OWASP Monthly Meeting - June 24, 2015

Join OWASP today and become a member of our community. (https://myowasp.force.com/MemberAppstep1?region=North+America)

Speaker: Joe Rozner

Joe is a Software Engineer at Prevoty. As an experienced software engineer with experience across many languages and paradigms Joe has focused his career on rapid prototyping and independent security research. He’s developed custom system call level sandboxes, rich web applications, and applications at all levels between. A strong interest in computer languages and implementation of them has led to a solid foundation and further cultivation in the area of language implementation and language security. This combination of experience has allowed Joe to lead teams in designing and creating truly unique products and solving difficult problems.

MAIN Topic: Langsec and You

Langsec attempts to solve specific vulnerability classes caused by specially crafted user input being accepted by an application that has an undesired or unintended effect. Langsec and You will describe many of these vulnerability classes specifically focusing on XSS and SQL Injection due to their prevalence and relevance to the audience. We will dive into exactly why these vulnerability classes exist and how to use langsec to help solve them. This will involve a brief introduction or refresher to formal language theory before concluding with a survey of some of the tools available to start implementing langsec solutions for yourself.

Sponsor: Verizon Digital Media Services (http://maps.google.com/maps?q=13031%20W%20Jefferson%20Blvd%20Ste%20900%2C%20Los%20Angeles%2C%20CA)