OWASP Bay Area Meeting – June 25th 2008

Prompted by James, I signed up a little while ago to the OWASP Bay Area chapter, keen to learn more about application security, both in hardening OpenSSO and Access Manager and in how those projects/products can contribute to securing applications. Well, whaddya know, the next meeting is a half day Application Security Summit at the Microsoft facility in Mountain View next Wednesday, when I’ll be out of town. Keen as I am to attend OWASP, I think the Jazoon folks would be a little upset if I didn’t show up for my session on OpenSSO, so I’ll have to be content with encouraging folks in the Bay Area to attend – all the details are here and, apparently, space is limited, so if you’re interested, sign up now!

2 Replies to “OWASP Bay Area Meeting – June 25th 2008”

  1. James:

    GM is asking for Sun’s solution and progress in defining solutions for OWASP for J2EE applications. Can you share more information on how OpenSSO Enterprise 8 is addressing OWASP vulnerabilities?


  2. Hi Mark,

    I assume you meant to address me (Pat) instead of James 🙂

    As it happens, we’ve just appointed an architect on the OpenSSO team to oversee security issues – watch Rajeev’s blog – http://blogs.sun.com/rangal/ – for more on the topic.

    While OWASP has some relevance to OpenSSO’s security (as OpenSSO is itself a Web application), and OpenSSO can help make apps more secure in enforcing access management policy, as far as I can see, the main lesson from OWASP is that you CAN’T sprinkle on magic security dust – you still have to secure your Web app.

Leave a Reply

Your email address will not be published.