owasp london chapter meeting 27th july 2017
play

OWASP London Chapter Meeting 27th July 2017 London Chapter - PowerPoint PPT Presentation

Sep 13, 2022 •242 likes •564 views

OWASP London Chapter Meeting 27th July 2017 London Chapter Chapter Leaders: Sam Stepanyan (@securestep9) Sherif Mansour (@kerberosmansour) Chapter Events: Chapter Meetings at least once every 2 months Hackathon &

  1. OWASP London Chapter Meeting 
 27th July 2017

  2. 
 London Chapter Chapter Leaders: • Sam Stepanyan (@securestep9) • Sherif Mansour (@kerberosmansour) 
 Chapter Events: • Chapter Meetings at least once every 2 months • Hackathon & CTF - once a year • Workshops - launching in August - hopefully monthly!

  3. Staying in Touch 
 OWASP London Join The OWASP London Mailing List: http://lists.owasp.org/mailman/listinfo/owasp-london Follow us on Twitter “Like” us on Facebook 
 @ owasplondon https://www.facebook.com/OWASPLondon Slack : owasp.slack.com #chapter-london Watch us on YouTube : YouTube.com/OWASPLondon OWASP London Provisional Dates of future meetings: Visit OWASP London Chapter webpage 28 September 2017 https://www.owasp.org/index.php/London

  4. Live Stream We are LIVE STREAMING THIS EVENT: facebook.com/OWASPLondon

  5. Agenda • Networking, pizza & drinks • Welcome and OWASP Update - Sam Stepanyan & Sherif Mansour • So you thought you were safe using AngularJS? Think again! - Lewis Ardern • Lightning Talk: OWASP Summit 2017 Outcomes - Dinis Cruz Sherif Mansour 
 - - - - - - -- - - - - break - - - - - -- - -- - -- - -- - -- - -- - - -- - -- - - • Introducing the OWASP ModSecurity Core Rule Set (CRS) 3.0 - Dr. Christian Folini • Wrap up • Networking & Beer - The Viaduct Tavern

  6. OWASP • We are a Global not-for-profit charitable organisation • Focused on improving the security of software • Vendor-Neutral Community • Collective Wisdom of the Best Minds in Application Security Worldwide • We collaboratively develop and provide free tools, guidance, standards • All meetings are free to attend (* free beer included )

  7. Worldwide • Over 200 local Chapters around the world

  8. UK Chapters • Belfast • Birmingham • Bristol • Cambridge • Leeds • London • Manchester • Newcastle • Royal Holloway (inactive) • Scotland • Sheffield • Suffolk

  9. Become a Member We are all VOLUNTEERS! (45,000 worldwide)

  10. Membership $50/year!

  11. Member Benefits ➡ Support Ethics & Principles of the OWASP Foundation ➡ Underscore your awareness of Application Security ➡ Increase your value, knowledge and expand your skills, network with professionals who share similar concerns, interests and goals, collaborate on projects ➡ Get exclusive discounts on AppSecEU/USA and many other Global CyberSecurity Conferences & events ➡ Donate to your local Chapter and Projects $50/year! ➡ Get an @owasp.org email address ➡ VOTE on issues that shape direction of OWASP community

  12. OWASP Member If you are a member already 
 - collect this sticker from the Chapter Leaders

  13. OWASP Corporate Members

  14. Premier Members Premier members (donate $20,000/year):

  15. London Chapter Supporters 


  16. OWASP Books 16

  17. Standards and Guidelines

  18. OWASP Top 10 2017 RC • RC1 of the OWASP Top 10 2017 has been rejected • A1, A2, A3, A4, A5, A6, A8, A9 have been left untouched by consensus view • Requirement to choose two additional items • Appeal for data and opinion is open until August 25, 2017 (github.com/OWASP/Top10) • The new OWASP Top 10 2017 is to be released late November 2017.

  19. OWASP Tools - ZAP

  20. OWASP JuiceShop * juice-shop v4.2.0 * juice-shop-ctf v1.2.0

  21. WASPY Awards Best Community Supporter (3 way tie): 
 • Dinis Cruz • Jeremy Long • Nicole Becher Best Mission Outreach: • Mark Miller Best Innovator • Seba Deleersnyder

  22. Girl Hacker? • Learn more about AppSec • Participate & Contribute in OWASP as Members and Leaders • Speak at OWASP events and AppSec conferences • Make Connections with like-minded women locally & globally • Develop Thought Leadership • Train and mentor all interested women in AppSec • Grow Your Careeer

  23. Women In AppSec Tanya Janca - WIA Chair 
 OWASP Ottawa Chapter Leader @shehackspurple

  24. AppSecUSA 2017

  25. All Day DevOps Join us on October 24, 2017

  26. OWASP Board Elections Candidates announced - August 7, 2017 Interviews: August 9 - September 1, 2017 Voting opens - October 9, 2017 Voting closes - October 31, 2017 Results Published - November 7, 2017

  27. Sherif Mansour Questions for Candidates:

  28. Present Your Talk Call For Speakers For Future Events Do you have a great Application Security Related Talk? 3 Tracks: • Breakers Submit the abstract of your talk and your bio to: • Defenders owasplondon @ owasp .org • Builders

  29. OWASP Summit 2017 


  30. Talk Time! • Lewis Arden • Sherif Mansour • Dr. Christian Folini

  31. 
 Thank You! Speakers: 
 Hosts for this event • JUST EAT • Lewis Arden • Dinis Cruz Sherif Mansour • Christian Folini All slides will be published on OWASP.ORG and video recordings will be on OWASP London YouTube channel in a few days • Attendees (you!)

  32. Pub Time! • Networking and Drinks at: • The Viaduct Tavern • 26 Newgate Street, EC1A 7AA

Recommend

OWASP London Chapter Meeting 30th March 2017 London Chapter Chapter Leaders: Sam

OWASP London Chapter Meeting 30th March 2017 London Chapter Chapter Leaders: Sam

OWASP London Chapter Meeting 30th March 2017 London Chapter Chapter Leaders: Sam Stepanyan (@securestep9) Sherif Mansour (@kerberosmansour) Keeping In Touch: Join the OWASP London mailing list Follow

917 views • 23 slides
OWASP London Chapter Meeting 23rd November 2017 London Chapter Chapter Leaders: Sam

OWASP London Chapter Meeting 23rd November 2017 London Chapter Chapter Leaders: Sam

OWASP London Chapter Meeting 23rd November 2017 London Chapter Chapter Leaders: Sam Stepanyan (@securestep9) Sherif Mansour (@kerberosmansour) Chapter Events: Chapter Meetings at least once every 2 months Hackathon

424 views • 29 slides
OWASP London Chapter Meeting 28th September 2017 London Chapter Chapter Leaders: Sam

OWASP London Chapter Meeting 28th September 2017 London Chapter Chapter Leaders: Sam

OWASP London Chapter Meeting 28th September 2017 London Chapter Chapter Leaders: Sam Stepanyan (@securestep9) Sherif Mansour (@kerberosmansour) Chapter Events: Chapter Meetings at least once every 2 months Hackathon

381 views • 35 slides
OpenSAMM Software Assurance Maturity Model Seba Deleersnyder seba@owasp.org OWASP Foundation

OpenSAMM Software Assurance Maturity Model Seba Deleersnyder seba@owasp.org OWASP Foundation

The OWASP Foundation Libre Software Meeting Brussels 10-July-2013 http://www.owasp.org OpenSAMM Software Assurance Maturity Model Seba Deleersnyder seba@owasp.org OWASP Foundation Board Member OWASP Belgium Chapter Leader SAMM project

682 views • 43 slides
Welcome to the OWASP Toronto Meetup Hello, and happy 2018! Announcement: OWASP Top 10 2017

Welcome to the OWASP Toronto Meetup Hello, and happy 2018! Announcement: OWASP Top 10 2017

Welcome to the OWASP Toronto Meetup Hello, and happy 2018! Announcement: OWASP Top 10 2017 Changes between 2013 and 2017 Hi, I am X. How do I get into AppSec/Security? OWASP Toronto Chapter January 17, 2018 Topics Overviews, Career Paths,

372 views • 36 slides
OWASP Daniel Brzozowski daniel@brzozowski.biz Agenda 1. Few words about OWASP 2. Owasp resources

OWASP Daniel Brzozowski daniel@brzozowski.biz Agenda 1. Few words about OWASP 2. Owasp resources

OWASP Daniel Brzozowski daniel@brzozowski.biz Agenda 1. Few words about OWASP 2. Owasp resources 3. Setting up workstations 4. OWASP WebScarab/OWASP WebScarab-NG 5. O2 Platform About me In London since October 2010 Before that MCPD, MCTS,

747 views • 58 slides
Chapter Meeting OWASP_Geneva 2015/10/19 About Me Thomas Hofer Java DEV / AppSec

Chapter Meeting OWASP_Geneva 2015/10/19 About Me Thomas Hofer Java DEV / AppSec

OWASP Dependency-Check Chapter Meeting OWASP_Geneva 2015/10/19 About Me Thomas Hofer Java DEV / AppSec OWASP Geneva Board State of Geneva @thhofer thomas.hofer@owasp.org Outline Context How it works / Integration

335 views • 9 slides
UC.yber; OWASP Chapter The University of Cincinnati's Official Cybersecurity Chapter What is

UC.yber; OWASP Chapter The University of Cincinnati's Official Cybersecurity Chapter What is

UC.yber; OWASP Chapter The University of Cincinnati's Official Cybersecurity Chapter What is OWASP? Open Web Application Security Project Non-profit organization focused on improving security of software. They have some GREAT info on

372 views • 9 slides
Insecurity in Informaton Technology Tanya Janca Tanya.Janca@owasp.org OWASP Otawa Chapter

Insecurity in Informaton Technology Tanya Janca Tanya.Janca@owasp.org OWASP Otawa Chapter

Insecurity in Informaton Technology Tanya Janca Tanya.Janca@owasp.org OWASP Otawa Chapter Leader OWASP DevSlop Project Leader @SheHacksPurple About Me The Im Qualifed Slide Tanya Janca: Applicaton security evangelist, web

1k views • 82 slides
OWASP Summit 2017 Why, how, what, where (v0.9, Jan 2017) Close your eyes Imagine a place

OWASP Summit 2017 Why, how, what, where (v0.9, Jan 2017) Close your eyes Imagine a place

OWASP Summit 2017 Why, how, what, where (v0.9, Jan 2017) Close your eyes Imagine a place where (some of ) the best Application Security and OWASP minds come together to collaborate and work a meeting of minds focused on solving

770 views • 37 slides
New Privacy in Android 11 and OWASP Mobile Security Albert Hsieh OWASP 200

New Privacy in Android 11 and OWASP Mobile Security Albert Hsieh OWASP 200

New Privacy in Android 11 and OWASP Mobile Security Albert Hsieh OWASP 200 OWASP Flagship Projects Tool Projects OWASP Amass OWASP CSRFGuard OWASP Defectdojo OWASP Dependency-Check OWASP Dependency-Track

751 views • 55 slides
OWASP Foundation OWASP does not endorse or recommend commercial products or services , allowing our

OWASP Foundation OWASP does not endorse or recommend commercial products or services , allowing our

OWASP Foundation OWASP does not endorse or recommend commercial products or services , allowing our community to remain vendor neutral with the collective wisdom of the best minds in software security worldwide. OWASP Foundation, NYC Chapter

382 views • 23 slides
Cookie Security Myths and Misconceptions David Johansson OWASP London 30 Nov. 2017 About Me

Cookie Security Myths and Misconceptions David Johansson OWASP London 30 Nov. 2017 About Me

Cookie Security Myths and Misconceptions David Johansson OWASP London 30 Nov. 2017 About Me David Johansson (@securitybits) Security consultant with 10 years in AppSec Helping clients design and build secure software Develop

613 views • 32 slides
OWASP Top Ten Kirk Jackson OWASP NZ RedShield https://www.meetup.com/ kirk@pageofwords.com

OWASP Top Ten Kirk Jackson OWASP NZ RedShield https://www.meetup.com/ kirk@pageofwords.com

Introduction to the OWASP Top Ten Kirk Jackson OWASP NZ RedShield https://www.meetup.com/ kirk@pageofwords.com OWASP-Wellington/ http://hack-ed.com www.owasp.org.nz Recordings: @kirkj @owaspnz https://goo.gl/a2VSG2 What is OWASP? Open

880 views • 45 slides
Web Attacks Deian Stefan Slides from Zakir Durumeric and Dan Boneh OWASP Ten Most Critical Web

Web Attacks Deian Stefan Slides from Zakir Durumeric and Dan Boneh OWASP Ten Most Critical Web

Web Attacks Deian Stefan Slides from Zakir Durumeric and Dan Boneh OWASP Ten Most Critical Web Security Risks https://github.com/OWASP/Top10/blob/master/2017/OWASP%20Top%2010-2017%20(en).pdf Today

998 views • 78 slides
SQL Injection Attacks: A Quick Primer hassan.abudu@owasp.org OWASP Top 10 Vulnerabilities - 2017

SQL Injection Attacks: A Quick Primer hassan.abudu@owasp.org OWASP Top 10 Vulnerabilities - 2017

SQL Injection Attacks: A Quick Primer hassan.abudu@owasp.org OWASP Top 10 Vulnerabilities - 2017 Rank Name 1 Injection 2 Broken Authentication 3 Sensitive Data Exposure 4 XML External Entities 5 Broken Access Control 6 Security

682 views • 8 slides
Web Attacks Nadia Heninger and Deian Stefan Slides from Zakir Durumeric and Dan Boneh OWASP Ten

Web Attacks Nadia Heninger and Deian Stefan Slides from Zakir Durumeric and Dan Boneh OWASP Ten

Web Attacks Nadia Heninger and Deian Stefan Slides from Zakir Durumeric and Dan Boneh OWASP Ten Most Critical Web Security Risks https://github.com/OWASP/Top10/blob/master/2017/OWASP%20Top%2010-2017%20(en).pdf Today

916 views • 87 slides
EVERGREENS FORTHCOMING TITLES SUMMER 2017 NEW EVERGREENS 27TH JULY 2017 A TALE OF TWO CITIES

EVERGREENS FORTHCOMING TITLES SUMMER 2017 NEW EVERGREENS 27TH JULY 2017 A TALE OF TWO CITIES

EVERGREENS FORTHCOMING TITLES SUMMER 2017 NEW EVERGREENS 27TH JULY 2017 A TALE OF TWO CITIES BY CHARLES DICKENS A brand-new edition of one of Dickenss best-loved works Follows the success of Great Expectations , Hard Times , Oliver Twist

526 views • 21 slides
Broken Authentication: What it means, and what you can do hassan.abudu@owasp.org OWASP Top 10

Broken Authentication: What it means, and what you can do hassan.abudu@owasp.org OWASP Top 10

Broken Authentication: What it means, and what you can do hassan.abudu@owasp.org OWASP Top 10 Vulnerabilities - 2017 Rank Name 1 Injection 2 Broken Authentication 3 Sensitive Data Exposure 4 XML External Entities 5 Broken Access

209 views • 6 slides
Monthly Meeting July 26, 2017 Central Maryland Chapter Sponsors: Bay Dynamics, Clearswift,

Monthly Meeting July 26, 2017 Central Maryland Chapter Sponsors: Bay Dynamics, Clearswift,

Monthly Meeting July 26, 2017 Central Maryland Chapter Sponsors: Bay Dynamics, Clearswift, LogRhythm, Logical Operations Parsons Cyber, Phoenix TS, Red Owl Analytics, Tenable Network Security, Vencore Agenda / Announcements Welcome to

188 views • 14 slides
Welcome to this first in a series of four presentations in preparation for our 27th general

Welcome to this first in a series of four presentations in preparation for our 27th general

Welcome to this first in a series of four presentations in preparation for our 27th general chapter in July 2013. The purpose of these presentations is to engage the members of our congregation in a continuing dialogue regarding the living out of

402 views • 15 slides
Driving OWASP ZAP with Selenium About Me Mark Torrens - Recently moved into Cyber Security -

Driving OWASP ZAP with Selenium About Me Mark Torrens - Recently moved into Cyber Security -

Driving OWASP ZAP with Selenium About Me Mark Torrens - Recently moved into Cyber Security - Based in London - Completjng MSc Cyber Security @ University of York - Security Architect for Kainos Mateusz Kalinowski - Java research OWASP

789 views • 23 slides
Anonymity Networks Laslo Hunhold Mathematisches Institut Universitt zu Kln 27th July 2017

Anonymity Networks Laslo Hunhold Mathematisches Institut Universitt zu Kln 27th July 2017

Anonymity Networks Laslo Hunhold Mathematisches Institut Universitt zu Kln 27th July 2017 In the lecture Information Theory and Statistical Physics by Prof. Dr. Johannes Berg motivation motivation hide initiator of a message in a

1.58k views • 68 slides
Quarter 2 PTO Meeting PTO Meetings for the 2017-18 Year: September 25th @ 6:00 November 27th @

Quarter 2 PTO Meeting PTO Meetings for the 2017-18 Year: September 25th @ 6:00 November 27th @

Quarter 2 PTO Meeting PTO Meetings for the 2017-18 Year: September 25th @ 6:00 November 27th @ 6:00 February 5th @ 6:00 April 23rd @ 6:00 Who are the parent leaders at Hickory Grove? PTO Board Members: President=April Williams Vice

474 views • 9 slides

More recommend