Monday, August 11, 2008

BlackHat encore - Chicago OWASP next week

Chapter leaders Cory Scott or Jason Witty were gracious enough to invite me to present at this months OWASP Chicago meeting. It's always fun to visit a new chapter. I've been to about a dozen so far, and meeting like minded webappsec people from various parts of the country/world. This is also a good opportunity for those who missed Black Hat to see one of the presentations live rather than relying solely on the information in the slides.

August 21 - OWASP Chicago Chapter (6:00pm – 8:30pm)
6:00 Refreshments and Networking
6:15 Bad Cocktail: Spear Phishing + Application Hacks - Rohyt Belani, Managing Partner, Intrepidus Group
7:15 Get Rich or Die Trying - Making Money on The Web, The Black Hat Way - Jeremiah Grossman, Founder & CTO of Whitehat Security

Bank of America Plaza
540 W. Madison, Downtown Chicago, 23rd floor.

*Please RSVP to jason{AT}wittys.com by 8/19/2008 if you plan to attend. Your name will need to be entered into the building's security system in order to gain access to the meeting.*

6 comments:

Michael Coates said...

I saw the talk at BlackHat and it was very good. Since I attend the local Chicago OWASP events anyways, I guess this time I'll have to try and see if Jeremiah switches in any new content :)

See everyone there.

-Michael Coates

Jeremiah Grossman said...

Hey Michael, glad you enjoyed the show. :) You bring up a very good idea. I wonder if I should add new stories and/or remove some of the less interesting ones. Some did lack punch. Since you know the format, would anyone mind or be disappointed ya think if I improved upon the original?

Michael Coates said...

I can't imagine anyone would mind if you made an already good presentation better. Modify away, just make sure to leave those last few big ones in there for sure.

-Michael Coates

Anonymous said...

Hello Jeremiah:

Maybe, it is little bit off topic, but I would like to ask you a quick question on web service security standards/best practices.

As I understand that there are a few organizations(WS-I, W3C, OASIS)that are developing web services security "standards".

Which organization's "standards" and best practices are mostly followed in the field?

In our organization, we are considering to adopt WS-I's Basic Security Profile and related WS-I profiles.

I am not sure at this point which organization would win the battle of developing web services security standards?

Cheers,
Caner

Jeremiah Grossman said...

That question is probably better suited for the Web Security Mailing List. Try there first as you'll likely get more and better input than from me alone. Web Services is certainly not my strong suit.

Caner said...

Thank you for the quick response.

Cheers,
Caner