Export or edit this event...

Application Security using OWASP

Thetus Corporation
34 NW 1st Ave
Portland, Oregon 97209, United States (map)




Application security is a moving target, but the Open Web Application Security Project (OWASP) is here in Portland to help you write and deploy applications securely. Speakers James Bohem and Tim Morgan will walk you through all of the free resources made available by OWASP to developers, application architects, and information security professionals.

As an example of how OWASP can help, we'll present some of the finer points of secure web session management, covering the variety of attacks on SSL-protected web traffic if sites are not configured properly. We'll touch on cookies, state management, SSL and some common problems and solutions.

Q&A will follow. Pizza and beverages will be served.


James Bohem manages the security program at WebMD Health Services, which includes a large web-based application with millions of users, as well as other security technologies and risk management for a 400+ person division of WebMD in Portland. James has 15 years in security consulting with a focus on application security, design and technical compliance with a range of regulations and standards. In addition, he has experience developing large distributed applications, microkernels, the UNIX kernel, and international software systems for open systems.

Tim Morgan has been taking deep technical dives in security for over a decade as an application security specialist and vulnerability researcher. Tim resides in Oregon and works as VSR where he helps to secure his customers' environments through penetration testing, training and forensic investigations. Tim also develops and maintains several open source digital forensics tools, including Bletchley, an application cryptanalysis toolkit.