelphia-area security researcher and Philly OWASP Chapter Leader Aaron Weaver will be discussing Cross Site Printing[1], a notable variation on intranet application exploitation. Aaron's research has well received by the web security industry, with coverage by Robert Hansen aka RSnake[2] of SecTheory and ha.ckers.org, Jeremiah Grossman of White Hat Security[3] and has been named number 4 of the Top Ten Web Hacks of 2007[4] in informal polling conducted by Jeremiah, and is noted as one of the Coolest Hacks of 2007 by Dark Reading[5]. You don't want to miss this exciting presentation! [1]http://en.wikipedia.org/wiki/XSP_(cross_site_printing) [2]http://ha.ckers.org/blog/20080108/cross-site-printing/ [3]http://jeremiahgrossman.blogspot.com/2008/01/cross-site-printing-printer-spamming.html [4]http://jeremiahgrossman.blogspot.com/2008/01/top-ten-web-hacks-of-2007-official.html [5]http://www.darkreading.com/document.asp?doc_id=145319&WT.svl=news1_3 **Also if there are some companies on the list who would like to sponsor the food – we would definitely welcome it. Next Meeting: February 19th 2008, 6:00 PM - 8:00 PM OWASP Philly Meeting Patten Auditorium (Room 109) Matheson Hall 3220 Market St. (32nd and Market Streets) Philadelphia, PA Special thank you to our location sponsor Chariot Solutions. Chariot Solutions is organizing the 2008 Emerging Technologies for the Enterprise conference at Drexel University, March 26-27, 2008. Speakers include Floyd Marinescu of InfoQ.com, David Brussin of TurnTide, Obie Fernandez, Yehuda Katz, and many more. You don't want to miss this exciting event! More information at http://www.phillyemergingtech.com/. - -- Darian Anthony Patrick, GWAS, GSSP-Java, ZCE Principal, Application Development Criticode LLC Office: (215) 240-6566 Facsimile: (866) 789-2992 Email/XMPP: darian@criticode.com Web: http://criticode.com -----BEGIN PGP SIGNATURE----- iD8DBQFHsyipKpzEXPWA4IcRAobFAJ9ri5TleO4IhMhC60+jb+YqPmBEPACfQZz6 e7M2BMkR/Ggecjxg2/zcQx0= =1R8h -----END PGP SIGNATURE----- ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug

Prev by Date: Re: [PLUG] pci-express

Next by Date: Re: [PLUG] Finding a motherboard with a BIOS that does not block CPU virtualization

Previous by thread: Re: [PLUG] Linux Certification

Next by thread: [PLUG] Hard drive consolidation

Index(es):

Date

Thread