You are cordially invited to the Gateway JUG's next meeting on February 2nd, 2010. The meeting topic will be, "The 10 Most Critical Web Application Security Risks"
In case you missed our January meeting, you need to know ...
Beginning
in 2010, the Gateway JUG has teamed up with the Gateway Groovy Users
Group to bring you Groovy, Grails and Java at the same place, on the
same night.
Dave Klein, author the the Pragmatic
Programmer's book, "Grails: A Quick-Start Guide" is heading up the
Gateway Groovy Users group.
For more than a year, we at the
Gateway JUG have been stressing the importance of your beginning the
process of learning Groovy and Grails.
Groovy is Java's dynamic
language cousin. Groovy classes compile to JVM bytecode and run in the
JVM alongside Java classes. Groovy classes can call Java classes
directly and Java classes can call Groovy classes directly. Of course,
Java can't "see" dynamic methods on Groovy classes and can't take
advantage of all of Groovy's features. Still, the interoperability
between the two is very high, particularly when leveraging existing
Java code and APIs in Groovy.
Grails is to Groovy what Struts
and JSF are to Java; that is, Grails is Groovy's web framework. Because
Grails leverages the power of Groovy's dynamic language features, it
does far more elegantly than Struts or JavaServer Faces does, but in a
distinctly more elegant way. However, Grails builds on a stack of
proven Java technologies, like Hibernate, Spring, SiteMesh, Log4J, and
more. Grails uses the best of what Java and Groovy have to offer.
Several
large Java shops in town are already using Groovy in some way or
another, and at least one has multiple Grails projects underway.
So
starting last month, the Gateway Groovy Users group now meets from
6:00pm - 7:00pm on the first Tuesday of the month in the same location
as the Gateway JUG meets. The Gateway JUG meeting will then commence at
7:00pm. We'll share the same meeting location, date, and sponsor. We'll
wrap up at 8:30pm.
Learn more about the Gateway Groovy Users Group and the February 2nd meeting at http://gatewaygroovy.org/.
Now about our Gateway JUG meeting which will start at 7:00pm following the Gateway Groovy Users group meeting that starts at 6:00pm...
The February Gateway JUG meeting topic will be, "The 10 Most Critical Web Application Security Risks"
In this talk, we'll cover the new 2010 top 10 list published by the Open Web Application Security Project (OWASP). Through a combination of code, example scenarios, and demonstrations, you'll meet the top 10 web app security risks, including:
- Injection Flaws
- Cross Site Scripting (XSS)
- Broken Authentication and Session Management
- Insecure Direct Object References
- Cross Site Request Forgery (CSRF)
- Security Misconfiguration
- Failure to Restrict URL Access
- Invalidated Redirects and Forwards
- Insecure Cryptographic Storage
- Insufficient Transport Layer Protection
To RSVP, please follow the instructions at http://www.gatewayjug.org/rsvp-instructions.html which have recently changed.
The important part of the instruction update is that we're now using Meetup.com for our RSVPs. To RSVP, please visit http://www.meetup.com/GatewayJUG
and register to attend. Your e-mail address will be requested so that
we may contact you in the event of a meeting cancellation or important
update. (This time of year, having a way to reach you is especially
important.)
Note: To RSVP for the Gateway Groovy Users group
meeting that precedes our meeting (and you really should attend it!),
please visit http://www.meetup.com/GatewayGroovyUsers/
To RecapThe
Gateway JUG meeting will start at 7:00pm on February 2nd and will
immediately follow the meeting of the Gateway Groovy Users Group
meeting that will start at 6:00pm. I strongly encourage all of you to
attend both meetings; the extra 30 minutes over our old 2 hour format
will be well worth it!
Speaker: Jack Frosch
Sponsor: TekSystems
Meeting Notes: TBA
