Chapter Meeting - BNP Paribas

Session: How To Track Down Your Ex(if) :: Adding Jpeg Exif detection to your penetration regiment and learning how to practice Safe (s)Exif

Abstract: We unintentionally distribute GPS data with every photograph, including indoor pictures. This talk will describe a real-world scenario involving remote education site where teachers & students exposed their confidential home address via profile pictures. Two new ZAP & Burp plug-ins will be released to automate the GPS data discovery during normal security assessments. In addition, suggestions for websites to protect their users and to remove the GPS data will also be provided.

Speaker: Jay Ball

Bio: https://www.linkedin.com/pub/jay-ball/0/51b/a0

=============================================

Session: OWASP Speed Talks – Math Kata Demo

Abstract: Math Kata - A term extended from “Code Kata”, which in turn borrowed from Japanese martial art kata concept. A math kata is an exercise which help application security professional horn his/her math and code skill through practices. In this talk, I would like to walk you through one of my favorite Math Kata examples.

Speaker: Yang Li

Bio: http://www.linkedin.com/in/yangli8/en

=============================================

Interested in being an Event Sponsor? : https://www.meetup.com/OWASP-New-Jersey/sponsors/

Looking for (2) Days of Hands on Technical Training? Check out http://www.hacknyc.com

=============================================

The Open Web Application Security Project (OWASP) is a 501(c)(3) (http://www.irs.gov/Charities-&-Non-Profits/Charitable-Organizations/Exemption-Requirements-Section-501(c)(3)-Organizations) worldwide not-for-profit charitable organization focused on improving the security of software. Our mission is to make software security visible, (https://www.owasp.org/index.php/Category:OWASP_Video) so that individuals and organizations (https://www.owasp.org/index.php/Industry:Citations) worldwide can make informed decisions about true software security risks.

Everyone is free to participate in OWASP and all of our materials are available under a free and open software license. You'll find everything about OWASP (https://www.owasp.org/index.php/About_OWASP) here on or linked from our wiki and current information on our OWASP Blog (http://owasp.blogspot.com/). OWASP does not endorse or recommend commercial products or services, allowing our community to remain vendor neutral with the collective wisdom of the best minds in software security worldwide.