WebAppSec: Difference between revisions

← Older edit

WebAppSec (view source)

Revision as of 19:39, 20 August 2012

1,168 bytes added , 20 August 2012

→‎Mozilla Web Application Security

Mfuller

24

edits

@@ Line 15: / Line 15: @@
 [[WebAppSec/Security_Review_Request|Security Review Request]]
+[[WebAppSec/Wordpress_Security_Review_Process|Wordpress Theme or Plugin - Security Install Process]]
+==Filing a Web Security Bug==
+For instructions regarding the use of Bugzilla to file a web security bug, visit: [[WebAppSec/Filing_In_Bugzilla|Filing a Web Security Bug in Bugzilla]]
 == Presentations  ==
 Infrastructure security will be presenting on various security topics on a regular basis. These courses are free and open to anyone that would like to attend.  For those that are remote, please join us on air.mozilla.org to remotely watch the presentation.
-===Schedule===
+===Schedule-2012===
+===Schedule-2011-Archive===
 ===='''April 23, 2011 - Stanford Open Source Bootcamp'''====
 * Topic: Securing Web Applications through Hands On Security Hacking
@@ Line 47: / Line 55: @@
 * 10 minute online video - [http://www.youtube.com/watch?v=pypTYPaU7mM&feature=channel_video_title  Injection Attacks]
 * Archived [http://www.slideshare.net/michael_coates/sql-injection-mozilla-security-learning-center Slides]
-===='''August 24, 2011 - CEF Logging for Attack Aware Applications'''====
-* Topic: Implementing CEF logging to improve the security of web based applications
-* Time: 12pm-1pm Pacific
-* Location: Mountain View (10 Forward)
-* Remote Participation: Yes, streaming via [http://air.mozilla.org air.mozilla.org]
-* Archived Video , Slides - Will be available after the session
 ===='''August 25, 2011 - OWASP Bay Area Chapter Meeting '''====
@@ Line 59: / Line 60: @@
 ** 6:00 PM - 6:30 PM .............Check-in, registration, networking
 ** 6:30 PM – 6:35 PM ........... Welcome Remarks/Agenda - Mandeep Khera
-** 6:35 PM - 7:45 PM ............ Enabling Browser Security in Web Applications- Michael Coates, Mozilla Foundation
+** 6:35 PM - 7:45 PM ............ Enabling Browser Security in Web Applications- Michael Coates, Mozilla
 ** 7:45 PM – 8:30 PM…......... Blackhat spam SEO - Julien Sobrier, Zscaler
 * Time: 6pm-9:30pm Pacific
@@ Line 65: / Line 66: @@
 * Remote Participation: Yes, streaming via [http://air.mozilla.org air.mozilla.org]
 * RSVP Required (for in person) [http://www.regonline.com/owaspsiliconvalleychaptermeeting RSVP Here]
+===='''September 21, 2011 - CEF Logging for Attack Aware Applications'''====
+* Topic: Implementing CEF logging to improve the security of web based applications
+* Time: 12pm-1pm Pacific
+* Location: Mountain View (10 Forward)
+* Remote Participation: Yes, streaming via [http://air.mozilla.org air.mozilla.org]
+* Archived Video , Slides - Will be available after the session
+===='''December 5, 2011 - Cross-Site Request Forgery and other cross domain technologies'''====
+* Topic: Dealing with CSRF, the talk will also cover Cross-Origin Resource Sharing and the postMessage API
+* Time: 12pm-1pm Pacific
+* Location: Mountain View (10 Forward)
+* Remote Participation: Yes, streaming via [http://air.mozilla.org air.mozilla.org]
+* Archived Video , Slides - Will be available after the session
+===='''December 14, 2011 - What You See and What You Get - An Attacker's perspective'''====
+* Topic: The talk covers how an attacker views a software system, how that differs from more common perspectives and what that teaches us about how to make secure products
+* Time: 5-6pm GMT
+* Location: Adsetts Learning Center (room 6619), Sheffield Hallam University, UK
+* Remote Participation: No
+* Archived Video - to be made available soon
 ====Future Topics====