August 2015 - Developer's Guide to Pentesting

Meeting Topic

Developer’s Guide to Pentesting


For the last several years, Bill has taken his twenty years of web development experience to application pentesting. Although he didn’t have a televised event to announce ‘the decision,’ he has gathered a vast collection of the real problems he has discovered in the majority of applications that he has tested. Reflected XSS, injection of all types, and privilege escalation are rampant, and that is only the beginning. What’s more, he hasn’t tested an application yet that had sufficient protection to keep him from breaking in and causing havoc. Come hear what they are, how they intersect with the OWASP Top 10, and what you can say to your developers to make the problems go away.

Speaker – Bill Sempf

Bill Sempf is a software security architect. His breadth of experience includes business and technical analysis, software design, development, testing, server management and maintenance, and security. In his 20 years of professional experience he has participated in the creation of well over 200 applications for large and small companies, managed the software infrastructure of two Internet service providers, coded complex software happily in every environment imaginable, tested the security of all natures of applications and APs, and made mainframes talk to cell phones. He is the author of C# 5 All in One for Dummies and Windows 8 Programming with HTML5 For Dummies; a coauthor of Effective Visual Studio.NET and many other books, a frequent contributor to industry magazines; and has recently been an invited speaker for the ACM and IEEE, BlackHat, CodeMash, DerbyCon, BSides, DevEssentials, the International XML Web Services Expo and the Association of Information Technology Professionals. Bill also serves on the board of the Columbus branch of the Open Web Application Security Project, and is the Administrative Director of Locksport International.

Pizza/Geek Dinner

Pizza will be provided as a snack during the meeting.


Thursday, 8/27/2015, 6:00 – 8:00pm


Information Control Company
2500 Corporate Exchange Drive
Columbus, OH 43231


Our Sponsorship Policy has changed! Take a look here.

Our Annual Sponsors:

Annual Sponsor - Cardinal Solutions

Annual Sponsor - Improving Enterprises

Our Meeting Sponsors:






Generous thanks to Microsoft for giving us the meeting space.

Our meeting swag sponsors include:


Opportunities to sponsor CONDG are available. For more information please email

We’re Moving Our Meeting Location

We have always been very thankful for being allowed to meet each month at the Microsoft Office, but unfortunately for the next few months we will have to move our meeting location while renovations are being done in the Microsoft Office.

We would like to thank our sponsor ICC for graciously offering to provide us a space to host the meetings for the new few months.

Their office is located on the north side of town by I270 and Cleveland Ave.


Information Control Company
2500 Corporate Exchange Drive
Columbus, OH 43231


Please join us for the July 23rd, August 27th, September 24th and October 22nd meetings at the new location!