![[UNIGROUP_of_New_York_Inc_Unix_Linux_BSD_Users_Group_NYC]](unigroup_of_new_york_unix_linux_bsd_users_group_nyc.gif)
UNIGROUP GENERAL MEETING
MEETING INTRODUCTION
Please note our September meeting is a Special 3rd TUESDAY meeting.
For our September 2013 meeting, Unigroup is pleased to have Mordecai Kraushar, from OWASP NYC, presenting OWASP Web Security Projects and OWASP's BWA Tool. We hope to learn about OWASP, local OWASP chapters and meetings, OWASP Projects and details concerning the OWASP BWA Tool.
See below for Unigroup's list of scheduled meeting topics for Sep/Oct/Nov/Dec 2013 and January 2014.
Pre-Meeting Topic / Special Guests:
Oracle Solaris DTrace Engineers are in-town and will be give us
an update on DTrace. 2-3 Senior Members of the Solaris DTrace
Engineering Team will provide a brief overview of how DTrace
and system observability tools have evolved and are continuing
to evolve within the Oracle Solaris ecosystem. We also hope to
learn how DTrace can be used to diagnose Web Application and
Security Issues (the main focus of our meeting) and how it can
be used towards understanding and isolating root-cause and
systems performance issues. DTrace, kstat, CLI stat tools,
and core stat store may be discussed.
SPECIAL INSTRUCTIONS:
---------------------
Most Unigroup meetings are open to the public!
To REGISTER for this event, please RSVP by using the
Unigroup Registration Page.
This will allow us to automate the registration process.
(Registration will also add you to our mailing list.)
Please avoid emailed RSVPs.
Please continue to check the Unigroup web site and THIS page,
for any last minute updates concerning this meeting. If you
registered for this meeting, please check your email for any last
minute announcements as the meeting approaches. Also make sure
any anti-spam white-lists are updated to _ALLOW_ Unigroup traffic!
If you block Unigroup Emails, your address will be dropped from
our mailing list.
Also, if you have an interest in Unigroup, be sure to receive
Unigroup information DIRECTLY from Unigroup, via direct receipt
of Emails and by visiting the Unigroup Web Site. NO OTHER SOURCE
provides timely, accurate and complete Unigroup information.
Please RSVP as soon as possible, preferably at least 2-3 days
prior to the meeting date, so we can plan the food order.
RSVP deadline is usually the night before the meeting day.
Note: RSVP is requested for this location to make sure the guard
will let you into the building. RSVP also helps us to
properly plan the meeting (food, drinks, handouts,
seating, etc.) and speed up your sign-in at the meeting.
If you forget to RSVP prior to the meeting day, you may
still be able to show up and attend our meeting, however,
we cannot guarantee what building security will do if
you are "not on the list".
DIRECTIONS
Location:
The Cooper Union (http://www.cooper.edu)
School of Engineering (*** New Building ***)
41 Cooper Square (3rd Avenue @ 7th Street, between 6th & 7th Streets)
East Village, Manhattan
New York City, 10003
Meeting Room: ** (See Above, Room May Change Month-to-Month)
Located on the East side of Cooper Square. Look for the
new building with the non-traditional appearance.
Entrance is at the corner of 3rd Avenue and 7th Street.
Building lobby sign-in is required at the guard's desk.
Enter the building, check in with the guard at the lobby for
directions to the Unigroup Meeting Room.
Nearest mass transit stations are:
'6' to Astor Place (stops right at The Cooper Union),
then walk 1 block East and 1 block South.
'R' to 8th Street, then walk about 2 blocks East
then 1 block South.
'4/5/6/R/N/Q' to Union Square, then walk South and East.
'B/D/F/V' to Broadway-Lafayette, then walk North and East.
Or take the new connection to the uptown '6'!
Free street parking in the area becomes available at 6pm.
There are also parking lots on Broadway, at (or just south of)
Astor Place (8th Street).
PRESENTATION OUTLINE
Topic: OWASP Web Security Projects, and, OWASP BWA - When bad PHP apps are good.
Introduction & Description of Talk:
The OWASP Broken Web Application (BWA) Project has several PHP applications that show you how 'not to do it" and is a useful OWASP project for those who want to 'know evil'. The BWA project is just one of many projects from Open Web Application Security Project (OWASP), an organization focused on improving the security of software.
(from the BWA Project page): The Broken Web Applications (BWA) Project produces a Virtual Machine running a variety of applications with known vulnerabilities for those interested in:
The OWASP BWA Project Page: https://www.owasp.org/index.php/OWASP_Broken_Web_Applications_Project
Outline of the Talk:
(to-be-announced)
References & Web Resources:
OWASP.org:
http://www.owasp.org
OWASP NYC Meetings:
http://www.meetup.com/OWASP-NYC/
Slashdot Article: OWASP Top 10 2013 Released:
http://it.slashdot.org/story/13/06/13/175209/owasp-top-10-2013-released
OWASP AppSec USA NYC Conference - November 18-21, 2013:
http://www.appsecusa.org
SPEAKER BIOGRAPHY
(to-be-announced)
COMPANY BIOGRAPHY
(from the OWASP.ORG web page): The Open Web Application Security Project (OWASP) is a worldwide not-for-profit organization focused on improving the security of software. OWASP's mission is to make software security visible, so that individuals and organizations worldwide can make informed decisions about true software security risks.
There are local OWASP chapters covering the NYC-Metro and Long Island regions.
For further information, please visit: http://www.owasp.org.
GIVEAWAYS
Addison-Wesley Professional/Prentice Hall PTR, and O'Reilly have been kind enough to provide us with review copies of some of their books, which we will continue to raffle off as giveaways at our meetings. The publishers always ask that the persons receiving the books provide a review and/or feedback about their books.
Unigroup would like to thank both companies for the support provided by their User Group programs.
As always, all of the books will be available for review at the start of the meeting.
Also, SuSE has also provided us with SuSE Linux SLES and SLED Install Media. We gave out SuSE Linux Media at our last meeting and have more DVDs for upcoming meetings. (We hope to have SuSE presenting Linux High Availability and Clustering at an upcoming meeting.)
FEE SCHEDULE
Unigroup is a Professional Technical Organization and User Group, and its members pay a yearly membership fee. For Unigroup members, there is usually no additional charges (ie. no meeting fees) during their membership year. Non-members who wish to attend Unigroup meetings are usually required to pay a "Single Meeting Fee".
Yearly Membership (includes all meetings): $ 50.00
Student Yearly Membership (with current! ID): $ 25.00
Non-Member Single Meeting: $ 20.00
Non-Member Student Single Meeting (with! ID): $ 5.00
* Payment Methods: Cash, Check, American Express.
! Students: We are looking for proof that you are
currently enrolled in classes (rather than working
full-time), and as such, your Student ID should show
a CURRENT date. We have been presented Student IDs
containing NO dates whatsoever, and in the
current environment, perpetual/non-expiring access
to university facilities just does not feel right.
If your ID contains no date, please bring
additional proof of current enrollment. Thanks.
NOTE: Simply receiving Unigroup Email Announcements does NOT indicate membership in Unigroup.
Members: Remember to bring your membership card with you to the meeting, to confirm your yearly renewal date!
FOOD AND REFRESHMENTS
Complimentary Food and Refreshments will be served. This includes "wraps" such as turkey, roast beef, chicken, tuna and grilled vegetables as well as assorted salads (potato, tossed, pasta, etc), cookies, brownies, bottled water and assorted beverages.
Please join us for this meeting, you won't want to miss it!
Webmaster (unilist