December 2007

Thursday, December 20, 2007

6:00 - 7:30 PM


Josh More / Alliance Technologies


Web Application Security

Josh More presents an excerpt from SANS 504: Hacker Techniques, Exploits and Incident Handling. We will cover issues like Cross Site Scripting (XSS) and SQL Injection, with examples in a Ruby on Rails application.

Josh More has fourteen years of experience in IT, and seven years working in Security. He has designed, developed, and implemented distributed Linux-based secure products. He has also been the lead for all technical security matters -- ranging from incident handling to prevention -- in multiple companies. From a business perspective, he has consulted on security policy, vulnerability analysis, and strategy. He will be teaching a SANS security course in Des Moines in January 2008.

Meeting Location

Alliance Technologies
400 Locust Street, Suite 840
Des Moines, Iowa


  1. Park at the ramp at 4th and Grand, or drive around and find a spot on the street. (ramp parking costs $, street parking is free after 6).
  2. Come into the capital square building and take the escalator to the 2nd floor.  (If you come in via the skywalk, you will already be on the second floor.)
  3. Walk around to where the elevators are, sign in, and take an elevator to the 8th floor.
  4. Walk towards the near wall, turn left and cross the little bridge.  (The big bridge is the wrong way).
  5. Take the first left after you exit the small bridge.  Do not turn left until after you have crossed the bridge.

We are in a conference room on the left, after you pass several rooms and cubes.  Generally, you can just follow the noise.

If you get lost, call Josh More at: 515-245-7701

Map (Alliance Technologies)

Dinner After the Meeting

If you can, please plan to join us for dinner at a local restaurant after the meeting.