Subject: ISACA-SD MEETING IS TOMORROW (THURSDAY, JULY 28TH) Date: Wed, 27 Jul 2005 14:19:23 -0400
ISACA - SAN DIEGO'S JULY MEETING NOTICE ISACA - SAN DIEGO'S JULY MEETING IS THIS THURSDAY, JULY 28TH All members and guests (non-members) are invited to this free meeting. Topic: WEB APPLICATION SECURITY Web applications are at risk from threats that can not be stopped by the traditional network and OS based security solutions. What exactly is Cross Site Scripting (XSS), SQL Injection, etc? These attacks travel on open ports (HTTP/HTTPS) and can be invisible to network and system layer security as their signatures are similar to the requests of normal web application users. This presentation reviews the most common web application attacks and their counter-measures. Each threat is explained and there will be a demonstration of how the exploits are executed and the tools that are utilized. The presentation is based on the work of the Open Web Application Security Project and is relevant to any company that supports web based applications. Speaker: Mr. Will Bechtel, CISSP Executive Partner, Blue Oasis Technologies Mr. Bechtel has consulted in the areas of Software Development, and Information Security for companies such as Sony, Sega, Cellular One, Federal Express, American Express, Sempra and SAIC. (Note: This program precedes a future program on Managing the Penetration Test Engagement that Blue Oasis Technologies is working on for us.) Cost: No cost to members or guests. Refreshments will be provided. Date: Thursday, July 28, 2005 (TOMORROW) Time: 4:00-6:00 PM, 2.0 CPE Location: Mission Federal Credit Union Corporate Headquarters Board Room on Third Floor (follow signs) 5785 Oberlin Drive, Sorrento Mesa area Directions: (Just north of UTC/Golden Triangle) Take I-805 North or South to Mira Mesa Blvd. Go east to first right (Scranton Road) and take first left (Oberlin Drive). Facility is on south-side about 1/5 mile in. Contact Carl Chizewski at 858-546-2203, if necessary. Parking: Park free in Visitor's spaces Contact: Ron Proulx at (858) 761-6666 RSVP: None Required, But, Appreciated LATE ARRIVAL AT OUR MEETING? CALL CARL AT THE NUMBER IN THE LOBBY OR RON AT 858-761-6666 AND WELL COME DOWN AND LET YOU IN. HOWEVER, BE AWARE THAT THIS IS DISRUPTIVE AND PREVENTS SOME PEOPLE FROM ENJOYING THE PROGRAM. TRY TO BE THERE AT 4:00 PM, IF POSSIBLE. HELP IS REQUESTED FROM MEMBERS Barb McKinzie at [EMAIL PROTECTED] would like some information on extracting GL transactions from SAP using ACL. If you can help her, please contact her at her e-mail address. (FYI: Barb is now in Ohio.) Rose Van Oss at [EMAIL PROTECTED] is looking for a request of Q/A practices that a vendor or third-party should follow. Contact her at her e-mail address. -- ___________________________________________________________ Sign-up for Ads Free at Mail.com http://promo.mail.com/adsfreejump.htm -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
