OWASP Cleveland - Event Registration





11:30am - Check-In

12:00pm - Lunch / Networking

1:00pm - Presentation (Bill Sempf)


Next Meeting:

Thursday, April 10th @ 11:30am

@ Hyland Software (Get Directions | Important Parking Info)

Featured Presentation:
Information Disclosure: Looking Beyond Vulnerabilities to Freebies

While the application security community is focused on tools that test for various vulnerabilities, your servers, developers and organization could be giving out valuable details that just makes an attacker's job so much easier - free information. No vulnerability scanner will find the Stack Overflow post with admin credentials, or the 'hidden' file with a test account, or that obscure error message that makes your database barf. Bill will take you through hands on testing that you can try today: finding out about what your applications, servers, networks, and people are telling attackers about your innermost secrets.

About the Presenter: Bill Sempf  (@sempf)

In 1992, Bill Sempf was working as a systems administrator for The Ohio State University, and formalized his career-long association with internetworking. While working for one of the first ISPs in Columbus in ProfilePic20101995, he built the second major web-based shopping center, Americash Mall, using Cold Fusion and Oracle. Bill’s focus started to turn to security around the turn of the century. Internet driven viruses were becoming the norm by this time, and applications were susceptible to attack like never before. In 2003, Bill wrote the security and deployment chapters of the often-referenced Professional ASP.NET Web Services for Wrox, and began his career in pen testing and threat modeling with a web services analysis for the State of Ohio.

Currently, Bill is working as a security-minded software architect specializing in the Microsoft space. He has recently designed a global architecture for a telecommunications web portal, modeled threats for a global travel provider, and provided identity policy and governance for the State of Ohio. Additionally, he is actively publishing, with the latest being Windows 8 Application Development with HTML5 for Dummies.