This is to remind everyone that if you plan to attend the OWASP
conference next week, you need to register by COB this Thursday the 8th,
so we can let eBay security know on Friday who is attending.
Thanks! And hope to see many of you there.
-Dave
-----Original Message-----
From: Dave Wichers
Sent: Friday, October 05, 2007 11:19 AM
To: 'webappsec@securityfocus.com'
Subject: OWASP & WASC AppSec 2007 Conference - Nov 12-15 - San Jose, CA
OWASP and WASC have agreed to join forces this year to put together an
incredible AppSec 2007 Conference for the application security
community,
Nov. 12-15 in San Jose. A huge concentration of industry leading experts
will be in attendance presenting high quality web application security
content. AppSec 2007 offers a unique opportunity for security
professionals,
software developers, and IT managers to get up to speed on the latest
and
greatest attack techniques, defense strategies, and industry trends in
an
atmosphere of peers. The conference format and venue is also perfect for
networking and sharing experiences with others that are down in the
trenches.
Full details on the conference are available at:
http://www.owasp.org/index.php/OWASP_&_WASC_AppSec_2007_Conference
There are many new firsts to this conference that I wanted to mention:
1) This is the first joint OWASP and WASC AppSec Conference
2) eBay is hosting this conference, which is the first conference being
hosted at a company facility. (Thank you eBay)
3) Web Services Security Track: A 3rd track has been added on Day 1 for
this topic, which is an important area for OWASP to get involved with
(and
it is)
Details on this track are available at:
http://www.owasp.org/index.php/7th_OWASP_AppSec_Conference_-_San_Jose_20
07/Agenda#Nov_14:_Track_3:_Web_Services_Security
4) Tutorials: The tutorials session has been expanded to 2 full days
and we have five 2-day tutorials this time on Nov 12-13:
a. Building and Testing Secure Web Applications
b. Secure Coding for Java EE
c. Secure Coding .NET Web Applications
d. Web Services and XML Security
e. Leveraging OWASP Tools and Documents to Secure Your Enterprise (Our
first OWASP specific tutorial!! - Taught by our Chief Evangelist - Dinis
Cruz)
f. ModSecurity Tutorial (NEW !!)
Tutorial details are available at:
http://www.owasp.org/index.php/7th_OWASP_AppSec_Conference_-_San_Jose_20
07/Training
5) A Technology Expo has been introduced. Vendors of application
security products and managed services will be demonstrating their wares
for
the first time at an OWASP conference on Nov 13 and Nov 14.
Tech Expo info is available at:
http://www.owasp.org/index.php/7th_OWASP_AppSec_Conference_-_San_Jose_20
07/Agenda#Tech_Expo_-_Nov_13th-14th
If you are a vendor interested in participating in the expo, more
details
are here:
http://www.owasp.org/index.php/OWASP_AppSec_Conference_Sponsors
6) New Social Events! - Breach is going to again have a cocktail party.
This time its Nov 13. OWASP has its dinner on Nov 14. The OWASP Band!!
Is
also playing on Nov 14 (Check with Dinis for details). Microsoft has now
joined in and is having a closing cocktail party on Nov 15 that is being
cosponsored by Aspect Security.
I hope to see you there!
Thanks, Dave
Dave Wichers
OWASP Conferences Chair
dave.wichers@owasp.org
------=_NextPart_000_0490_01C80732.304FBB30
Content-Type: text/html;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
<html xmlns:v=3D"urn:schemas-microsoft-com:vml" =
xmlns:o=3D"urn:schemas-microsoft-com:office:office" =
xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:x=3D"urn:schemas-microsoft-com:office:excel" =
xmlns:p=3D"urn:schemas-microsoft-com:office:powerpoint" =
xmlns:a=3D"urn:schemas-microsoft-com:office:access" =
xmlns:dt=3D"uuid:C2F41010-65B3-11d1-A29F-00AA00C14882" =
xmlns:s=3D"uuid:BDC6E3F0-6DA3-11d1-A2A3-00AA00C14882" =
xmlns:rs=3D"urn:schemas-microsoft-com:rowset" xmlns:z=3D"#RowsetSchema"
=
xmlns:b=3D"urn:schemas-microsoft-com:office:publisher" =
xmlns:ss=3D"urn:schemas-microsoft-com:office:spreadsheet" =
xmlns:c=3D"urn:schemas-microsoft-com:office:component:spreadsheet" =
xmlns:oa=3D"urn:schemas-microsoft-com:office:activation" =
xmlns:html=3D"http://www.w3.org/TR/REC-html40"; =
xmlns:q=3D"http://schemas.xmlsoap.org/soap/envelope/"; xmlns:D=3D"DAV:" =
xmlns:x2=3D"http://schemas.microsoft.com/office/excel/2003/xml"; =
xmlns:ois=3D"http://schemas.microsoft.com/sharepoint/soap/ois/"; =
xmlns:dir=3D"http://schemas.microsoft.com/sharepoint/soap/directory/"; =
xmlns:ds=3D"http://www.w3.org/2000/09/xmldsig#"; =
xmlns:dsp=3D"http://schemas.microsoft.com/sharepoint/dsp"; =
xmlns:udc=3D"http://schemas.microsoft.com/data/udc"; =
xmlns:xsd=3D"http://www.w3.org/2001/XMLSchema"; =
xmlns:sps=3D"http://schemas.microsoft.com/sharepoint/soap/"; =
xmlns:xsi=3D"http://www.w3.org/2001/XMLSchema-instance"; =
xmlns:udcxf=3D"http://schemas.microsoft.com/data/udc/xmlfile"; =
xmlns:wf=3D"http://schemas.microsoft.com/sharepoint/soap/workflow/"; =
xmlns:mver=3D"http://schemas.openxmlformats.org/markup-compatibility/200
6=
" xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml"; =
xmlns:mrels=3D"http://schemas.openxmlformats.org/package/2006/relationsh
i=
ps" =
xmlns:ex12t=3D"http://schemas.microsoft.com/exchange/services/2006/types
"=
=
xmlns:ex12m=3D"http://schemas.microsoft.com/exchange/services/2006/messa
g=
es" xmlns=3D"http://www.w3.org/TR/REC-html40";>
<head>
<META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
charset=3Dus-ascii">
<meta name=3DGenerator content=3D"Microsoft Word 12 (filtered medium)">
<style>
<!--
/* Font Definitions */
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p.MsoPlainText, li.MsoPlainText, div.MsoPlainText
{mso-style-priority:99;
mso-style-link:"Plain Text Char";
margin:0in;
margin-bottom:.0001pt;
font-size:10.5pt;
font-family:Consolas;}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
{mso-style-priority:34;
margin-top:0in;
margin-right:0in;
margin-bottom:0in;
margin-left:.5in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri","sans-serif";
color:windowtext;}
span.PlainTextChar
{mso-style-name:"Plain Text Char";
mso-style-priority:99;
mso-style-link:"Plain Text";
font-family:Consolas;}
.MsoChpDefault
{mso-style-type:export-only;}
@page Section1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.Section1
{page:Section1;}
/* List Definitions */
@list l0
{mso-list-id:1589460941;
mso-list-type:hybrid;
mso-list-template-ids:-436723848 67698705 67698713 67698715
67698703 =
67698713 67698715 67698703 67698713 67698715;}
@list l0:level1
{mso-level-text:"%1\)";
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level2
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level3
{mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level4
{mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level5
{mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level6
{mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level7
{mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level8
{mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level9
{mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;}
ol
{margin-bottom:0in;}
ul
{margin-bottom:0in;}
-->
</style>
<!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=3DEN-US link=3Dblue vlink=3Dpurple>
<div class=3DSection1>
<p class=3DMsoNormal>OWASP and WASC have agreed to join forces this year
=
to put
together an incredible AppSec 2007 Conference for the application =
security
community, Nov. 12-15 in San Jose. A huge concentration of industry =
leading
experts will be in attendance presenting high quality web application =
security
content. AppSec 2007 offers a unique opportunity for security =
professionals,
software developers, and IT managers to get up to speed on the latest =
and
greatest attack techniques, defense strategies, and industry trends in =
an
atmosphere of peers. The conference format and venue is also perfect for
networking and sharing experiences with others that are down in the =
trenches.<o:p></o:p></p>
<p class=3DMsoNormal><o:p> </o:p></p>
<p class=3DMsoNormal>Full details on the conference are available at: <a
href=3D"http://www.owasp.org/index.php/OWASP_&_WASC_AppSec_2007_Conf
e=
rence">http://www.owasp.org/index.php/OWASP_&_WASC_AppSec_2007_Confe
r=
ence</a>
<o:p></o:p></p>
<p class=3DMsoNormal><o:p> </o:p></p>
<p class=3DMsoNormal>There are many new firsts to this conference that I
=
wanted
to mention:<o:p></o:p></p>
<p class=3DMsoNormal><o:p> </o:p></p>
<p class=3DMsoListParagraph style=3D'text-indent:-.25in;mso-list:l0 =
level1 lfo1'><![if !supportLists]><span
style=3D'mso-list:Ignore'>1)<span style=3D'font:7.0pt "Times New =
Roman"'>
</span></span><![endif]>This is the first joint OWASP and WASC AppSec
Conference<o:p></o:p></p>
<p class=3DMsoListParagraph style=3D'text-indent:-.25in;mso-list:l0 =
level1 lfo1'><![if !supportLists]><span
style=3D'mso-list:Ignore'>2)<span style=3D'font:7.0pt "Times New =
Roman"'>
</span></span><![endif]>eBay is hosting this conference, which is the =
first
conference being hosted at a company facility. (Thank you =
eBay)<o:p></o:p></p>
<p class=3DMsoListParagraph style=3D'text-indent:-.25in;mso-list:l0 =
level1 lfo1'><![if !supportLists]><span
style=3D'mso-list:Ignore'>3)<span style=3D'font:7.0pt "Times New =
Roman"'>
</span></span><![endif]>Web Services Security Track: A 3<sup>rd</sup> =
track has
been added on Day 1 for this topic, which is an important area for OWASP
=
to get
involved with (and it is)<o:p></o:p></p>
<p class=3DMsoNormal style=3D'margin-left:.5in'>Details on this track =
are available
at: <a
href=3D"http://www.owasp.org/index.php/7th_OWASP_AppSec_Conference_-_San
_=
Jose_2007/Agenda#Nov_14:_Track_3:_Web_Services_Security">http://www.owas
p=
.org/index.php/7th_OWASP_AppSec_Conference_-_San_Jose_2007/Agenda#Nov_14
:=
_Track_3:_Web_Services_Security</a>
<o:p></o:p></p>
<p class=3DMsoListParagraph style=3D'text-indent:-.25in;mso-list:l0 =
level1 lfo1'><![if !supportLists]><span
style=3D'mso-list:Ignore'>4)<span style=3D'font:7.0pt "Times New =
Roman"'>
</span></span><![endif]>Tutorials: The tutorials session has been =
expanded to 2
full days and we have five 2-day tutorials this time on Nov =
12-13:<o:p></o:p></p>
<p class=3DMsoListParagraph =
style=3D'margin-left:1.0in;text-indent:-.25in;
mso-list:l0 level2 lfo1'><![if !supportLists]><span =
style=3D'mso-list:Ignore'>a.<span
style=3D'font:7.0pt "Times New =
Roman"'> =
</span></span><![endif]>Building
and Testing Secure Web Applications<o:p></o:p></p>
<p class=3DMsoListParagraph =
style=3D'margin-left:1.0in;text-indent:-.25in;
mso-list:l0 level2 lfo1'><![if !supportLists]><span =
style=3D'mso-list:Ignore'>b.<span
style=3D'font:7.0pt "Times New Roman"'> =
</span></span><![endif]>Secure
Coding for Java EE<o:p></o:p></p>
<p class=3DMsoListParagraph =
style=3D'margin-left:1.0in;text-indent:-.25in;
mso-list:l0 level2 lfo1'><![if !supportLists]><span =
style=3D'mso-list:Ignore'>c.<span
style=3D'font:7.0pt "Times New =
Roman"'> =
</span></span><![endif]>Secure
Coding .NET Web Applications<o:p></o:p></p>
<p class=3DMsoListParagraph =
style=3D'margin-left:1.0in;text-indent:-.25in;
mso-list:l0 level2 lfo1'><![if !supportLists]><span =
style=3D'mso-list:Ignore'>d.<span
style=3D'font:7.0pt "Times New Roman"'> =
</span></span><![endif]>Web
Services and XML Security<o:p></o:p></p>
<p class=3DMsoListParagraph =
style=3D'margin-left:1.0in;text-indent:-.25in;
mso-list:l0 level2 lfo1'><![if !supportLists]><span =
style=3D'mso-list:Ignore'>e.<span
style=3D'font:7.0pt "Times New Roman"'> =
</span></span><![endif]>Leveraging
OWASP Tools and Documents to Secure Your Enterprise (Our first OWASP =
specific
tutorial!! – Taught by our Chief Evangelist – Dinis =
Cruz)<o:p></o:p></p>
<p class=3DMsoNormal style=3D'margin-left:.5in'>Tutorial details are =
available at: <a
href=3D"http://www.owasp.org/index.php/7th_OWASP_AppSec_Conference_-_San
_=
Jose_2007/Training">http://www.owasp.org/index.php/7th_OWASP_AppSec_Conf
e=
rence_-_San_Jose_2007/Training</a>
<o:p></o:p></p>
<p class=3DMsoListParagraph style=3D'text-indent:-.25in;mso-list:l0 =
level1 lfo1'><![if !supportLists]><span
style=3D'mso-list:Ignore'>5)<span style=3D'font:7.0pt "Times New =
Roman"'>
</span></span><![endif]>A Technology Expo has been introduced. Vendors =
of
application security products and managed services will be demonstrating
=
their
wares for the first time at an OWASP conference on Nov 13 and Nov =
14.<o:p></o:p></p>
<p class=3DMsoListParagraph>Tech Expo info is available at: <a
href=3D"http://www.owasp.org/index.php/7th_OWASP_AppSec_Conference_-_San
_=
Jose_2007/Agenda#Tech_Expo_-_Nov_13th-14th">http://www.owasp.org/index.p
h=
p/7th_OWASP_AppSec_Conference_-_San_Jose_2007/Agenda#Tech_Expo_-_Nov_13t
h=
-14th</a>
<o:p></o:p></p>
<p class=3DMsoListParagraph>If you are a vendor interested in =
participating in
the expo, more details are here: <a
href=3D"http://www.owasp.org/index.php/OWASP_AppSec_Conference_Sponsors";
=
http://www.owasp.org/index.php/OWASP_AppSec_Conference_Sponsors</a>
<o:p></o:p></p>
<p class=3DMsoListParagraph style=3D'text-indent:-.25in;mso-list:l0 =
level1 lfo1'><![if !supportLists]><span
style=3D'mso-list:Ignore'>6)<span style=3D'font:7.0pt "Times New =
Roman"'>
</span></span><![endif]>New Social Events! – Breach is going to =
again
have a cocktail party. This time its Nov 13. OWASP has its dinner on Nov
=
14.
The OWASP Band!! Is also playing on Nov 14 (Check with Dinis for =
details).
Microsoft has now joined in and is having a closing cocktail party on =
Nov 15
that is being cosponsored by Aspect Security.<o:p></o:p></p>
<p class=3DMsoNormal><o:p> </o:p></p>
<p class=3DMsoNormal>I hope to see you there!<o:p></o:p></p>
<p class=3DMsoNormal><o:p> </o:p></p>
<p class=3DMsoNormal>Thanks, Dave<o:p></o:p></p>
<p class=3DMsoNormal><o:p> </o:p></p>
<p class=3DMsoNormal>Dave Wichers<o:p></o:p></p>
<p class=3DMsoNormal>OWASP Conferences Chair<o:p></o:p></p>
<p class=3DMsoNormal><a =
href=3D"mailto:dave.wichers@owasp.org";>dave.wichers@owasp.org</a><o:p></
o=
:p></p>
<p class=3DMsoPlainText><o:p> </o:p></p>
<p class=3DMsoNormal><o:p> </o:p></p>
</div>
</body>
</html>
------=_NextPart_000_0490_01C80732.304FBB30--
-------------------------------------------------------------------------
Sponsored by: Watchfire
Cross-Site Scripting (XSS) is one of the most common application-level
attacks that hackers use to sneak into web applications today. This
whitepaper will discuss how traditional XSS attacks are performed, how to
secure your site against these attacks and check if your site is protected.
Cross-Site Scripting Explained - Download this whitepaper today!
https://www.watchfire.com/securearea/whitepapers.aspx?id=701700000009405
-------------------------------------------------------------------------
