Upcoming Events
San Francisco CiviCRM Meetup - February 8th, 2012
February 8th, 2012
Come meet others from the Bay Area who are interested in, using or developing (more...)
UK usergroup - London meetup
February 8th, 2012
Come and meet others from the UK that are using CiviCRM or are interested in (more...)
London user and administrator training
February 23rd, 2012
A comprehensive two day hands on training course covering the configuration, (more...)
CiviCRM London sprint Feb 2012
February 27th, 2012
Following the CiviCRM training here in London, we will have a CiviCRM code (more...)
Philadelphia - CiviCRM Meetup for Q1 2012
March 13th, 2012
UK South West - CiviCRM Meetup
March 20th, 2012
Come meet others from the Area who are interested in, using or developing for (more...)
[Bristol, UK] user and administrator training
March 21st, 2012
A comprehensive hands on training course covering the configuration, (more...)
San Francisco user and administrator training
March 29th, 2012
A comprehensive two day hands on training course covering the configuration, (more...)
CiviCRM Usability, Test and Code Sprint - San Francisco (March 2012)
March 29th, 2012
This usability, code and test sprint is targeted at CiviCRM users and (more...)
CiviCon 2012 San Francisco Bay Area - April 2nd 2012
April 2nd, 2012
CiviCon is THE annual event bringing together the people who use, develop, (more...)
CiviCRM Documentation, Test and Code Sprint - after CiviCon San Francisco (April 2012)
April 4th, 2012
This sprint is targeted at CiviCRM users and developers who want to work on (more...)
CiviCRM Components
Tools for engaging your supporters...
A day at OWASP Conference
- Not Just a Contact Database
-
These optional components give you more power to connect and engage your supporters.
civiCASE
Case management for clients and constituents.
civiCONTRIBUTE
Online fundraising and donor management.
civiEVENT
Online event registration and participant tracking.
civiMEMBER
Online signup and membership management.
civiMAIL
Personalized email blasts and newsletters.
civiREPORT
Report generation and template management.
CiviCRM India team had an opportunity to attend the OWASP-conference, New Delhi. It was a two day conference but we - Kurund, Sunil & I decided to attend the second day training/workshops just to stay away from theoretical lectures. We landed in Delhi on day-1 evening to avoid any last minute rush. And we realized the temperature in Mumbai was much better and Delhi being a bit hot. We had a booking in Ginger Hotel - value for money i must say :). Next day cool-morning we took rickshaw to Habitat-Center (the venue) and made exactly on time but the lectures due to some reason started late by an hour which was a bit disappointing. Workshops that we decided to attend ( based on lecturer's profile ) were -
1. Application Security Assessment (Threats and Exploits) and
2. Web 2.0 Security
In Application Security Assessment we had sessions on - web security industry, attacks & trends, few security incidents/breaks, change in the attack trend, next generation attacks (sql injection, parameter tempering ..etc), security cycle, root cause of vulnerabilities (programming errors 64% and misconfiguration & other problems 36%), various entry points, tracing, url misinterpretation, handler mismatch, directory browsing, information leakage from errors, mysql errors, source code disclosure, malicious code injection, server side code injections, sql injection/poisoning, XSS, CSFR, session hijacking, injecting fault.
In Web 2.0 Security session included - web 2.0 overview, web 2.0 attack surface, CSFR, XSS, security critical areas, error handling and logging. Discussion mostly revolved around AJAX which could be next popular attacking platform.
All discussions were general and didn't target any specific projects (like flaws in open source projects ..etc) but very certain that atleast 4 out of 10 would apply to your project. We really liked the examples/tricks that were shown, of course a few looked outdated/old. No doubt soon security assessment will be a major part of development cycle. Attending this session atleast has improved/changed my way of looking at web applications :).
