Breach Security Executive to Present on Web Application Security Tools and Trends at OWASP AppSec DC 2009.Ryan C. Barnett Will Educate Members on New OWASP (Open Web Application Security Project) An organization founded by Mark Curphey in 2001 to help make open source software secure. With member communities around the world, OWASP projects are involved with specific programming languages, functions and Project and 2009 Web Hacking See hack and hacker. Attacks CARLSBAD, Calif. -- Breach Security, Inc., the leader in web application integrity, security and PCI (1) (Payment Card Industry) See PCI DSS. (2) (Peripheral Component Interconnect) The most widely used I/O bus (peripheral bus). compliance, today announced that Ryan C. Barnett, director of application security research, will be speaking at OWASP AppSec DC 2009 on November 12 and 13, 2009. Barnett was invited to present on the new "OWASP ModSecurity Core Rule Set Project," which is based on generic rules that provide protection from zero-day and unknown vulnerabilities often found in web applications. He will also speak on "The Web Hacking Incidents Database," which focuses on a statistical analysis of web application security incidents in 2009. Barnett is a SANS Institute The SANS Institute (SysAdmin, Audit, Networking, and Security) is a trade name owned by the for-profit Escal Institute of Advanced Technologies. SANS provides computer security training, professional certification, and a research archive. faculty member, the OWASP ModSecurity Core Rule Set (CRS CRS Course CRS Certified Residential Specialist (real estate certification) CRS Central Reservation System CRS Can't Remember Stuff (polite form) CRS Cost Reduction Strategy CRS Consumer Relations Specialist ) Project Leader and is also a member of the Web Application Security Consortium (WASC WASC Western Association of Schools and Colleges WASC West African School Certificate WASC Western Administrative Support Center (NOAA) WASC Western Australia Supreme Court WASC Washington Administrative Service Center ) where he leads the Distributed Open Proxy For Wikipedia's policy on editing from open proxies, please see Wikipedia:Open proxies. An open proxy is a proxy server which is accessible by any Internet user. Honeypot A server that is configured to detect an intruder by mirroring a real production system. It appears as an ordinary server doing work, but all the data and transactions are phony. Located either in or outside the firewall, the honeypot is used to learn about an intruder's techniques as Project.
What: <
"OWASP ModSecurity Core Rule Set Project"
When: <
Thursday, November 12, 2009, from 1:20 p.m. - 2:05 p.m. Eastern
Where: <
OWASP AppSec DC 2009
<
Walter E. Washington Convention Center
<
801 Mount Vernon Place NW
<
Washington, DC 20001
<
This presentation will provide an overview of the Core Rule Set version 2.0, how it works and new features including: * Snort An open source network intrusion detection system (NIDS) that is noted for its effectiveness. Developed by Martin Roesch, Snort can also be used just as a packet logger or packet sniffer. For more information, visit www.snort.org. See IDS. web attack signatures for converted emerging threats. * Collaborative rules for transactional variables and location matching. * Anomaly scoring for site-specific thresholds. * Easier exception handling to override An arrangement whereby commissions are made by sales managers based upon the sales made by their subordinate sales representatives. A term found in an agreement between a real estate agent and a property owner whereby the agent keeps the right to receive a commission for the sale of CRS checks without editing.
What: <
"The Web Hacking Incidents Database"
When: <
Friday, November 13, 2009, from 9:00 a.m. - 9:45 a.m. Eastern
Where: <
OWASP AppSec DC 2009
<
Walter E. Washington Convention Center
<
801 Mount Vernon Place NW
<
Washington, DC 20001
<
This presentation will highlight the statistics gathered from June - September of 2009 and provide insight into categories including: * Top attack methods. * Top compromise outcomes. * Top target geographic region. * Top vertical markets hit. For more information about OWASP AppSec DC 2009, please visit: http://www.owasp.org/index.php/OWASP_AppSec_DC_2009 Breach Security Labs, the research arm of Breach Security, Inc., plays an active role in leading web application security industry organizations such as OWASP and WASC. OWASP is a worldwide free and open community focused on improving the security of application software and is a not-for-profit entity. All of the OWASP tools, documents, forums, and chapters are free and open to anyone interested in improving application security. For more information about OWASP, visit: http://www.owasp.org/index.php/Main_Page About Breach Security Breach Security, Inc. is the leading provider of real-time, continuous web application integrity, security and compliance that protects sensitive web-based information. Breach Security's products protect web applications from hacking attacks and data leakage, and ensure applications operate as intended. The company's products are trusted by thousands of organizations around the world, including leaders in finance, healthcare, ecommerce, travel and government. For more information, please visit www.breach.com. |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion