The January meeting of OWASP Boston is Wednesday, 6:30 p.m., at Akamai Headquarters -- 150 Broadway, on the 2nd floor.
Akamai CSIRT's Patrick Laverty will give a talk called "How a Hacker Views Your Web Site."
Laverty offered these details of the talk:
As defenders, we have to be right 100 percent of the time where an attacker only needs to be right once. The attack surface of a modern web site is incredibly large and we need to be aware of all of it. Additionally, individual attacks may not always be effective but sometimes using them together can gain the desired effect. In this talk, we'll take a look at the whole attack surface for a typical web site and the various ways that an attacker will use to compromise a site.
Laverty gave this presentation at the Boston Application Security Conference (BASC) in October, and it was well received.
Boston OWASP (The Open Web Application Security Project) meetings happen the first Wednesday of each month, usually at Akamai headquarters.
You can also watch Laverty deliver a talk on the differences between vulnerability management and penetration testing here.