The Open Web Application Security Project (OWASP) is a 501c3 not-for-profit worldwide charitable organization focused on improving the security of application software. To sign up for future meeting notes and to discuss security topics with local gurus, sign up on the OWASP Portland mailing list: https://lists.owasp.org/mailman/listinfo/owasp-portland

About Joe

This chapter meeting feature guest speaker Joe Basirico, Director of Security Services at Security Innovation. Joe is responsible for managing the professional services business at Security Innovation. He leverages his unique experience as a development lead, trainer, researcher, and test engineer to lead the security engineering team in their delivery of high-quality, impactful assessment and remediation solutions to the company’s customers. His ability to blend his technical skills with risk-based contextual analysis and unwavering customer commitment makes him an invaluable asset for each Security Innovation client.

Joe is an active member in the security and open-source communities, having contributed technology, training, utilities, expertise and methodologies. He manages the company’s engineering blog and has written several publications that focus on vulnerabilities at the source code level. Joe holds a B.S in Computer Science from Montana State University.

About the Talk - Thinking Like the Enemy

In this talk I will help you get into the Hacker's mindset from my ten years of experience as a penetration tester, assessing some of the most exciting applications in the world.

This talk will cover the most important qualities of a hacker or security tester, Top Vulnerabilities that you can't afford to miss as well as more difficult to tackle vulnerabilities that have caused tons of headaches and pain. By the end of the hour you'll better understand how to cause your application true pain, find a tiny weakness and cause the walls of security to crumble around it. After that we'll also talk about how to rebuild those walls to be more robust.