White-Hat Web Security of the Bay Area

Network security has made some major advances in the past couple decades, so much so, that is has become incredibly difficult to attack a well secured network perimeter as a means of accessing the data and systems contained therein. So it’s no wonder that malicious users have begun pursuing other avenues and skirting the perimeter defenses all together. From the attacker’s standpoint, breaching a network is all about economics and ROI. It just doesn’t make sense to mount an attack that will cost substantially more time and resources, when an easier path presents itself. How has this become possible? It’s simple, network defenses generally work in a very binary fashion; either a user is allowed access, or they are not. So when an administrator makes the decision to allow anonymous traffic into the network on port 80, they are inadvertently creating a tunnel through the perimeter defenses. This alone would not be an issue, but unfortunately, layer 7 has not received the same level of attention from the security industry as its layer 3 counterparts. With the majority of traffic on port 80 going unchecked, it makes far more sense to target the web servers behind the network as a primary entry point. Once a successful breach has occurred, the attacker can then utilize the compromised web server as a jumping point to the other systems within the network (completely bypassing perimeter defenses).

This group is intended to bring security conscious IT professionals together to both learn and discuss various topics as they relate to layer 7 security, and specifically Web Security. Events in this group will range from educational sessions, penetration testing tutorials, hacking demonstrations, hacking competitions and challenges, discussion panels, and hands on workshops. The content of the events will also range from advanced to beginner, the designation of which will be posted in the event description.

The primary audience for this group is web developers, but the information presented should be useful to a wide range of professionals. Advanced sessions are more likely to be code heavy and technical in nature, while beginner sessions will be higher level and focus more on concepts instead of examples and techniques.

Join us
Who do I know here?
Join us and be the first to know when new Meetups are scheduled
Log in with Facebook to find out
By creating a Meetup account, you agree to the Terms of Service

Learn to hack, Learn to protect.

Join and suggest a new Meetup

  • There are no upcoming Meetups

    Join us to be notified!
    Join us

Recent Meetups

  • May 12, 2012 · 6:00 PM

    Socializing and Security

    5 White-Hats

    It's been a while since the last meetup, and even though I don't necessarily have a good topic for this one, I figured it was about time.  So I'm proposing a social... Learn more

  • January 19, 2012 · 6:00 PM

    Security Discussion and Dinner at Amendment 21

    11 White-Hats | 4.00 4.001

    January is kind of a crazy month with everyone getting back into the swing of things after the holidays, so I figured we could do something a little lighter this time... Learn more

  • December 17, 2011 · 4:00 PM

    Introductions

    11 White-Hats | 4.00 4.001

    Our first meetup event will be the 17th of December (although if other dates are more preferable, please let me know).  While the start and end times are flexible, the... Learn more
See all past Meetups

What's new

  • New Member
    Sasha Sasha joined
    6 days ago
    Sasha
    "Student"
  • New Member
    Benjamin Drasin Benjamin Drasin joined
    May 8
    Benjamin Drasin
    "I'm a programmer who has been doing a lot of work in the area of digital security over the last three years. Am interested in learning more about the field and finding out what people are doing."
  • New Member
    Rajat Rajat joined
    April 25
    Rajat
    "Bio"
  • New Member
    KiDo KiDo joined
    April 25
    KiDo
    "I know nothing about hacking , and I'm trying to learn everything , all I wanna be is real white hat hacker."
  • New Member
    hip hip joined
    April 21
    hip
    "Hi , I'm security Researcher and pentester , I like pursue new skill. I always collect about security news in http://insight-labs.org/wiki/"
  • New Discussion
    Paul West Jauregui Paul West Jauregui started Job Opportunity: Security Consultant (Manager) at Praetorian — San Francisco area
    April 9
    Paul West Jauregui

    "Learn more and apply here: http://lnkd.in/FiUXRP... Job Description [url=http://w..."

    Read more…
  • New Member
    Paul West Jauregui Paul West Jauregui joined
    April 9
    Paul West Jauregui
    "Dedicated to helping the world's leading companies achieve risk management success."
  • New Member
    Lee Lee joined
    March 30
    Lee
    "I’ve been involved (at work & at play) in the information security field for many years. My interests include: Live OS - MS Windows, Linux & GNU, BSD, OS-X, Android, Embedded OS Technologies, Application Whitelisting, polymorphic Behavior & others."
  • New Member
    Sankar Sundarapandian Sankar Sundarapandian joined
    March 15
    Sankar Sundarapandian
    "I work with Adobe in the Flash Player security team. I have been fascinated by security for 3 years now and am looking forward to sharing and gathering some security knowledge."
  • New Member
    Abhijeet Prabhune Abhijeet Prabhune joined
    March 8
    Abhijeet Prabhune
    "Technology Evangelist."
More activity
 

Our Sponsors

Mykonos Software

Location and funding for events.

People in this
Meetup are also in:
103,858,611 RSVPs!
hide

Log in

Not registered with us yet?

Forgot your password?

or

Sign up

Meetup members, Log in

or
By clicking the "Sign up using Facebook" or "Sign up" buttons above, you agree to Meetup's Terms of Service