Kansas City March 2007 Meeting

The OWASP Kansas City chapter meeting in March 2007 was held from 6:30 to 8:30 pm on 3/7/2007. The location of the meeting was at the local Microsoft office in Corporate Woods in Overland Park (10801 Mastin Blvd, Suite 620).

Meeting Summary
Dave Ferguson started the meeting with a welcome and brief overview of OWASP. Membership options were described as well as the upcoming Spring of Code 2007 campaign where OWASP will be offering cash payouts to individuals for a variety of different approved projects. Everyone at the meeting then introduced themselves to the group.

Our first speaker was Tom Stripling from Security PS. Tom's topic was advanced script injection. He presented a variety of clever and interesting ways that attackers can take advantage of vulnerabilities and hinted as some nasty worm-like attacks that could start appearing in the future.

Following a break, Rohini Sulatycki from VML had a very informative presentation about the security issues around Adobe Flash. Rohini discussed the growing popularity of Flash and some vulnerabilites that existed in previous versions. Special attention was given to the importance of understanding Flash Remoting and Shared Objects.

The evening ended with a couple of book giveaways. Microsoft provided the group with two copies of Writing Secure Code (2nd Edition) by Michael Howard and David LeBlanc. Two lucky attendees went home with a copy.

Documents
[[Media:KC_Mar2007_Advanced_Injection_Attacks.zip|Advanced Injection Attacks]] (ppt within a zip) [[Media:KC_Mar2007_Flash_Security.pdf|Adobe Flash Security]] (pdf)