OWASP - User contributions [en]

Helsinki

2013-06-07T12:57:02Z

Msaario: /* OWASP EUTour2013: June 17th 2013 */

{{Chapter Template|chaptername=Helsinki|extra=The chapter leader is [mailto:petteri.arola@owasp.org Petteri Arola]
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-helsinki|emailarchives=http://lists.owasp.org/pipermail/owasp-helsinki}}

==== Local News ====

<paypal>Helsinki</paypal>

'''Welcome to the OWASP Helsinki Chapter'''

The plan is to meet at least three to four times a year, each lasting 1,5-3 hours (more active "hands" means more meetings). This chapter is based in the capital area and therefore the meetings will be in or around Helsinki.

If you wish to present at one of the meetings or have any other inquiries, please contact the chapter leader.

==== Suomalaista sovellusturva-asiaa ====

[[Oppilaitoksille|Tietoa oppilaitoksille (Information for academic institutions)]]

[[Verkkomaksut|Ohjeita turvallisen verkkomaksuintegraation toteuttamiseen]]

==== Chapter Meetings ====

Currently OWASP Helsinki is working on the following tasks:

*[[Top 10 2007 Finnish]] aim to translate OWASP Top 10 list in Finnish

== OWASP EUTour2013: June 17th 2013 ==

'''Location: HTC Keilaniemi, Keilaranta 15'''

'''Time: 16:00-19:00'''

'''Agenda'''

'''16:00 Registration & coffee'''

'''16:15 Welcome /Petteri Arola, OWASP'''

'''16:30 Word from our sponsor'''

'''16:45 Nokia responsible disclosure program'''

Nokia has launched a responsible disclosure program recently. In this presentation we'll go through experiences starting and running such a program as a part of enterprise application security program.

'''17:30 Social engineering /Gavin Ewan"'''

'''19:00 Rounding up and discussion continues over food & drinks at same location'''

Please register at [http://www.regonline.com/owaspeutourfinland Regonline]

== OWASP Helsinki Chapter Meeting #21: April 24 2013 ==

'''Location: KPMG, Yrjönkatu 23 B, 6. floor'''

'''Time: 18:00-20:00'''

'''Agenda'''

'''18:00 Opening words /OWASP'''

'''18:10 Word from our sponso /Mika Laaksonen, KPMG'''

'''18:15 OWASP project news /Petteri Arola, OWASP'''

Newsflash of new and rebooted OWASP projects.

'''18:45 Utilizing VAHTI software development guide (VAHTI-sovelluskehitysohje) /Antti Alestalo, KPMG'''

VAHTI software development guide was published January 2013. Antti will talk about how to best utilize this new guide. Link to the guide: http://www.vm.fi/vm/fi/04_julkaisut_ja_asiakirjat/01_julkaisut/05_valtionhallinnon_tietoturvallisuus/20130207Sovell/VAHTI_1_Sovelluskehityksen_tietoturvaohje_NETTI.pdf

'''19:15 Database self-defence /Mika Aronen, KPMG (in place of "HTML5 & security /SC5"'''

'''20:00 Official program ends and discussion continues over food & drinks at same location'''

Please register at [https://www.eventbrite.com/event/6240751255 Eventbrite]

== OWASP Helsinki Chapter Meeting #20: December 4 2012 ==

'''Location: Nokia House, Keilalahdentie 4, Espoo'''

'''Time: 17:00-20:00'''

'''Agenda'''

'''17:00 Socializing time @ Nokia Lounge – Meet people & get to know your peer while having the opportunity to see Nokia product demos'''

'''18:00 Opening words /OWASP + HelsinkiJS'''

'''18:10 Word from our sponsor'''

'''18:20 Securing JavaScript based web apps /Erlend Oftedal'''

Single page web applications move much of the application logic to the client side. We now also see applications using JavaScript on the server side. How do we handle such applications from a security perspective? What problems are introduced and how do we handle them?

'''19:05 RESTful Security'''

Many applications rely on web services and ws-security for integration. But for more lightweight services with simpler protocols, REST is quickly gaining popularity. How do we secure REST services? What problems do we need to be aware of?

'''20:00 Official program ends and free debate continues at nearby location'''

CLOSED: Please register at [http://www.eventbrite.com/event/4856878053 Eventbrite]

Please use the NORTH entrance when entering the Nokia campus

== OWASP Helsinki Chapter Meeting #19: October 16 2012 ==

'''Location: Fujitsu, Valimotie 16, Helsinki'''

'''Time: 18:00-20:00'''

'''Agenda'''

'''18:00 Opening words /Petteri Arola, chapter leader'''

'''18:10 Word from our sponsor /Fujitsu'''

'''18:25 Hybrid mobile application security and HTML5 with a focus on getUserMedia /Mikko Saario, Nokia'''

Both the mobile scene via “hybrid” apps and the so-called traditional web are evolving into the same direction – are the threats doing the same? Using mainly Windows Phone 7 (and some Qt) examples and demos, Mikko will take a look at the security aspects in mobile hybrid apps. The HTML5 demo will concentrate on some newly mainstreamed technologies such as getUserMedia.

'''19:10 Introduction to Oauth 2.0 + demo /Teemu Kääriäinen, Nixu'''

Teemu gives an introduction about Oauth 2.0 and takes a closer look at security aspects, implementation guidelines and compares Twitter, Facebook and Google implementations.

'''20:00 Official program ends and free debate continues at nearby location'''

'''Please register in Eventbrite http://www.eventbrite.com/event/4462882602'''

== OWASP Helsinki Chapter Meeting #18: June 26 2012 ==

'''Location: Kela, Nordenskjölkinkatu 12, Helsinki'''

'''Time: 17:30-20:00'''

'''Agenda'''

'''17:30 Opening words /Petteri Arola, chapter leader'''

'''17:45 Word from our sponsor /Kela'''

'''18:00 Helsinki Ruby Brigade intro'''

'''18:15 Ruby on Rails security - why could it fail'''

'''19:00 Panel discussion'''

'''19:45 Wrap-up'''

'''20:00 Discussion continues in a nearby pub Hadanka'''

'''Please register with petteri.arola(at)owasp.org'''

== OWASP Helsinki Chapter Meeting #17: March 21 2012 ==

'''Location: Marttakeskus, Malminrinne 1 B, 7. krs, Helsinki'''

'''Time: 17:30-19:30'''

'''Agenda'''

'''17:30 Coffee'''

'''17:40 Opening words /Petteri Arola, chapter leader'''

'''17:50 Web Application Access Control Design Excellence / Jim Manico, OWASP'''

Download the presentation from our file page: [[image:Developer_Top_Ten_Core_Controls_v4.1.pdf]]

'''19:30 Meeting ends and discussion continues over buffet and refreshments and there's a possibility to bath in sauna too'''

'''23:00 Event ends'''

'''Please register with enroll(at)nixu.com'''

== Tietoturvapäivä Turku: February 7 2012 ==

''' Sovellusturvallisuus / Petteri Arola, OWASP'''

Download the presentation from our file page: [[image:OWASP_esitys_tietoturvapäivä_Turku_20120207.pdf]]

== OWASP Helsinki Chapter Meeting #16: October 18 2011 ==

'''Location: Hall TU2, Tuas house, Otaniementie 17, 02150, Espoo'''

'''Time: 17:00-19:30'''

'''Agenda'''

'''17:00 Coffee and lock picking'''

'''17:30 OWASP - What is it?'''

'''17:45 Introduction to OWASP projects - OWASP Top Ten, ASVS - Testing guide - How OWASP relates to academic world'''

 Download presentation from our file-page: [[Image:OWASP_presentation_for_Aalto.pdf]] 

'''18:45 Break'''

'''19:00 Hacking demonstrations'''

'''19:30 - Discussion continues in a nearby public house'''

'''Please register with petteri.arola(at)owasp.org'''

== OWASP Introduction to Turku AMK students: September 12th 2011 ==

'''Introduction to Application security and OWASP / Petteri Arola, OWASP'''

'''OWASP top 10 and hacking demos / Pekka Sillanpää, OWASP'''

== OWASP Helsinki Chapter Meeting #15: June 15 2011 ==

'''Location: Itämerenkatu 11 - 13, Helsinki'''

'''Time: 17:30-19:30'''

'''Agenda '''

'''17:30 Welcome, Petteri Arola, Chapter Leader'''

'''17:35 Word from our sponsor Nokia'''

'''17:45 HTML5 Security, Ville Säävuori, Syneus'''

'''18:30 Break'''

'''18:40 Mobile Application Security, Ari Kesäniemi and Juhani Mäkelä, Nixu''' [[Image:Mobile-threat-analysis-short-presentation owasp.pdf]] [[Image:Why-privacy-matters.pdf]] 

 '''19.30 - Discussion continues in a nearby public house or terrace if it's sunny'''

'''Please register with mikko.saario(at)nokia.com'''

== OWASP Helsinki Chapter Meeting #14: February 22 2011 ==

'''Location: Nixu Oy, Keilaranta 15, Espoo'''

'''Time: 17:30-19:30'''

'''Agenda''' 

'''17:30 Welcome Petteri Arola, OWASP Helsinki Chapter Leader'''

'''17:35 Word from our sponsor Nixu Oy'''

'''17:45 OpenSAMM, Pravir Chandra /Fortify'''

'''18:30 Break'''

'''18:40 Threat modeling, Pravir Chandra /Fortify'''

 '''19.30 - Sauna and refreshments from our sponsor'''

'''Please register with enroll(at)nixu.com'''

 Download OpenSAMM presentation from opensamm.org [http://www.opensamm.org/downloads/resources/OpenSAMM-1.0.ppt] 

== OWASP Helsinki Chapter Meeting #13: June 8 2010 ==

'''Location: KPMG, Forum, Yrjönkatu 23 B 6th floor, Helsinki'''

'''Time: 17:00-19:30'''

'''Agenda''' 

'''17:00 Welcome Petteri Arola, OWASP Helsinki Chapter Leader'''

'''17:05 Word from our sponsor KPMG '''

'''17:15 Agile secure software development, Antti Vähä-Sipilä / Nokia Oyj''' http://www.owasp.org/images/c/c6/OWASP_AppSec_Research_2010_Agile_Prod_Sec_Mgmt_by_Vaha-Sipila.pdf

'''18:00 ASVS (OWASP Application Security Verification Standard), Pekka Sillanpää / Nixu Oy'''

'''18:45 ESAPI (OWASP Enterprise Security API) demo, Anssi Porttikivi / KPMG'''

Download presentation from our file-page:[[Image:ESAPI for OWASP.pdf]]

 '''19.30 - Discussion continues at some nearby establishment'''

'''Please register with anssi.porttikivi(at)kpmg.fi'''

 

== OWASP Goes! Locksport: April 20 2010 ==

'''Location: Nsense Oy, Ahventie 4, Espoo'''

'''Time: 17:30-20:30'''

'''Agenda'''

'''17:30 Welcome Petteri Arola, OWASP Helsinki Chapter Leader'''

'''17:35 Word from our sponsor Nsense Oy'''

'''17:45 Introduction to Locksport (presentation in Finnish)'''

'''19:00 - Sauna and refreshments from our sponsor'''

'''Please register with ilmoittautumiset##nsense.fi '''

 

== OWASP Helsinki Chapter Meeting #12: March 30 2010 ==

'''Location: Helsingin Energia, Sähkötalo, Runeberginkatu 1, Helsinki'''

'''Time: 18:00-20:00'''

'''Agenda''' 

'''18:00 Welcome Petteri Arola, OWASP Helsinki Chapter Leader'''

Download presentation from our file-page:[[Image:OWASP -12 Helsinki chapter meeting.pdf]]

'''18:05 Word from our sponsor Helsingin Energia '''

'''18:15 3 different views on information security and social media applications'''

- information security in social media API’s, Antti Nuopponen/Nixu Oy

Download presentation from our file-page:[[Image:Security of social media apis v1.pdf]]

- Facebook apps, Markus Törnqvist/Fad Consulting

Download presentation from our file-page:[[Image:Mjt owasp 2010.pdf]]

- Payment API’s, Tuomas Toivonen/Scred

Download presentation from our file-page:[[Image:Owasp-payment-apis.pdf]]

'''20.00 - Discussion continues at nearby establishment Bruuveri'''

'''Please register with antti##owasp.org'''

 

== OWASP Helsinki Chapter Meeting #11: November 17 2009 ==

'''Location: Nsense Oy, Ahventie 4, Espoo'''

'''Time: 18:00-20:30'''

'''Schedule''' 

'''18:00 Welcome Antti Laulajainen, OWASP Helsinki Chapter Leader'''

'''18:05 Word from our sponsor Nsense Oy'''

'''18:15 Manual vs. Automated Code Analysis, Ari Kesäniemi, Senior Consultant, Nixu'''

Download presentation from our file-page:[[Image:Ari kesaniemi nixu manual-vs-automatic-analysis.pdf]]

'''19.00- Sauna and refreshments from our sponsor'''

 

'''Please register with ilmoittautumiset##nsense.fi'''

== OWASP Helsinki Chapter Meeting #10: October 20 2009 ==

'''Location: Tieto Oy, Ratamestarinkatu 7B, Helsinki'''

'''Time: 18:00-19:40'''

'''Schedule''' 

'''18:00 Welcome Antti Laulajainen, OWASP Helsinki Chapter Leader'''

'''18:00 Word from our sponsor Tieto Oy'''

'''18:10 Distributed Services Security, Anton Panhelainen, Tieto Oy'''

Download presentation from our file-page:[[Image:Security in integration and ESB-OWASP 20091020.pdf]]

'''18:40 Public Web Services Interface and Security, Pyry Heikkinen, Finnish Customs'''

'''19:40 Closure and move to Vltava'''

'''20:00 or so'''

*Enjoy Helsinki Vltava watering hole at own risk & cost near Helsinki Railway station

'''Please register with Pauli Kauppila pauli.kauppila##tieto.com or Mobile +358 400 870 324'''

== OWASP Helsinki Chapter Meeting #9: May 12 2009 ==

'''Location: Louhi Networks Oy, Itälahdenkatu 22 A, Helsinki'''

'''Time: 17:30-19:00'''

'''Schedule''' 

'''17:30 OWASP latest activities Antti Laulajainen, OWASP Helsinki Chapter Leader'''

'''17:45 Word from our sponsor Louhi Networks'''

'''18:00 Panel discussion about application scanners'''

*Panel members includes representatives for Nixu Oy, KPMG Oy and Louhi Networks Oy

 '''19:00 or so'''

*Enjoy local establishments at own risk & cost at Bar 52 near meeting location

'''Please register with Henri Lindberg henri.lindberg##louhi.fi'''

== OWASP OWASP Goes! Viestimuseo: March 29 2009 ==

'''Location: Varuskunta, Takakasarmi, Viestimuseontie rak. 64, 11311 Riihimäki '''

'''Time: 13:00-15:00'''

Viestimuseossa Riihimäellä, http://www.viestikiltojenliitto.fi/viestimuseo/ on maaliskuun loppuun WWII radiotiedustelua esittelevä erikoisnäyttely, josta voi löytyä ammennettavaa myös tämän päivän tietoturvatekniikoiden parissa työskenteleville. Koska OWASP:in tiimoilta löytyi kiinnostusta lähteä tutustumaan ko. näyttelyyn, museolle on varattu opastettu kierros maaliskuun viimeiselle sunnuntaille su 29.3.2009 klo 13:00 eli kokoontuminen museolla ko. aikaan.

Museo ja näyttely ovat auki myös muina aikoina, joten jos tämä aika ei käy, paikalla voi toki käydä muulloinkin.

Tarkemmat ajo-ohjeet ja yhteystiedot löytyvät museon kotisivuilta, http://www.viestikiltojenliitto.fi/viestimuseo/yhteystiedot.html

Museo sijaitsee Viestirykmentin vieressä, mutta varsinaisen varuskunta-alueen ulkopuolella, joten museokäynti ei vaadi kulkulupia alueelle.

Paikalle innostuvat hoitavat oman logistiikkaratkaisunsa & sisäänpääsymaksunsa.

Lisätietoja tarvittaessa timo.merilainen (ät) iki.fi

 

== OWASP Helsinki Chapter Meeting #8: March 12 2009 ==

'''Location: Samlink, Linnoitustie 9, Espoo (Leppävaara)'''

'''Time: 17:00-19:00'''

'''Schedule''' 

'''17:00 OWASP latest activities Antti Laulajainen, OWASP Helsinki Chapter Leader'''

'''17:15 Introduction to Samlink, Jari Pirhonen, security director, Samlink'''

'''17:30 Methodology owner’s point of view: Information security as part of software development methodology, Topi Mattila, methodology manager, Samlink'''

'''18:15 Presentation from Finnish Tax Administration", Petri Puhakainen, security director, Finnish Tax Administration'''

 '''19:00 or so'''

*Enjoy local establishments at own risk & cost at Sello

'''Please register with Jari Pirhonen jari.pirhonen##samlink.fi'''

== OWASP Introduction to startup firms: Thursday January 15th 2009 ==

'''Location: Ravintola Korjaamo, Töölönkatu 51, 00250 Helsinki'''

'''Time: 18:00-20:00'''

'''Schedule''' 

'''18:00 Introduction to OWASP by Henri Lindberg, OWASP Helsinki Active Visitor'''

*What OWASP is
*Examples of useful Tools and Documents
*OWASP in Finland

Presentation: [[Image:OWASP Startups 20090115 Henri.pdf]]

(Antti Laulajainen, OWASP Helsinki Chapter Leader was originally supposed to introduce OWASP)

'''18:15 Implementing application security in a Finnish startup by Henri Lindberg, Scred'''

*Henri Lindberg from Scred shares experiences and lessons learned
*How to make your web application more secure with minimal budget

Presentation: [[Image:SDG Scred 090115.pdf]]

'''18:30 or so'''

*Enjoy local establishments at own risk & cost

== OWASP Helsinki Meeting #7: Tuesday November 11th 2008 ==

'''Location: Nokia Ruoholahti, Itämerenkatu 11-13, 00180 Helsinki'''

 

'''Time: 17:00-18:30'''

'''Schedule''' 

'''17:00 Welcome by Antti Laulajainen, OWASP Chapter Leader'''

*Current state and progress of OWASP Top 10 Finnish translation

'''17:20 Antti Vähä-Sipilä, Nokia: SAFECode'''

*Introduction and overview of SAFECode (The Software Assurance Forum for Excellence in Code)
*SAFECode publications

'''17:40 Juhani Eronen, CERT-FI: Lifecycle of a security vulnerability'''

*Microsoft MS08-067 (Vulnerability in Server Service Could Allow Remote Code Execution), its history (MS06-040) and exploitation.

'''Discussion'''

'''18:30 or so'''

*Enjoy local establishments at own risk & cost [cerveza, aqua con gas, etc]

'''PLEASE REGISTER WITH: mikko . saario at nokia . com (we have reserved snacks for 25 people)'''

== OWASP Helsinki Web Hacking Workshop, Tuesday September 10th 2008 ==

'''Location: Teleware / KPMG, Laajalahdentie 23, 6. floor, reception at the ground floor, 00330 Helsinki'''

'''Time: 18.00 - 20.00'''

'''Schedule'''

'''18.00 Welcome and recent activities. Antti Laulajainen '''

'''18.05 Web Hacking Workshop, Anssi Porttikivi, Senior ICT Advisor KPMG/Teleware'''

*KPMG Oy IT Security Advisory marketing presentation 15 min
*Web hacking exercises and demonstrations in a laboratory class (using WebGoat and WebScarab tools)

'''Snacks available. Send your reservations to Anssi's mail address, anssi.porttikivi@kpmg.fi. Room for 20 participants.'''

 '''Note! Be in time, because the reception closes at 18.'''

== OWASP Goes! CERT-FI, Thursday, June 12th 2008 ==

'''Location: Viestintävirasto, Itämerenkatu 3 A, 00180 Helsinki and One Pint Pub Santakatu 2, 00180 Helsinki'''

 '''Time: 16.00 - 20.00'''

 '''Schedule'''

'''16.00 Welcome and recent activities. Antti Laulajainen '''

 '''16.10 Introduction of CERT-FI. Juhani Eronen, Information Security Adviser, CERT-FI'''

 '''16.30 Vulnerability coordination. Juhani Eronen'''

*CERT-FI as a vulnerability coordinator
*Coordination examples

'''18.00 Possibility to continue the evening at the One Pint Pub'''

*If someone fancies a (self-financed) beer

 '''Viestintävirasto asks those who wish to participate to the meeting to register in advance. For registrations please contact CERT-FI Unit Secretary Virpi Hienonen (virpi.hienonen(at)ficora.fi). The deadline is June 6, 2008.'''

== OWASP Helsinki Chapter meeting/Get Together #6 Tuesday, May 13th 2008 ==

Thank you for attending.

You can download the presentation here'''https://www.owasp.org/images/7/70/OWASP_HelsinkiChapter_130508.pdf'''

Coverage of the event in local news (Finnish only) http://mikropc.net/uutiset/index.jsp?categoryId=atk&day=20080514#w2008051411524012715

 '''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki and Ravintola Kaisla, Vilhonkatu 4, 00100 Helsinki'''

'''Time: 16.00 - 20.00'''

 

Welcome to spring meeting 2008.

 '''Schedule'''

'''16.00 - 16.10 OWASP update. Antti Laulajainen'''

'''16.10-17.00 Notes From The field, OWASP tools and usage experiences, Jarkko Holappa & Antti Laulajainen'''

'''17.30 - 20.00 Drinks at Ravintola Kaisla (Bring Your Own Wallet)'''

 Hope to see as many of you as possible!

== OWASP Helsinki Chapter meeting #5 Tuesday, March 11th 2008 ==

'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki.'''

'''Time: 18.30 - 20.30'''

Welcome to first meeting of 2008. OWASP Helsinki resumes activities after winter break.

We are pleased to have as a speaker Technology Manager of Nokia Product Security, Alexandr Seleznyov. His topic will be current state of application security.

'''Schedule'''

'''18.30 - 18.40 OWASP update. Antti Laulajainen'''

'''18.40 - 20.30 Current State of Application Security. Alexandr Seleznyov'''

 Hope to see as many of you as possible!

== OWASP Helsinki & RWSUG Seminar Tuesday, January 29th 2008 ==

'''Location: IBM, Laajalahdentie 23, 00330 Helsinki.''' '''Time: 11.15 - 19.00'''

OWASP Helsinki and Rational and Websphere User Group Finland RWSUG are aiming to co-operate to raise application security awareness. OWASP Helsinki will have a presentation in RWSUG agility seminar. More information from http://www.rwsug.fi/default.asp?path=1,39,385

'''You can download the presentation here''' https://www.owasp.org/images/c/cd/RWSUG5_Agile_Security_Management.pdf

See program below. Most of it is Finnish only

*11.15 Ilmoittautuminen alkaa
*11.15-12.00 Buffet-lounas
*12.00-12.10 Tilaisuuden avaus Jussi Jutila, Puheenjohtaja, RWSUG ry

KEYNOTE

*12.10-13.30 Scaling Agile Software Development: Strategies for Applying Agile in Complex Situations Scott W. Ambler, Practice Leader Agile Development, IBM Canada
*13.30-13.45 Kahvitauko
*13.45-15.30 SOA liiketoiminnan näkökulmasta ja SOA toteutuksen näkökulmasta kansainvälisessa hankkeessa Kari Laine, IT Architect, IF ja Jarmo Laine, Senior Software Architect,Primasoft
*15.30-15.45 Tauko
*15.45-16.30 Ketterä tietoturvan hallinta ohjelmistotuotannossa Reijo Savola, VTT
*16.30-17.15 Jazz Update IBM
*17.15-19.00 Iltapalaa ja verkostoitumista IBM Forumissa

 

== OWASP Helsinki Introduction to ISACA Finland Thursday January 24th 2008 ==

OWASP Helsinki participated in ISACA Finland meeting to raise application security awareness among system auditors and inspectors. A presentation was held that introduced basic web techniques, some security issues, OWASP in general, OWASP projects and OWASP Helsinki chapter. '''You can download the presentation here''': https://www.owasp.org/images/e/e4/OWASP_ISACA_20080124.pdf (Finnish Only) 

== OWASP Helsinki meeting #4 Fall 2007 with Mark Curphey, Tuesday, October 2 2007 ==

'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki.'''

Thank you for all participants and Mark from great presentation.

Coverage of the meeting in the local news (in Finnish): http://mikropc.net/uutiset/index.jsp?categoryId=atk&day=20071003#w2007100315112711629

 We are delighted to have Mark Curphey - the OWASP founder and new head of Microsoft's ACE (Application Consulting & Engineering) team in Europe - to visit Finland and discuss web app security with us. Hopefully as many as of you possible can participate!

'''18:30 Welcome and recent Helsinki chapter activities. Antti Laulajainen'''

'''18:40 Naked Software Security. Mark Curphey'''

*Commentary on how to build secure software
*Thoughts on the industry

 '''WELCOME!'''

== OWASP Helsinki meeting #3 Summer 2007: "SOA, Web Services & XML Security", Tuesday, June 5th 2007 ==

'''Date: June 5th'''

 '''Location: Smilehouse, Itälahdenkatu 22A (Stonesoft building), Lauttasaari.'''

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/tietoturva_docview.jsp?f_id=1186167

 '''19:00 Welcome & quick recap of recent OWASP activity and the Spring conference. Mikko Saario.'''

 '''19:15 Gunnar Peterson, CTO Arctec Group and project lead for the OWASP "XML Security Gateway Evaluation Criteria".'''

Gunnar will be visiting Finland to provide training via Tietoturva ry on this subject. Topics to be covered:

*XML Security Gateways
*Message level threats and security countermeasures in Web services
*OWASP XML Security Gateway Evaluation Criteria Project

 '''20:15 "Real-life usage of OWASP tools". Alexandr Seleznyov, Nokia Product Security.'''

(There is a chance Alex cannot make it. In that case we will discuss SOA stuff in more detail or just head off to bar earlier.)

 '''20:45 Enter Bar 52...''' --> Enjoy (sponsored) beverages.

== OWASP Helsinki meeting #2 Winter 2007, Web Application Firewalls, Thursday, February 22 2007 ==

Thank you for the 29 participants, the speakers and the host - Nixu - for making this event happen!

'''Location: Nixu, Mäkelänkatu 91, 00601 Helsinki.'''

What are Web Application Firewalls (WAF), how do they work, what do they do and what don't they do. Discussion and sharing of experiences of various technologies and products.

 '''18.30 Welcome. Mikko Saario, Chapter Leader.'''

Today's topic and agenda in short.

 '''18.35 "Web Application Firewalls Technical Analysis". Joakim Sandström, CTO nSense.'''

http://www.owasp.org/images/6/6a/Owasp_waf_joakim.pdf

- Technology

- Blacklisting & Whitelisting

- mod_security features

- Do's and Don'ts

 '''19.30 "The Core Rule Sets". Ofer Shezaf, CTO Breach Security.'''

http://www.owasp.org/images/f/f4/The_Core_Rule_Set_-_Ofer.pdf

- WAF deployment and protection strategies

- Detection of generic web layer attacks

- Virtual patching

== OWASP Helsinki meeting #1, Tuesday, Dec 12 2006 at Ernst & Young ==

The Helsinki chapter had the first meeting at Ernst & Young office in Elielinaukio 5 B. The agenda and the presentations for the meeting are below. We had a good turnout: 22 people were present i.e. all seats were taken - we were very happy to see all these people to be interested in application security issues.

 Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/doc.do?f_id=1083463

 '''18:30 Welcome. What is OWASP and why OWASP Helsinki?'''

Mikko Saario made a short presentation about OWASP and the objective for the local Helsinki chapter.

 '''19:00 Analyzing Threats (Olli Wiren; olli [at] juurihoito.org)'''

Olli Wiren discussed application related threats and corresponding security issues.

http://www.owasp.org/images/7/7c/Owasp-olli.pdf

 '''19:45 Open discussion regarding OWASP Helsinki; what is expected or wished; how to go ahead and so forth.'''

There was a lively discussion regarding what type of activities should be arranged in the future. More details will follow...

==== Helsinki OWASP Chapter Leaders ====

The chapter leader is [mailto:Petteri.arola@owasp.org Petteri Arola]

The chapter board members are [mailto:antti.laulajainen@owasp.org Antti Laulajainen], [mailto:timo@owasp.org Timo Merilainen], [mailto:mikko.saario@owasp.org Mikko Saario], and [mailto:pekka.sillanpaa@owasp.org Pekka Sillanpaa]. The Deputy members are [mailto:henri.lindberg@owasp.org Henri Lindberg] and [mailto:anssi.porttikivi@owasp.org Anssi Porttikivi] __NOTOC__ <headertabs />

[[Category:Finland]] [[Category:Europe]]

Helsinki

2012-12-03T07:55:42Z

Msaario: /* OWASP Helsinki Chapter Meeting #20: December 4 2012 */

{{Chapter Template|chaptername=Helsinki|extra=The chapter leader is [mailto:petteri.arola@owasp.org Petteri Arola]
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-helsinki|emailarchives=http://lists.owasp.org/pipermail/owasp-helsinki}}

==== Local News ====

<paypal>Helsinki</paypal>

'''Welcome to the OWASP Helsinki Chapter'''

The plan is to meet at least three to four times a year, each lasting 1,5-3 hours (more active "hands" means more meetings). This chapter is based in the capital area and therefore the meetings will be in or around Helsinki.

If you wish to present at one of the meetings or have any other inquiries, please contact the chapter leader.

==== Suomalaista sovellusturva-asiaa ====

[[Oppilaitoksille|Tietoa oppilaitoksille (Information for academic institutions)]]

[[Verkkomaksut|Ohjeita turvallisen verkkomaksuintegraation toteuttamiseen]]

==== Chapter Meetings ====

Currently OWASP Helsinki is working on the following tasks:

*[[Top 10 2007 Finnish]] aim to translate OWASP Top 10 list in Finnish

== OWASP Helsinki Chapter Meeting #20: December 4 2012 ==

'''Location: Nokia House, Keilalahdentie 4, Espoo'''

'''Time: 17:00-20:00'''

'''Agenda'''

'''17:00 Socializing time @ Nokia Lounge – Meet people & get to know your peer while having the opportunity to see Nokia product demos'''

'''18:00 Opening words /OWASP + HelsinkiJS'''

'''18:10 Word from our sponsor'''

'''18:20 Securing JavaScript based web apps /Erlend Oftedal'''

Single page web applications move much of the application logic to the client side. We now also see applications using JavaScript on the server side. How do we handle such applications from a security perspective? What problems are introduced and how do we handle them?

'''19:05 RESTful Security'''

Many applications rely on web services and ws-security for integration. But for more lightweight services with simpler protocols, REST is quickly gaining popularity. How do we secure REST services? What problems do we need to be aware of?

'''20:00 Official program ends and free debate continues at nearby location'''

CLOSED: Please register at [http://www.eventbrite.com/event/4856878053 Eventbrite]

Please use the NORTH entrance when entering the Nokia campus

== OWASP Helsinki Chapter Meeting #19: October 16 2012 ==

'''Location: Fujitsu, Valimotie 16, Helsinki'''

'''Time: 18:00-20:00'''

'''Agenda'''

'''18:00 Opening words /Petteri Arola, chapter leader'''

'''18:10 Word from our sponsor /Fujitsu'''

'''18:25 Hybrid mobile application security and HTML5 with a focus on getUserMedia /Mikko Saario, Nokia'''

Both the mobile scene via “hybrid” apps and the so-called traditional web are evolving into the same direction – are the threats doing the same? Using mainly Windows Phone 7 (and some Qt) examples and demos, Mikko will take a look at the security aspects in mobile hybrid apps. The HTML5 demo will concentrate on some newly mainstreamed technologies such as getUserMedia.

'''19:10 Introduction to Oauth 2.0 + demo /Teemu Kääriäinen, Nixu'''

Teemu gives an introduction about Oauth 2.0 and takes a closer look at security aspects, implementation guidelines and compares Twitter, Facebook and Google implementations.

'''20:00 Official program ends and free debate continues at nearby location'''

'''Please register in Eventbrite http://www.eventbrite.com/event/4462882602'''

== OWASP Helsinki Chapter Meeting #18: June 26 2012 ==

'''Location: Kela, Nordenskjölkinkatu 12, Helsinki'''

'''Time: 17:30-20:00'''

'''Agenda'''

'''17:30 Opening words /Petteri Arola, chapter leader'''

'''17:45 Word from our sponsor /Kela'''

'''18:00 Helsinki Ruby Brigade intro'''

'''18:15 Ruby on Rails security - why could it fail'''

'''19:00 Panel discussion'''

'''19:45 Wrap-up'''

'''20:00 Discussion continues in a nearby pub Hadanka'''

'''Please register with petteri.arola(at)owasp.org'''

== OWASP Helsinki Chapter Meeting #17: March 21 2012 ==

'''Location: Marttakeskus, Malminrinne 1 B, 7. krs, Helsinki'''

'''Time: 17:30-19:30'''

'''Agenda'''

'''17:30 Coffee'''

'''17:40 Opening words /Petteri Arola, chapter leader'''

'''17:50 Web Application Access Control Design Excellence / Jim Manico, OWASP'''

Download the presentation from our file page: [[image:Developer_Top_Ten_Core_Controls_v4.1.pdf]]

'''19:30 Meeting ends and discussion continues over buffet and refreshments and there's a possibility to bath in sauna too'''

'''23:00 Event ends'''

'''Please register with enroll(at)nixu.com'''

== Tietoturvapäivä Turku: February 7 2012 ==

''' Sovellusturvallisuus / Petteri Arola, OWASP'''

Download the presentation from our file page: [[image:OWASP_esitys_tietoturvapäivä_Turku_20120207.pdf]]

== OWASP Helsinki Chapter Meeting #16: October 18 2011 ==

'''Location: Hall TU2, Tuas house, Otaniementie 17, 02150, Espoo'''

'''Time: 17:00-19:30'''

'''Agenda'''

'''17:00 Coffee and lock picking'''

'''17:30 OWASP - What is it?'''

'''17:45 Introduction to OWASP projects - OWASP Top Ten, ASVS - Testing guide - How OWASP relates to academic world'''

 Download presentation from our file-page: [[Image:OWASP_presentation_for_Aalto.pdf]] 

'''18:45 Break'''

'''19:00 Hacking demonstrations'''

'''19:30 - Discussion continues in a nearby public house'''

'''Please register with petteri.arola(at)owasp.org'''

== OWASP Introduction to Turku AMK students: September 12th 2011 ==

'''Introduction to Application security and OWASP / Petteri Arola, OWASP'''

'''OWASP top 10 and hacking demos / Pekka Sillanpää, OWASP'''

== OWASP Helsinki Chapter Meeting #15: June 15 2011 ==

'''Location: Itämerenkatu 11 - 13, Helsinki'''

'''Time: 17:30-19:30'''

'''Agenda '''

'''17:30 Welcome, Petteri Arola, Chapter Leader'''

'''17:35 Word from our sponsor Nokia'''

'''17:45 HTML5 Security, Ville Säävuori, Syneus'''

'''18:30 Break'''

'''18:40 Mobile Application Security, Ari Kesäniemi and Juhani Mäkelä, Nixu''' [[Image:Mobile-threat-analysis-short-presentation owasp.pdf]] [[Image:Why-privacy-matters.pdf]] 

 '''19.30 - Discussion continues in a nearby public house or terrace if it's sunny'''

'''Please register with mikko.saario(at)nokia.com'''

== OWASP Helsinki Chapter Meeting #14: February 22 2011 ==

'''Location: Nixu Oy, Keilaranta 15, Espoo'''

'''Time: 17:30-19:30'''

'''Agenda''' 

'''17:30 Welcome Petteri Arola, OWASP Helsinki Chapter Leader'''

'''17:35 Word from our sponsor Nixu Oy'''

'''17:45 OpenSAMM, Pravir Chandra /Fortify'''

'''18:30 Break'''

'''18:40 Threat modeling, Pravir Chandra /Fortify'''

 '''19.30 - Sauna and refreshments from our sponsor'''

'''Please register with enroll(at)nixu.com'''

 Download OpenSAMM presentation from opensamm.org [http://www.opensamm.org/downloads/resources/OpenSAMM-1.0.ppt] 

== OWASP Helsinki Chapter Meeting #13: June 8 2010 ==

'''Location: KPMG, Forum, Yrjönkatu 23 B 6th floor, Helsinki'''

'''Time: 17:00-19:30'''

'''Agenda''' 

'''17:00 Welcome Petteri Arola, OWASP Helsinki Chapter Leader'''

'''17:05 Word from our sponsor KPMG '''

'''17:15 Agile secure software development, Antti Vähä-Sipilä / Nokia Oyj''' http://www.owasp.org/images/c/c6/OWASP_AppSec_Research_2010_Agile_Prod_Sec_Mgmt_by_Vaha-Sipila.pdf

'''18:00 ASVS (OWASP Application Security Verification Standard), Pekka Sillanpää / Nixu Oy'''

'''18:45 ESAPI (OWASP Enterprise Security API) demo, Anssi Porttikivi / KPMG'''

Download presentation from our file-page:[[Image:ESAPI for OWASP.pdf]]

 '''19.30 - Discussion continues at some nearby establishment'''

'''Please register with anssi.porttikivi(at)kpmg.fi'''

 

== OWASP Goes! Locksport: April 20 2010 ==

'''Location: Nsense Oy, Ahventie 4, Espoo'''

'''Time: 17:30-20:30'''

'''Agenda'''

'''17:30 Welcome Petteri Arola, OWASP Helsinki Chapter Leader'''

'''17:35 Word from our sponsor Nsense Oy'''

'''17:45 Introduction to Locksport (presentation in Finnish)'''

'''19:00 - Sauna and refreshments from our sponsor'''

'''Please register with ilmoittautumiset##nsense.fi '''

 

== OWASP Helsinki Chapter Meeting #12: March 30 2010 ==

'''Location: Helsingin Energia, Sähkötalo, Runeberginkatu 1, Helsinki'''

'''Time: 18:00-20:00'''

'''Agenda''' 

'''18:00 Welcome Petteri Arola, OWASP Helsinki Chapter Leader'''

Download presentation from our file-page:[[Image:OWASP -12 Helsinki chapter meeting.pdf]]

'''18:05 Word from our sponsor Helsingin Energia '''

'''18:15 3 different views on information security and social media applications'''

- information security in social media API’s, Antti Nuopponen/Nixu Oy

Download presentation from our file-page:[[Image:Security of social media apis v1.pdf]]

- Facebook apps, Markus Törnqvist/Fad Consulting

Download presentation from our file-page:[[Image:Mjt owasp 2010.pdf]]

- Payment API’s, Tuomas Toivonen/Scred

Download presentation from our file-page:[[Image:Owasp-payment-apis.pdf]]

'''20.00 - Discussion continues at nearby establishment Bruuveri'''

'''Please register with antti##owasp.org'''

 

== OWASP Helsinki Chapter Meeting #11: November 17 2009 ==

'''Location: Nsense Oy, Ahventie 4, Espoo'''

'''Time: 18:00-20:30'''

'''Schedule''' 

'''18:00 Welcome Antti Laulajainen, OWASP Helsinki Chapter Leader'''

'''18:05 Word from our sponsor Nsense Oy'''

'''18:15 Manual vs. Automated Code Analysis, Ari Kesäniemi, Senior Consultant, Nixu'''

Download presentation from our file-page:[[Image:Ari kesaniemi nixu manual-vs-automatic-analysis.pdf]]

'''19.00- Sauna and refreshments from our sponsor'''

 

'''Please register with ilmoittautumiset##nsense.fi'''

== OWASP Helsinki Chapter Meeting #10: October 20 2009 ==

'''Location: Tieto Oy, Ratamestarinkatu 7B, Helsinki'''

'''Time: 18:00-19:40'''

'''Schedule''' 

'''18:00 Welcome Antti Laulajainen, OWASP Helsinki Chapter Leader'''

'''18:00 Word from our sponsor Tieto Oy'''

'''18:10 Distributed Services Security, Anton Panhelainen, Tieto Oy'''

Download presentation from our file-page:[[Image:Security in integration and ESB-OWASP 20091020.pdf]]

'''18:40 Public Web Services Interface and Security, Pyry Heikkinen, Finnish Customs'''

'''19:40 Closure and move to Vltava'''

'''20:00 or so'''

*Enjoy Helsinki Vltava watering hole at own risk & cost near Helsinki Railway station

'''Please register with Pauli Kauppila pauli.kauppila##tieto.com or Mobile +358 400 870 324'''

== OWASP Helsinki Chapter Meeting #9: May 12 2009 ==

'''Location: Louhi Networks Oy, Itälahdenkatu 22 A, Helsinki'''

'''Time: 17:30-19:00'''

'''Schedule''' 

'''17:30 OWASP latest activities Antti Laulajainen, OWASP Helsinki Chapter Leader'''

'''17:45 Word from our sponsor Louhi Networks'''

'''18:00 Panel discussion about application scanners'''

*Panel members includes representatives for Nixu Oy, KPMG Oy and Louhi Networks Oy

 '''19:00 or so'''

*Enjoy local establishments at own risk & cost at Bar 52 near meeting location

'''Please register with Henri Lindberg henri.lindberg##louhi.fi'''

== OWASP OWASP Goes! Viestimuseo: March 29 2009 ==

'''Location: Varuskunta, Takakasarmi, Viestimuseontie rak. 64, 11311 Riihimäki '''

'''Time: 13:00-15:00'''

Viestimuseossa Riihimäellä, http://www.viestikiltojenliitto.fi/viestimuseo/ on maaliskuun loppuun WWII radiotiedustelua esittelevä erikoisnäyttely, josta voi löytyä ammennettavaa myös tämän päivän tietoturvatekniikoiden parissa työskenteleville. Koska OWASP:in tiimoilta löytyi kiinnostusta lähteä tutustumaan ko. näyttelyyn, museolle on varattu opastettu kierros maaliskuun viimeiselle sunnuntaille su 29.3.2009 klo 13:00 eli kokoontuminen museolla ko. aikaan.

Museo ja näyttely ovat auki myös muina aikoina, joten jos tämä aika ei käy, paikalla voi toki käydä muulloinkin.

Tarkemmat ajo-ohjeet ja yhteystiedot löytyvät museon kotisivuilta, http://www.viestikiltojenliitto.fi/viestimuseo/yhteystiedot.html

Museo sijaitsee Viestirykmentin vieressä, mutta varsinaisen varuskunta-alueen ulkopuolella, joten museokäynti ei vaadi kulkulupia alueelle.

Paikalle innostuvat hoitavat oman logistiikkaratkaisunsa & sisäänpääsymaksunsa.

Lisätietoja tarvittaessa timo.merilainen (ät) iki.fi

 

== OWASP Helsinki Chapter Meeting #8: March 12 2009 ==

'''Location: Samlink, Linnoitustie 9, Espoo (Leppävaara)'''

'''Time: 17:00-19:00'''

'''Schedule''' 

'''17:00 OWASP latest activities Antti Laulajainen, OWASP Helsinki Chapter Leader'''

'''17:15 Introduction to Samlink, Jari Pirhonen, security director, Samlink'''

'''17:30 Methodology owner’s point of view: Information security as part of software development methodology, Topi Mattila, methodology manager, Samlink'''

'''18:15 Presentation from Finnish Tax Administration", Petri Puhakainen, security director, Finnish Tax Administration'''

 '''19:00 or so'''

*Enjoy local establishments at own risk & cost at Sello

'''Please register with Jari Pirhonen jari.pirhonen##samlink.fi'''

== OWASP Introduction to startup firms: Thursday January 15th 2009 ==

'''Location: Ravintola Korjaamo, Töölönkatu 51, 00250 Helsinki'''

'''Time: 18:00-20:00'''

'''Schedule''' 

'''18:00 Introduction to OWASP by Henri Lindberg, OWASP Helsinki Active Visitor'''

*What OWASP is
*Examples of useful Tools and Documents
*OWASP in Finland

Presentation: [[Image:OWASP Startups 20090115 Henri.pdf]]

(Antti Laulajainen, OWASP Helsinki Chapter Leader was originally supposed to introduce OWASP)

'''18:15 Implementing application security in a Finnish startup by Henri Lindberg, Scred'''

*Henri Lindberg from Scred shares experiences and lessons learned
*How to make your web application more secure with minimal budget

Presentation: [[Image:SDG Scred 090115.pdf]]

'''18:30 or so'''

*Enjoy local establishments at own risk & cost

== OWASP Helsinki Meeting #7: Tuesday November 11th 2008 ==

'''Location: Nokia Ruoholahti, Itämerenkatu 11-13, 00180 Helsinki'''

 

'''Time: 17:00-18:30'''

'''Schedule''' 

'''17:00 Welcome by Antti Laulajainen, OWASP Chapter Leader'''

*Current state and progress of OWASP Top 10 Finnish translation

'''17:20 Antti Vähä-Sipilä, Nokia: SAFECode'''

*Introduction and overview of SAFECode (The Software Assurance Forum for Excellence in Code)
*SAFECode publications

'''17:40 Juhani Eronen, CERT-FI: Lifecycle of a security vulnerability'''

*Microsoft MS08-067 (Vulnerability in Server Service Could Allow Remote Code Execution), its history (MS06-040) and exploitation.

'''Discussion'''

'''18:30 or so'''

*Enjoy local establishments at own risk & cost [cerveza, aqua con gas, etc]

'''PLEASE REGISTER WITH: mikko . saario at nokia . com (we have reserved snacks for 25 people)'''

== OWASP Helsinki Web Hacking Workshop, Tuesday September 10th 2008 ==

'''Location: Teleware / KPMG, Laajalahdentie 23, 6. floor, reception at the ground floor, 00330 Helsinki'''

'''Time: 18.00 - 20.00'''

'''Schedule'''

'''18.00 Welcome and recent activities. Antti Laulajainen '''

'''18.05 Web Hacking Workshop, Anssi Porttikivi, Senior ICT Advisor KPMG/Teleware'''

*KPMG Oy IT Security Advisory marketing presentation 15 min
*Web hacking exercises and demonstrations in a laboratory class (using WebGoat and WebScarab tools)

'''Snacks available. Send your reservations to Anssi's mail address, anssi.porttikivi@kpmg.fi. Room for 20 participants.'''

 '''Note! Be in time, because the reception closes at 18.'''

== OWASP Goes! CERT-FI, Thursday, June 12th 2008 ==

'''Location: Viestintävirasto, Itämerenkatu 3 A, 00180 Helsinki and One Pint Pub Santakatu 2, 00180 Helsinki'''

 '''Time: 16.00 - 20.00'''

 '''Schedule'''

'''16.00 Welcome and recent activities. Antti Laulajainen '''

 '''16.10 Introduction of CERT-FI. Juhani Eronen, Information Security Adviser, CERT-FI'''

 '''16.30 Vulnerability coordination. Juhani Eronen'''

*CERT-FI as a vulnerability coordinator
*Coordination examples

'''18.00 Possibility to continue the evening at the One Pint Pub'''

*If someone fancies a (self-financed) beer

 '''Viestintävirasto asks those who wish to participate to the meeting to register in advance. For registrations please contact CERT-FI Unit Secretary Virpi Hienonen (virpi.hienonen(at)ficora.fi). The deadline is June 6, 2008.'''

== OWASP Helsinki Chapter meeting/Get Together #6 Tuesday, May 13th 2008 ==

Thank you for attending.

You can download the presentation here'''https://www.owasp.org/images/7/70/OWASP_HelsinkiChapter_130508.pdf'''

Coverage of the event in local news (Finnish only) http://mikropc.net/uutiset/index.jsp?categoryId=atk&day=20080514#w2008051411524012715

 '''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki and Ravintola Kaisla, Vilhonkatu 4, 00100 Helsinki'''

'''Time: 16.00 - 20.00'''

 

Welcome to spring meeting 2008.

 '''Schedule'''

'''16.00 - 16.10 OWASP update. Antti Laulajainen'''

'''16.10-17.00 Notes From The field, OWASP tools and usage experiences, Jarkko Holappa & Antti Laulajainen'''

'''17.30 - 20.00 Drinks at Ravintola Kaisla (Bring Your Own Wallet)'''

 Hope to see as many of you as possible!

== OWASP Helsinki Chapter meeting #5 Tuesday, March 11th 2008 ==

'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki.'''

'''Time: 18.30 - 20.30'''

Welcome to first meeting of 2008. OWASP Helsinki resumes activities after winter break.

We are pleased to have as a speaker Technology Manager of Nokia Product Security, Alexandr Seleznyov. His topic will be current state of application security.

'''Schedule'''

'''18.30 - 18.40 OWASP update. Antti Laulajainen'''

'''18.40 - 20.30 Current State of Application Security. Alexandr Seleznyov'''

 Hope to see as many of you as possible!

== OWASP Helsinki & RWSUG Seminar Tuesday, January 29th 2008 ==

'''Location: IBM, Laajalahdentie 23, 00330 Helsinki.''' '''Time: 11.15 - 19.00'''

OWASP Helsinki and Rational and Websphere User Group Finland RWSUG are aiming to co-operate to raise application security awareness. OWASP Helsinki will have a presentation in RWSUG agility seminar. More information from http://www.rwsug.fi/default.asp?path=1,39,385

'''You can download the presentation here''' https://www.owasp.org/images/c/cd/RWSUG5_Agile_Security_Management.pdf

See program below. Most of it is Finnish only

*11.15 Ilmoittautuminen alkaa
*11.15-12.00 Buffet-lounas
*12.00-12.10 Tilaisuuden avaus Jussi Jutila, Puheenjohtaja, RWSUG ry

KEYNOTE

*12.10-13.30 Scaling Agile Software Development: Strategies for Applying Agile in Complex Situations Scott W. Ambler, Practice Leader Agile Development, IBM Canada
*13.30-13.45 Kahvitauko
*13.45-15.30 SOA liiketoiminnan näkökulmasta ja SOA toteutuksen näkökulmasta kansainvälisessa hankkeessa Kari Laine, IT Architect, IF ja Jarmo Laine, Senior Software Architect,Primasoft
*15.30-15.45 Tauko
*15.45-16.30 Ketterä tietoturvan hallinta ohjelmistotuotannossa Reijo Savola, VTT
*16.30-17.15 Jazz Update IBM
*17.15-19.00 Iltapalaa ja verkostoitumista IBM Forumissa

 

== OWASP Helsinki Introduction to ISACA Finland Thursday January 24th 2008 ==

OWASP Helsinki participated in ISACA Finland meeting to raise application security awareness among system auditors and inspectors. A presentation was held that introduced basic web techniques, some security issues, OWASP in general, OWASP projects and OWASP Helsinki chapter. '''You can download the presentation here''': https://www.owasp.org/images/e/e4/OWASP_ISACA_20080124.pdf (Finnish Only) 

== OWASP Helsinki meeting #4 Fall 2007 with Mark Curphey, Tuesday, October 2 2007 ==

'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki.'''

Thank you for all participants and Mark from great presentation.

Coverage of the meeting in the local news (in Finnish): http://mikropc.net/uutiset/index.jsp?categoryId=atk&day=20071003#w2007100315112711629

 We are delighted to have Mark Curphey - the OWASP founder and new head of Microsoft's ACE (Application Consulting & Engineering) team in Europe - to visit Finland and discuss web app security with us. Hopefully as many as of you possible can participate!

'''18:30 Welcome and recent Helsinki chapter activities. Antti Laulajainen'''

'''18:40 Naked Software Security. Mark Curphey'''

*Commentary on how to build secure software
*Thoughts on the industry

 '''WELCOME!'''

== OWASP Helsinki meeting #3 Summer 2007: "SOA, Web Services & XML Security", Tuesday, June 5th 2007 ==

'''Date: June 5th'''

 '''Location: Smilehouse, Itälahdenkatu 22A (Stonesoft building), Lauttasaari.'''

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/tietoturva_docview.jsp?f_id=1186167

 '''19:00 Welcome & quick recap of recent OWASP activity and the Spring conference. Mikko Saario.'''

 '''19:15 Gunnar Peterson, CTO Arctec Group and project lead for the OWASP "XML Security Gateway Evaluation Criteria".'''

Gunnar will be visiting Finland to provide training via Tietoturva ry on this subject. Topics to be covered:

*XML Security Gateways
*Message level threats and security countermeasures in Web services
*OWASP XML Security Gateway Evaluation Criteria Project

 '''20:15 "Real-life usage of OWASP tools". Alexandr Seleznyov, Nokia Product Security.'''

(There is a chance Alex cannot make it. In that case we will discuss SOA stuff in more detail or just head off to bar earlier.)

 '''20:45 Enter Bar 52...''' --> Enjoy (sponsored) beverages.

== OWASP Helsinki meeting #2 Winter 2007, Web Application Firewalls, Thursday, February 22 2007 ==

Thank you for the 29 participants, the speakers and the host - Nixu - for making this event happen!

'''Location: Nixu, Mäkelänkatu 91, 00601 Helsinki.'''

What are Web Application Firewalls (WAF), how do they work, what do they do and what don't they do. Discussion and sharing of experiences of various technologies and products.

 '''18.30 Welcome. Mikko Saario, Chapter Leader.'''

Today's topic and agenda in short.

 '''18.35 "Web Application Firewalls Technical Analysis". Joakim Sandström, CTO nSense.'''

http://www.owasp.org/images/6/6a/Owasp_waf_joakim.pdf

- Technology

- Blacklisting & Whitelisting

- mod_security features

- Do's and Don'ts

 '''19.30 "The Core Rule Sets". Ofer Shezaf, CTO Breach Security.'''

http://www.owasp.org/images/f/f4/The_Core_Rule_Set_-_Ofer.pdf

- WAF deployment and protection strategies

- Detection of generic web layer attacks

- Virtual patching

== OWASP Helsinki meeting #1, Tuesday, Dec 12 2006 at Ernst & Young ==

The Helsinki chapter had the first meeting at Ernst & Young office in Elielinaukio 5 B. The agenda and the presentations for the meeting are below. We had a good turnout: 22 people were present i.e. all seats were taken - we were very happy to see all these people to be interested in application security issues.

 Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/doc.do?f_id=1083463

 '''18:30 Welcome. What is OWASP and why OWASP Helsinki?'''

Mikko Saario made a short presentation about OWASP and the objective for the local Helsinki chapter.

 '''19:00 Analyzing Threats (Olli Wiren; olli [at] juurihoito.org)'''

Olli Wiren discussed application related threats and corresponding security issues.

http://www.owasp.org/images/7/7c/Owasp-olli.pdf

 '''19:45 Open discussion regarding OWASP Helsinki; what is expected or wished; how to go ahead and so forth.'''

There was a lively discussion regarding what type of activities should be arranged in the future. More details will follow...

==== Helsinki OWASP Chapter Leaders ====

The chapter leader is [mailto:Petteri.arola@owasp.org Petteri Arola]

The chapter board members are [mailto:antti.laulajainen@owasp.org Antti Laulajainen], [mailto:timo@owasp.org Timo Merilainen], [mailto:mikko.saario@owasp.org Mikko Saario], and [mailto:pekka.sillanpaa@owasp.org Pekka Sillanpaa]. The Deputy members are [mailto:henri.lindberg@owasp.org Henri Lindberg] and [mailto:anssi.porttikivi@owasp.org Anssi Porttikivi] __NOTOC__ <headertabs />

[[Category:Finland]] [[Category:Europe]]

Helsinki

2012-11-19T11:31:51Z

Msaario: /* OWASP Helsinki Chapter Meeting #20: December 4 2012 */

{{Chapter Template|chaptername=Helsinki|extra=The chapter leader is [mailto:petteri.arola@owasp.org Petteri Arola]
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-helsinki|emailarchives=http://lists.owasp.org/pipermail/owasp-helsinki}}

==== Local News ====

<paypal>Helsinki</paypal>

'''Welcome to the OWASP Helsinki Chapter'''

The plan is to meet at least three to four times a year, each lasting 1,5-3 hours (more active "hands" means more meetings). This chapter is based in the capital area and therefore the meetings will be in or around Helsinki.

If you wish to present at one of the meetings or have any other inquiries, please contact the chapter leader.

==== Suomalaista sovellusturva-asiaa ====

[[Oppilaitoksille|Tietoa oppilaitoksille (Information for academic institutions)]]

[[Verkkomaksut|Ohjeita turvallisen verkkomaksuintegraation toteuttamiseen]]

==== Chapter Meetings ====

Currently OWASP Helsinki is working on the following tasks:

*[[Top 10 2007 Finnish]] aim to translate OWASP Top 10 list in Finnish

== OWASP Helsinki Chapter Meeting #20: December 4 2012 ==

'''Location: Nokia House, Keilalahdentie 4, Espoo'''

'''Time: 18:00-20:00'''

'''Agenda'''

'''18:00 Opening words /OWASP + HelsinkiJS'''

'''18:10 Word from our sponsor'''

'''18:20 Securing JavaScript based web apps /Erlend Oftedal'''

Single page web applications move much of the application logic to the client side. We now also see applications using JavaScript on the server side. How do we handle such applications from a security perspective? What problems are introduced and how do we handle them?

'''19:05 RESTful Security'''

Many applications rely on web services and ws-security for integration. But for more lightweight services with simpler protocols, REST is quickly gaining popularity. How do we secure REST services? What problems do we need to be aware of?

'''20:00 Official program ends and free debate continues at nearby location'''

Please register at [http://www.eventbrite.com/event/4856878053 Eventbrite]

== OWASP Helsinki Chapter Meeting #19: October 16 2012 ==

'''Location: Fujitsu, Valimotie 16, Helsinki'''

'''Time: 18:00-20:00'''

'''Agenda'''

'''18:00 Opening words /Petteri Arola, chapter leader'''

'''18:10 Word from our sponsor /Fujitsu'''

'''18:25 Hybrid mobile application security and HTML5 with a focus on getUserMedia /Mikko Saario, Nokia'''

Both the mobile scene via “hybrid” apps and the so-called traditional web are evolving into the same direction – are the threats doing the same? Using mainly Windows Phone 7 (and some Qt) examples and demos, Mikko will take a look at the security aspects in mobile hybrid apps. The HTML5 demo will concentrate on some newly mainstreamed technologies such as getUserMedia.

'''19:10 Introduction to Oauth 2.0 + demo /Teemu Kääriäinen, Nixu'''

Teemu gives an introduction about Oauth 2.0 and takes a closer look at security aspects, implementation guidelines and compares Twitter, Facebook and Google implementations.

'''20:00 Official program ends and free debate continues at nearby location'''

'''Please register in Eventbrite http://www.eventbrite.com/event/4462882602'''

== OWASP Helsinki Chapter Meeting #18: June 26 2012 ==

'''Location: Kela, Nordenskjölkinkatu 12, Helsinki'''

'''Time: 17:30-20:00'''

'''Agenda'''

'''17:30 Opening words /Petteri Arola, chapter leader'''

'''17:45 Word from our sponsor /Kela'''

'''18:00 Helsinki Ruby Brigade intro'''

'''18:15 Ruby on Rails security - why could it fail'''

'''19:00 Panel discussion'''

'''19:45 Wrap-up'''

'''20:00 Discussion continues in a nearby pub Hadanka'''

'''Please register with petteri.arola(at)owasp.org'''

== OWASP Helsinki Chapter Meeting #17: March 21 2012 ==

'''Location: Marttakeskus, Malminrinne 1 B, 7. krs, Helsinki'''

'''Time: 17:30-19:30'''

'''Agenda'''

'''17:30 Coffee'''

'''17:40 Opening words /Petteri Arola, chapter leader'''

'''17:50 Web Application Access Control Design Excellence / Jim Manico, OWASP'''

Download the presentation from our file page: [[image:Developer_Top_Ten_Core_Controls_v4.1.pdf]]

'''19:30 Meeting ends and discussion continues over buffet and refreshments and there's a possibility to bath in sauna too'''

'''23:00 Event ends'''

'''Please register with enroll(at)nixu.com'''

== Tietoturvapäivä Turku: February 7 2012 ==

''' Sovellusturvallisuus / Petteri Arola, OWASP'''

Download the presentation from our file page: [[image:OWASP_esitys_tietoturvapäivä_Turku_20120207.pdf]]

== OWASP Helsinki Chapter Meeting #16: October 18 2011 ==

'''Location: Hall TU2, Tuas house, Otaniementie 17, 02150, Espoo'''

'''Time: 17:00-19:30'''

'''Agenda'''

'''17:00 Coffee and lock picking'''

'''17:30 OWASP - What is it?'''

'''17:45 Introduction to OWASP projects - OWASP Top Ten, ASVS - Testing guide - How OWASP relates to academic world'''

 Download presentation from our file-page: [[Image:OWASP_presentation_for_Aalto.pdf]] 

'''18:45 Break'''

'''19:00 Hacking demonstrations'''

'''19:30 - Discussion continues in a nearby public house'''

'''Please register with petteri.arola(at)owasp.org'''

== OWASP Introduction to Turku AMK students: September 12th 2011 ==

'''Introduction to Application security and OWASP / Petteri Arola, OWASP'''

'''OWASP top 10 and hacking demos / Pekka Sillanpää, OWASP'''

== OWASP Helsinki Chapter Meeting #15: June 15 2011 ==

'''Location: Itämerenkatu 11 - 13, Helsinki'''

'''Time: 17:30-19:30'''

'''Agenda '''

'''17:30 Welcome, Petteri Arola, Chapter Leader'''

'''17:35 Word from our sponsor Nokia'''

'''17:45 HTML5 Security, Ville Säävuori, Syneus'''

'''18:30 Break'''

'''18:40 Mobile Application Security, Ari Kesäniemi and Juhani Mäkelä, Nixu''' [[Image:Mobile-threat-analysis-short-presentation owasp.pdf]] [[Image:Why-privacy-matters.pdf]] 

 '''19.30 - Discussion continues in a nearby public house or terrace if it's sunny'''

'''Please register with mikko.saario(at)nokia.com'''

== OWASP Helsinki Chapter Meeting #14: February 22 2011 ==

'''Location: Nixu Oy, Keilaranta 15, Espoo'''

'''Time: 17:30-19:30'''

'''Agenda''' 

'''17:30 Welcome Petteri Arola, OWASP Helsinki Chapter Leader'''

'''17:35 Word from our sponsor Nixu Oy'''

'''17:45 OpenSAMM, Pravir Chandra /Fortify'''

'''18:30 Break'''

'''18:40 Threat modeling, Pravir Chandra /Fortify'''

 '''19.30 - Sauna and refreshments from our sponsor'''

'''Please register with enroll(at)nixu.com'''

 Download OpenSAMM presentation from opensamm.org [http://www.opensamm.org/downloads/resources/OpenSAMM-1.0.ppt] 

== OWASP Helsinki Chapter Meeting #13: June 8 2010 ==

'''Location: KPMG, Forum, Yrjönkatu 23 B 6th floor, Helsinki'''

'''Time: 17:00-19:30'''

'''Agenda''' 

'''17:00 Welcome Petteri Arola, OWASP Helsinki Chapter Leader'''

'''17:05 Word from our sponsor KPMG '''

'''17:15 Agile secure software development, Antti Vähä-Sipilä / Nokia Oyj''' http://www.owasp.org/images/c/c6/OWASP_AppSec_Research_2010_Agile_Prod_Sec_Mgmt_by_Vaha-Sipila.pdf

'''18:00 ASVS (OWASP Application Security Verification Standard), Pekka Sillanpää / Nixu Oy'''

'''18:45 ESAPI (OWASP Enterprise Security API) demo, Anssi Porttikivi / KPMG'''

Download presentation from our file-page:[[Image:ESAPI for OWASP.pdf]]

 '''19.30 - Discussion continues at some nearby establishment'''

'''Please register with anssi.porttikivi(at)kpmg.fi'''

 

== OWASP Goes! Locksport: April 20 2010 ==

'''Location: Nsense Oy, Ahventie 4, Espoo'''

'''Time: 17:30-20:30'''

'''Agenda'''

'''17:30 Welcome Petteri Arola, OWASP Helsinki Chapter Leader'''

'''17:35 Word from our sponsor Nsense Oy'''

'''17:45 Introduction to Locksport (presentation in Finnish)'''

'''19:00 - Sauna and refreshments from our sponsor'''

'''Please register with ilmoittautumiset##nsense.fi '''

 

== OWASP Helsinki Chapter Meeting #12: March 30 2010 ==

'''Location: Helsingin Energia, Sähkötalo, Runeberginkatu 1, Helsinki'''

'''Time: 18:00-20:00'''

'''Agenda''' 

'''18:00 Welcome Petteri Arola, OWASP Helsinki Chapter Leader'''

Download presentation from our file-page:[[Image:OWASP -12 Helsinki chapter meeting.pdf]]

'''18:05 Word from our sponsor Helsingin Energia '''

'''18:15 3 different views on information security and social media applications'''

- information security in social media API’s, Antti Nuopponen/Nixu Oy

Download presentation from our file-page:[[Image:Security of social media apis v1.pdf]]

- Facebook apps, Markus Törnqvist/Fad Consulting

Download presentation from our file-page:[[Image:Mjt owasp 2010.pdf]]

- Payment API’s, Tuomas Toivonen/Scred

Download presentation from our file-page:[[Image:Owasp-payment-apis.pdf]]

'''20.00 - Discussion continues at nearby establishment Bruuveri'''

'''Please register with antti##owasp.org'''

 

== OWASP Helsinki Chapter Meeting #11: November 17 2009 ==

'''Location: Nsense Oy, Ahventie 4, Espoo'''

'''Time: 18:00-20:30'''

'''Schedule''' 

'''18:00 Welcome Antti Laulajainen, OWASP Helsinki Chapter Leader'''

'''18:05 Word from our sponsor Nsense Oy'''

'''18:15 Manual vs. Automated Code Analysis, Ari Kesäniemi, Senior Consultant, Nixu'''

Download presentation from our file-page:[[Image:Ari kesaniemi nixu manual-vs-automatic-analysis.pdf]]

'''19.00- Sauna and refreshments from our sponsor'''

 

'''Please register with ilmoittautumiset##nsense.fi'''

== OWASP Helsinki Chapter Meeting #10: October 20 2009 ==

'''Location: Tieto Oy, Ratamestarinkatu 7B, Helsinki'''

'''Time: 18:00-19:40'''

'''Schedule''' 

'''18:00 Welcome Antti Laulajainen, OWASP Helsinki Chapter Leader'''

'''18:00 Word from our sponsor Tieto Oy'''

'''18:10 Distributed Services Security, Anton Panhelainen, Tieto Oy'''

Download presentation from our file-page:[[Image:Security in integration and ESB-OWASP 20091020.pdf]]

'''18:40 Public Web Services Interface and Security, Pyry Heikkinen, Finnish Customs'''

'''19:40 Closure and move to Vltava'''

'''20:00 or so'''

*Enjoy Helsinki Vltava watering hole at own risk & cost near Helsinki Railway station

'''Please register with Pauli Kauppila pauli.kauppila##tieto.com or Mobile +358 400 870 324'''

== OWASP Helsinki Chapter Meeting #9: May 12 2009 ==

'''Location: Louhi Networks Oy, Itälahdenkatu 22 A, Helsinki'''

'''Time: 17:30-19:00'''

'''Schedule''' 

'''17:30 OWASP latest activities Antti Laulajainen, OWASP Helsinki Chapter Leader'''

'''17:45 Word from our sponsor Louhi Networks'''

'''18:00 Panel discussion about application scanners'''

*Panel members includes representatives for Nixu Oy, KPMG Oy and Louhi Networks Oy

 '''19:00 or so'''

*Enjoy local establishments at own risk & cost at Bar 52 near meeting location

'''Please register with Henri Lindberg henri.lindberg##louhi.fi'''

== OWASP OWASP Goes! Viestimuseo: March 29 2009 ==

'''Location: Varuskunta, Takakasarmi, Viestimuseontie rak. 64, 11311 Riihimäki '''

'''Time: 13:00-15:00'''

Viestimuseossa Riihimäellä, http://www.viestikiltojenliitto.fi/viestimuseo/ on maaliskuun loppuun WWII radiotiedustelua esittelevä erikoisnäyttely, josta voi löytyä ammennettavaa myös tämän päivän tietoturvatekniikoiden parissa työskenteleville. Koska OWASP:in tiimoilta löytyi kiinnostusta lähteä tutustumaan ko. näyttelyyn, museolle on varattu opastettu kierros maaliskuun viimeiselle sunnuntaille su 29.3.2009 klo 13:00 eli kokoontuminen museolla ko. aikaan.

Museo ja näyttely ovat auki myös muina aikoina, joten jos tämä aika ei käy, paikalla voi toki käydä muulloinkin.

Tarkemmat ajo-ohjeet ja yhteystiedot löytyvät museon kotisivuilta, http://www.viestikiltojenliitto.fi/viestimuseo/yhteystiedot.html

Museo sijaitsee Viestirykmentin vieressä, mutta varsinaisen varuskunta-alueen ulkopuolella, joten museokäynti ei vaadi kulkulupia alueelle.

Paikalle innostuvat hoitavat oman logistiikkaratkaisunsa & sisäänpääsymaksunsa.

Lisätietoja tarvittaessa timo.merilainen (ät) iki.fi

 

== OWASP Helsinki Chapter Meeting #8: March 12 2009 ==

'''Location: Samlink, Linnoitustie 9, Espoo (Leppävaara)'''

'''Time: 17:00-19:00'''

'''Schedule''' 

'''17:00 OWASP latest activities Antti Laulajainen, OWASP Helsinki Chapter Leader'''

'''17:15 Introduction to Samlink, Jari Pirhonen, security director, Samlink'''

'''17:30 Methodology owner’s point of view: Information security as part of software development methodology, Topi Mattila, methodology manager, Samlink'''

'''18:15 Presentation from Finnish Tax Administration", Petri Puhakainen, security director, Finnish Tax Administration'''

 '''19:00 or so'''

*Enjoy local establishments at own risk & cost at Sello

'''Please register with Jari Pirhonen jari.pirhonen##samlink.fi'''

== OWASP Introduction to startup firms: Thursday January 15th 2009 ==

'''Location: Ravintola Korjaamo, Töölönkatu 51, 00250 Helsinki'''

'''Time: 18:00-20:00'''

'''Schedule''' 

'''18:00 Introduction to OWASP by Henri Lindberg, OWASP Helsinki Active Visitor'''

*What OWASP is
*Examples of useful Tools and Documents
*OWASP in Finland

Presentation: [[Image:OWASP Startups 20090115 Henri.pdf]]

(Antti Laulajainen, OWASP Helsinki Chapter Leader was originally supposed to introduce OWASP)

'''18:15 Implementing application security in a Finnish startup by Henri Lindberg, Scred'''

*Henri Lindberg from Scred shares experiences and lessons learned
*How to make your web application more secure with minimal budget

Presentation: [[Image:SDG Scred 090115.pdf]]

'''18:30 or so'''

*Enjoy local establishments at own risk & cost

== OWASP Helsinki Meeting #7: Tuesday November 11th 2008 ==

'''Location: Nokia Ruoholahti, Itämerenkatu 11-13, 00180 Helsinki'''

 

'''Time: 17:00-18:30'''

'''Schedule''' 

'''17:00 Welcome by Antti Laulajainen, OWASP Chapter Leader'''

*Current state and progress of OWASP Top 10 Finnish translation

'''17:20 Antti Vähä-Sipilä, Nokia: SAFECode'''

*Introduction and overview of SAFECode (The Software Assurance Forum for Excellence in Code)
*SAFECode publications

'''17:40 Juhani Eronen, CERT-FI: Lifecycle of a security vulnerability'''

*Microsoft MS08-067 (Vulnerability in Server Service Could Allow Remote Code Execution), its history (MS06-040) and exploitation.

'''Discussion'''

'''18:30 or so'''

*Enjoy local establishments at own risk & cost [cerveza, aqua con gas, etc]

'''PLEASE REGISTER WITH: mikko . saario at nokia . com (we have reserved snacks for 25 people)'''

== OWASP Helsinki Web Hacking Workshop, Tuesday September 10th 2008 ==

'''Location: Teleware / KPMG, Laajalahdentie 23, 6. floor, reception at the ground floor, 00330 Helsinki'''

'''Time: 18.00 - 20.00'''

'''Schedule'''

'''18.00 Welcome and recent activities. Antti Laulajainen '''

'''18.05 Web Hacking Workshop, Anssi Porttikivi, Senior ICT Advisor KPMG/Teleware'''

*KPMG Oy IT Security Advisory marketing presentation 15 min
*Web hacking exercises and demonstrations in a laboratory class (using WebGoat and WebScarab tools)

'''Snacks available. Send your reservations to Anssi's mail address, anssi.porttikivi@kpmg.fi. Room for 20 participants.'''

 '''Note! Be in time, because the reception closes at 18.'''

== OWASP Goes! CERT-FI, Thursday, June 12th 2008 ==

'''Location: Viestintävirasto, Itämerenkatu 3 A, 00180 Helsinki and One Pint Pub Santakatu 2, 00180 Helsinki'''

 '''Time: 16.00 - 20.00'''

 '''Schedule'''

'''16.00 Welcome and recent activities. Antti Laulajainen '''

 '''16.10 Introduction of CERT-FI. Juhani Eronen, Information Security Adviser, CERT-FI'''

 '''16.30 Vulnerability coordination. Juhani Eronen'''

*CERT-FI as a vulnerability coordinator
*Coordination examples

'''18.00 Possibility to continue the evening at the One Pint Pub'''

*If someone fancies a (self-financed) beer

 '''Viestintävirasto asks those who wish to participate to the meeting to register in advance. For registrations please contact CERT-FI Unit Secretary Virpi Hienonen (virpi.hienonen(at)ficora.fi). The deadline is June 6, 2008.'''

== OWASP Helsinki Chapter meeting/Get Together #6 Tuesday, May 13th 2008 ==

Thank you for attending.

You can download the presentation here'''https://www.owasp.org/images/7/70/OWASP_HelsinkiChapter_130508.pdf'''

Coverage of the event in local news (Finnish only) http://mikropc.net/uutiset/index.jsp?categoryId=atk&day=20080514#w2008051411524012715

 '''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki and Ravintola Kaisla, Vilhonkatu 4, 00100 Helsinki'''

'''Time: 16.00 - 20.00'''

 

Welcome to spring meeting 2008.

 '''Schedule'''

'''16.00 - 16.10 OWASP update. Antti Laulajainen'''

'''16.10-17.00 Notes From The field, OWASP tools and usage experiences, Jarkko Holappa & Antti Laulajainen'''

'''17.30 - 20.00 Drinks at Ravintola Kaisla (Bring Your Own Wallet)'''

 Hope to see as many of you as possible!

== OWASP Helsinki Chapter meeting #5 Tuesday, March 11th 2008 ==

'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki.'''

'''Time: 18.30 - 20.30'''

Welcome to first meeting of 2008. OWASP Helsinki resumes activities after winter break.

We are pleased to have as a speaker Technology Manager of Nokia Product Security, Alexandr Seleznyov. His topic will be current state of application security.

'''Schedule'''

'''18.30 - 18.40 OWASP update. Antti Laulajainen'''

'''18.40 - 20.30 Current State of Application Security. Alexandr Seleznyov'''

 Hope to see as many of you as possible!

== OWASP Helsinki & RWSUG Seminar Tuesday, January 29th 2008 ==

'''Location: IBM, Laajalahdentie 23, 00330 Helsinki.''' '''Time: 11.15 - 19.00'''

OWASP Helsinki and Rational and Websphere User Group Finland RWSUG are aiming to co-operate to raise application security awareness. OWASP Helsinki will have a presentation in RWSUG agility seminar. More information from http://www.rwsug.fi/default.asp?path=1,39,385

'''You can download the presentation here''' https://www.owasp.org/images/c/cd/RWSUG5_Agile_Security_Management.pdf

See program below. Most of it is Finnish only

*11.15 Ilmoittautuminen alkaa
*11.15-12.00 Buffet-lounas
*12.00-12.10 Tilaisuuden avaus Jussi Jutila, Puheenjohtaja, RWSUG ry

KEYNOTE

*12.10-13.30 Scaling Agile Software Development: Strategies for Applying Agile in Complex Situations Scott W. Ambler, Practice Leader Agile Development, IBM Canada
*13.30-13.45 Kahvitauko
*13.45-15.30 SOA liiketoiminnan näkökulmasta ja SOA toteutuksen näkökulmasta kansainvälisessa hankkeessa Kari Laine, IT Architect, IF ja Jarmo Laine, Senior Software Architect,Primasoft
*15.30-15.45 Tauko
*15.45-16.30 Ketterä tietoturvan hallinta ohjelmistotuotannossa Reijo Savola, VTT
*16.30-17.15 Jazz Update IBM
*17.15-19.00 Iltapalaa ja verkostoitumista IBM Forumissa

 

== OWASP Helsinki Introduction to ISACA Finland Thursday January 24th 2008 ==

OWASP Helsinki participated in ISACA Finland meeting to raise application security awareness among system auditors and inspectors. A presentation was held that introduced basic web techniques, some security issues, OWASP in general, OWASP projects and OWASP Helsinki chapter. '''You can download the presentation here''': https://www.owasp.org/images/e/e4/OWASP_ISACA_20080124.pdf (Finnish Only) 

== OWASP Helsinki meeting #4 Fall 2007 with Mark Curphey, Tuesday, October 2 2007 ==

'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki.'''

Thank you for all participants and Mark from great presentation.

Coverage of the meeting in the local news (in Finnish): http://mikropc.net/uutiset/index.jsp?categoryId=atk&day=20071003#w2007100315112711629

 We are delighted to have Mark Curphey - the OWASP founder and new head of Microsoft's ACE (Application Consulting & Engineering) team in Europe - to visit Finland and discuss web app security with us. Hopefully as many as of you possible can participate!

'''18:30 Welcome and recent Helsinki chapter activities. Antti Laulajainen'''

'''18:40 Naked Software Security. Mark Curphey'''

*Commentary on how to build secure software
*Thoughts on the industry

 '''WELCOME!'''

== OWASP Helsinki meeting #3 Summer 2007: "SOA, Web Services & XML Security", Tuesday, June 5th 2007 ==

'''Date: June 5th'''

 '''Location: Smilehouse, Itälahdenkatu 22A (Stonesoft building), Lauttasaari.'''

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/tietoturva_docview.jsp?f_id=1186167

 '''19:00 Welcome & quick recap of recent OWASP activity and the Spring conference. Mikko Saario.'''

 '''19:15 Gunnar Peterson, CTO Arctec Group and project lead for the OWASP "XML Security Gateway Evaluation Criteria".'''

Gunnar will be visiting Finland to provide training via Tietoturva ry on this subject. Topics to be covered:

*XML Security Gateways
*Message level threats and security countermeasures in Web services
*OWASP XML Security Gateway Evaluation Criteria Project

 '''20:15 "Real-life usage of OWASP tools". Alexandr Seleznyov, Nokia Product Security.'''

(There is a chance Alex cannot make it. In that case we will discuss SOA stuff in more detail or just head off to bar earlier.)

 '''20:45 Enter Bar 52...''' --> Enjoy (sponsored) beverages.

== OWASP Helsinki meeting #2 Winter 2007, Web Application Firewalls, Thursday, February 22 2007 ==

Thank you for the 29 participants, the speakers and the host - Nixu - for making this event happen!

'''Location: Nixu, Mäkelänkatu 91, 00601 Helsinki.'''

What are Web Application Firewalls (WAF), how do they work, what do they do and what don't they do. Discussion and sharing of experiences of various technologies and products.

 '''18.30 Welcome. Mikko Saario, Chapter Leader.'''

Today's topic and agenda in short.

 '''18.35 "Web Application Firewalls Technical Analysis". Joakim Sandström, CTO nSense.'''

http://www.owasp.org/images/6/6a/Owasp_waf_joakim.pdf

- Technology

- Blacklisting & Whitelisting

- mod_security features

- Do's and Don'ts

 '''19.30 "The Core Rule Sets". Ofer Shezaf, CTO Breach Security.'''

http://www.owasp.org/images/f/f4/The_Core_Rule_Set_-_Ofer.pdf

- WAF deployment and protection strategies

- Detection of generic web layer attacks

- Virtual patching

== OWASP Helsinki meeting #1, Tuesday, Dec 12 2006 at Ernst & Young ==

The Helsinki chapter had the first meeting at Ernst & Young office in Elielinaukio 5 B. The agenda and the presentations for the meeting are below. We had a good turnout: 22 people were present i.e. all seats were taken - we were very happy to see all these people to be interested in application security issues.

 Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/doc.do?f_id=1083463

 '''18:30 Welcome. What is OWASP and why OWASP Helsinki?'''

Mikko Saario made a short presentation about OWASP and the objective for the local Helsinki chapter.

 '''19:00 Analyzing Threats (Olli Wiren; olli [at] juurihoito.org)'''

Olli Wiren discussed application related threats and corresponding security issues.

http://www.owasp.org/images/7/7c/Owasp-olli.pdf

 '''19:45 Open discussion regarding OWASP Helsinki; what is expected or wished; how to go ahead and so forth.'''

There was a lively discussion regarding what type of activities should be arranged in the future. More details will follow...

==== Helsinki OWASP Chapter Leaders ====

The chapter leader is [mailto:Petteri.arola@owasp.org Petteri Arola]

The chapter board members are [mailto:antti.laulajainen@owasp.org Antti Laulajainen], [mailto:timo@owasp.org Timo Merilainen], [mailto:mikko.saario@owasp.org Mikko Saario], and [mailto:pekka.sillanpaa@owasp.org Pekka Sillanpaa]. The Deputy members are [mailto:henri.lindberg@owasp.org Henri Lindberg] and [mailto:anssi.porttikivi@owasp.org Anssi Porttikivi] __NOTOC__ <headertabs />

[[Category:Finland]] [[Category:Europe]]

Summit 2011 Attendee/Attendee173

2011-02-06T14:15:05Z

Msaario:

{{Template:<includeonly>{{{1}}}</includeonly><noinclude>OWASP 2011 Global Summit Attendee Tab</noinclude>
|-
| summit_attendee_name1 = Mikko Saario
| summit_attendee_email1 = midis@ovi.com
| summit_attendee_wiki_username1 =
|-
| summit_attendee_company = Nokia
|-
| Project Leadership (less than 6 months old) =
| Project Leadership (more than 6 months old) =
| Release Leadership (less than 6 months old) =
| Release Leadership (more than 6 months old) =
| Project Contribution (less than 6 months old) =
| Project Contribution (more than 6 months old) =
| Release Contribution (less than 6 months old) =
| Release Contribution (more than 6 months old) =
| Committee Membership =
| Chapter Co-Leadership =
| Conference Co-Leadership =
| Projected Funding Cost =
|-
| summit_attendee_current_owasp_involvement_name1 =
| summit_attendee_current_owasp_involvement_url_1 =
| summit_attendee_current_owasp_involvement_name2 =
| summit_attendee_current_owasp_involvement_url_2 =
| summit_attendee_current_owasp_involvement_name3 =
| summit_attendee_current_owasp_involvement_url_3 =
| summit_attendee_current_owasp_involvement_name4 =
| summit_attendee_current_owasp_involvement_url_4 =
| summit_attendee_current_owasp_involvement_name5 =
| summit_attendee_current_owasp_involvement_url_5 =
|-
| summit_attendee_reason_for_summit_participation_name1 =
| summit_attendee_reason_for_summit_participation_url_1 =
| notes_reason_for_participating_issues_to_be_discussed_1 =
| summit_attendee_reason_for_summit_participation_name2 =
| summit_attendee_reason_for_summit_participation_url_2 =
| notes_reason_for_participating_issues_to_be_discussed_2 =
| summit_attendee_reason_for_summit_participation_name3 =
| summit_attendee_reason_for_summit_participation_url_3 =
| notes_reason_for_participating_issues_to_be_discussed_3 =
| summit_attendee_reason_for_summit_participation_name4 =
| summit_attendee_reason_for_summit_participation_url_4 =
| notes_reason_for_participating_issues_to_be_discussed_4 =
| summit_attendee_reason_for_summit_participation_name5 =
| summit_attendee_reason_for_summit_participation_url_5 =
| notes_reason_for_participating_issues_to_be_discussed_5 =
|-
| summit_attendee_owasp_sponsor =
|-
| summit_attendee_summit_time_paid_by_name1 =
| summit_attendee_summit_time_paid_by_url_1 =
| summit_attendee_summit_time_paid_by_name2 =
| summit_attendee_summit_time_paid_by_url_2 =
|-
| summit_attendee_summit_expenses_paid_by_name1 =
| summit_attendee_summit_expenses_paid_by_url_1 =
| summit_attendee_summit_expenses_paid_by_name2 =
| summit_attendee_summit_expenses_paid_by_url_2 =
|-
| reason_for_sponsorship =
|-
| status =
|-
| letter sent to sponsor =
|-
| notes for Kate =
|-
| attendee_name_mask =  Attendee173
| attendee_home_page =  Summit_2011_Attendee/Attendee173
}}

Summit 2011 Working Sessions/Session065

2011-02-06T14:02:18Z

Msaario:

{{Template:<includeonly>{{{1}}}</includeonly><noinclude>Summit 2011 Working Sessions test tab</noinclude>
|-

| summit_session_attendee_name1 = Colin Watson
| summit_session_attendee_email1 =
| summit_session_attendee_username1 =
| summit_session_attendee_company1=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed1=

| summit_session_attendee_name2 = Tom Neaves
| summit_session_attendee_email2 = tom.neaves@verizonbusiness.com
| summit_session_attendee_username2 =
| summit_session_attendee_company2= Verizon Business
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed2=

| summit_session_attendee_name3 = Mateo Martinez
| summit_session_attendee_email3 = mateo.martinez@owasp.org
| summit_session_attendee_username3 =
| summit_session_attendee_company3=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed3=

| summit_session_attendee_name4 = Justin Clarke
| summit_session_attendee_email4 = justin.clarke@owasp.org
| summit_session_attendee_username4 =
| summit_session_attendee_company4=Gotham Digital Science
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed4=

| summit_session_attendee_name5 = Sherif Koussa
| summit_session_attendee_email5 = sherif.koussa@owasp.org
| summit_session_attendee_username5 =
| summit_session_attendee_company5= Software Secured
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed5=

| summit_session_attendee_name6 = Vishal Garg
| summit_session_attendee_email6 = vishalgrg@gmail.com
| summit_session_attendee_username6 =
| summit_session_attendee_company6= AppSecure Labs
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed6=

| summit_session_attendee_name7 = Dan Cornell
| summit_session_attendee_email7 = dan@denimgroup.com
| summit_session_attendee_username7 =
| summit_session_attendee_company7=Denim Group
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed7=

| summit_session_attendee_name8 = Chris Eng
| summit_session_attendee_email8 = ceng@veracode.com
| summit_session_attendee_username8 =
| summit_session_attendee_company8= Veracode
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed8=

| summit_session_attendee_name9 = Jim Manico
| summit_session_attendee_email9 = jim@manico.net
| summit_session_attendee_username9 =
| summit_session_attendee_company9= Infrared Security
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed9=

| summit_session_attendee_name10 = Jack Mannino
| summit_session_attendee_email10 = jack@nvisiumsecurity.com
| summit_session_attendee_username10 =
| summit_session_attendee_company10= nVisium Security
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed10=

| summit_session_attendee_name11 = Nishi Kumar
| summit_session_attendee_email11 = nishi.kumar@owasp.org
| summit_session_attendee_username11 =
| summit_session_attendee_company11= FIS
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed11=

| summit_session_attendee_name12 = Giorgio Fedon
| summit_session_attendee_email12 =
| summit_session_attendee_username12 = gfedon
| summit_session_attendee_company12= Minded Security
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed12=

| summit_session_attendee_name13 = Steve Jensen
| summit_session_attendee_email13 =
| summit_session_attendee_username13 =
| summit_session_attendee_company13= BT
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed13=

| summit_session_attendee_name14 = Neil Matatall
| summit_session_attendee_email14 = neil@owasp.org
| summit_session_attendee_username14 =
| summit_session_attendee_company14= FishNet Security
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed14=

| summit_session_attendee_name15 = Abraham Kang
| summit_session_attendee_email15 =
| summit_session_attendee_username15 =
| summit_session_attendee_company15=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed15=

| summit_session_attendee_name16 = Mikko Saario
| summit_session_attendee_email16 = midis@ovi.com
| summit_session_attendee_username16 =
| summit_session_attendee_company16= Nokia
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed16=

| summit_session_attendee_name17 =
| summit_session_attendee_email17 =
| summit_session_attendee_username17 =
| summit_session_attendee_company17=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed17=

| summit_session_attendee_name18 =
| summit_session_attendee_email18 =
| summit_session_attendee_username18 =
| summit_session_attendee_company18=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed18=

| summit_session_attendee_name19 =
| summit_session_attendee_email19 =
| summit_session_attendee_username19 =
| summit_session_attendee_company19=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed19=

| summit_session_attendee_name20 =
| summit_session_attendee_email20 =
| summit_session_attendee_username20 =
| summit_session_attendee_company20=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed20=

|-
| summit_track_logo = [[Image:T._individual_projects.jpg]]
| summit_ws_logo = [[Image:WS._individual_projects.jpg]]
| summit_session_name = Mobile Security
| summit_session_url = http://www.owasp.org/index.php/Summit_2011_Working_Sessions/Session065
| mailing_list =

|-

| short_working_session_description= Working session to establish baseline knowledge repository for mobile security testing within OWASP

|-

| related_project_name1 = OWASP Mobile Security Project
| related_project_url_1 = http://www.owasp.org/index.php/OWASP_Mobile_Security_Project

| related_project_name2 =
| related_project_url_2 =

| related_project_name3 =
| related_project_url_3 =

| related_project_name4 =
| related_project_url_4 =

| related_project_name5 =
| related_project_url_5 =

|-
| summit_session_objective_name1 = '''Primary: Create core knowledge base on project wiki site'''
| summit_session_objective_name2 = Recruit volunteers to contribute to project
| summit_session_objective_name3 = Establish relationships with key players (i.e. Apple/Google/etc)

| summit_session_objective_name4 = Create the OWASP Mobile Top 10

| summit_session_objective_name5 =

|-

| working_session_date_and_time =

|-

| discussion_model = participants and attendees

|-

| operational_resources = Projector, whiteboards, markers, Internet connectivity, power

|-

| working_session_additional_details =

|-

|summit_session_deliverable_name1 = Project wiki page

|summit_session_deliverable_name2 = A project home page, roadmap, and action plan. Look at the OWASP Ecosystem concept to see what all you should have in place.

|summit_session_deliverable_name3 = OWASP Mobile Top 10

|summit_session_deliverable_name4 =

|summit_session_deliverable_name5 =

|summit_session_deliverable_name6 =

|summit_session_deliverable_name7 =

|summit_session_deliverable_name8 =

|-

| summit_session_leader_name1 = Mike Zusman
| summit_session_leader_email1 = mike.zusman@intrepidusgroup.com
| summit_session_leader_username1 = schmoilito

| summit_session_leader_name2 = David Campbell
| summit_session_leader_email2 = dcampbell@owasp.org

| summit_session_leader_name3 =
| summit_session_leader_email3 =
| summit_session_leader_username3 =

|-

| operational_leader_name1 =
| operational_leader_email1 =
| operational_leader_username1 =
|-

| meeting_notes =

|-

| session_name_mask =  Session065
| session_home_page =  Summit_2011_Working_Sessions/Session065
}}

Summit 2011 Working Sessions/Session042

2011-02-06T13:59:17Z

Msaario:

{{Template:<includeonly>{{{1}}}</includeonly><noinclude>Summit 2011 Working Sessions test tab</noinclude>
|-

| summit_session_attendee_name1 = Martin Knobloch
| summit_session_attendee_email1 = martin.knobloch@owasp.org
| summit_session_attendee_username1 =
| summit_session_attendee_company1=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed1=

| summit_session_attendee_name2 = Nishi Kumar
| summit_session_attendee_email2 = nishi.kumar@owasp.org
| summit_session_attendee_username2 =
| summit_session_attendee_company2= FIS
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed2=

| summit_session_attendee_name3 = Jason Taylor
| summit_session_attendee_email3 = jtaylor@securityinnovation.com
| summit_session_attendee_username3 =
| summit_session_attendee_company3=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed3=

| summit_session_attendee_name4 = Carlos Serrão
| summit_session_attendee_email4 = carlos.serrao@iscte.pt
| summit_session_attendee_username4 =
| summit_session_attendee_company4=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed4=

| summit_session_attendee_name5 = Konstantinos Papapanagiotou
| summit_session_attendee_email5 = Konstantinos@owasp.org
| summit_session_attendee_username5 =
| summit_session_attendee_company5=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed5=

| summit_session_attendee_name6 = Daniel Brzozowski
| summit_session_attendee_email6 = daniel@brzozowski.biz
| summit_session_attendee_username6 = Daniel Brzozowski
| summit_session_attendee_company6=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed6=

| summit_session_attendee_name7 = L. Gustavo C. Barbato
| summit_session_attendee_email7 = lgbarbato@owasp.org
| summit_session_attendee_username7 = Gustavo Barbato
| summit_session_attendee_company7= Dell
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed7=

| summit_session_attendee_name8 = Keith Turpin
| summit_session_attendee_email8 = keith.turpin@owasp.org
| summit_session_attendee_username8 = Keith_Turpin
| summit_session_attendee_company8=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed8=

| summit_session_attendee_name9 = Ralph Durkee
| summit_session_attendee_email9 = Ralph.Durkee@owasp.org
| summit_session_attendee_username9 =
| summit_session_attendee_company9= Durkee Consulting, Inc.
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed9=

| summit_session_attendee_name10 = Mikko Saario
| summit_session_attendee_email10 = midis@ovi.com
| summit_session_attendee_username10 =
| summit_session_attendee_company10= Nokia
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed10=

| summit_session_attendee_name11 =
| summit_session_attendee_email11 =
| summit_session_attendee_username11 =
| summit_session_attendee_company11=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed11=

| summit_session_attendee_name12 =
| summit_session_attendee_email12 =
| summit_session_attendee_username12 =
| summit_session_attendee_company12=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed12=

| summit_session_attendee_name13 =
| summit_session_attendee_email13 =
| summit_session_attendee_username13 =
| summit_session_attendee_company13=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed13=

| summit_session_attendee_name14 =
| summit_session_attendee_email14 =
| summit_session_attendee_username14 =
| summit_session_attendee_company14=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed14=

| summit_session_attendee_name15 =
| summit_session_attendee_email15 =
| summit_session_attendee_username15 =
| summit_session_attendee_company15=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed15=

| summit_session_attendee_name16 =
| summit_session_attendee_email16 =
| summit_session_attendee_username16 =
| summit_session_attendee_company16=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed16=

| summit_session_attendee_name17 =
| summit_session_attendee_email17 =
| summit_session_attendee_username17 =
| summit_session_attendee_company17=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed17=

| summit_session_attendee_name18 =
| summit_session_attendee_email18 =
| summit_session_attendee_username18 =
| summit_session_attendee_company18=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed18=

| summit_session_attendee_name19 =
| summit_session_attendee_email19 =
| summit_session_attendee_username19 =
| summit_session_attendee_company19=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed19=

| summit_session_attendee_name20 =
| summit_session_attendee_email20 =
| summit_session_attendee_username20 =
| summit_session_attendee_company20=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed20=

|-
| summit_track_logo = [[Image:T._university.jpg]]
| summit_ws_logo = [[Image:WS._university.jpg]]
| summit_session_name = Developer's Security Training Package
| summit_session_url = http://www.owasp.org/index.php/Summit_2011_Working_Sessions/Session042
| mailing_list =

|-

| short_working_session_description= Compile a set of documents and slides to assist in the delivery of a security training class for developers

|-

| related_project_name1 = OWASP Development Guide, OWASP Secure Coding Practices - Quick Reference Guide, OWASP Enterprise Security API (ESAPI) Project,
| related_project_url_1 =

| related_project_name2 = OWASP Code Review Guide,
| related_project_url_2 =

| related_project_name3 = OWASP Application Security Verification Standard Project,
| related_project_url_3 =

| related_project_name4 = OWASP Testing Guide,
| related_project_url_4 =

| related_project_name5 = OWASP Top Ten Project
| related_project_url_5 =

|-

| summit_session_objective_name1= To create an organized package that can be used by companies for the purposes of educating developers on securely coding web applications and web services

| summit_session_objective_name2 =

| summit_session_objective_name3 =

| summit_session_objective_name4 =

| summit_session_objective_name5 =

|-

| working_session_date_and_time =

|-

| discussion_model = participants and attendees

|-

| operational_resources = Projector, whiteboards, markers, Internet connectivity, power

|-

| working_session_additional_details =

|-

|summit_session_deliverable_name1 = A curriculum for the above based on OWASP materials and a plan to build it out.

|summit_session_deliverable_name2 =

|summit_session_deliverable_name3 =

|summit_session_deliverable_name4 =

|summit_session_deliverable_name5 =

|summit_session_deliverable_name6 =

|summit_session_deliverable_name7 =

|summit_session_deliverable_name8 =

|-

| summit_session_leader_name1 = Brad Causey
| summit_session_leader_email1 = bradcausey@owasp.org

| summit_session_leader_name2 =
| summit_session_leader_email2 =
| summit_session_leader_username2 =

| summit_session_leader_name3 =
| summit_session_leader_email3 =
| summit_session_leader_username3 =

|-

| operational_leader_name1 =
| operational_leader_email1 =
| operational_leader_username1 =
|-

| meeting_notes =

|-

| session_name_mask =  Session042
| session_home_page =  Summit_2011_Working_Sessions/Session042
}}

Summit 2011 Working Sessions/Session092

2011-02-06T13:57:05Z

Msaario:

{{Template:<includeonly>{{{1}}}</includeonly><noinclude>Summit 2011 Working Sessions test tab</noinclude>
|-

| summit_session_attendee_name1 = Lucas C. Ferreira
| summit_session_attendee_email1 = lucas.ferreira@owasp.org
| summit_session_attendee_username1 =
| summit_session_attendee_company1=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed1=

| summit_session_attendee_name1 = Eoin Keary
| summit_session_attendee_email1 = eoin.keary@owasp.org
| summit_session_attendee_username1 = EoinKeary
| summit_session_attendee_company1=Ernst & Young
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed1=

| summit_session_attendee_name2 = Achim Hoffmann
| summit_session_attendee_email2 = achim@owasp.org
| summit_session_attendee_username2 = Achim
| summit_session_attendee_company2= sic[!]sec
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed2=

| summit_session_attendee_name3 = Steven van der Baan
| summit_session_attendee_email3 = steven.van.der.baan@owasp.org
| summit_session_attendee_username3 =
| summit_session_attendee_company3=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed3=

| summit_session_attendee_name4 = Cecil Su
| summit_session_attendee_email4 = cecil.su@owasp.org
| summit_session_attendee_username4 =
| summit_session_attendee_company4=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed4=

| summit_session_attendee_name5 = Sherif Koussa
| summit_session_attendee_email5 = sherif.koussa@owasp.org
| summit_session_attendee_username5 =
| summit_session_attendee_company5= Software Secured
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed5=

| summit_session_attendee_name6 = Matthias Rohr
| summit_session_attendee_email6 = m.rohr@sec-consult.com
| summit_session_attendee_username6 =
| summit_session_attendee_company6= SEC Consult
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed6=

| summit_session_attendee_name7 = Vishal Garg
| summit_session_attendee_email7 = vishalgrg@gmail.com
| summit_session_attendee_username7 =
| summit_session_attendee_company7= AppSecure Labs
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed7=

| summit_session_attendee_name8 = Chris Eng
| summit_session_attendee_email8 = ceng@veracode.com
| summit_session_attendee_username8 =
| summit_session_attendee_company8= Veracode
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed8=

| summit_session_attendee_name9 = Nishi Kumar
| summit_session_attendee_email9 = nishi.kumar@owasp.org
| summit_session_attendee_username9 =
| summit_session_attendee_company9= FIS
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed9=

| summit_session_attendee_name10 = Michael Coates
| summit_session_attendee_email10 = mcoates@mozilla.org
| summit_session_attendee_username10 =
| summit_session_attendee_company10= Mozilla
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed10=

| summit_session_attendee_name11 = Giorgio Fedon
| summit_session_attendee_email11 =
| summit_session_attendee_username11 = gfedon
| summit_session_attendee_company11=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed11=

| summit_session_attendee_name12 = Keith Turpin
| summit_session_attendee_email12 = keith.turpin@owasp.org
| summit_session_attendee_username12 = Keith_Turpin
| summit_session_attendee_company12=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed12=

| summit_session_attendee_name13 = Ofer Maor
| summit_session_attendee_email13 = ofer.maor@owasp.org
| summit_session_attendee_username13 =
| summit_session_attendee_company13=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed13=

| summit_session_attendee_name14 = Nuno Loureiro
| summit_session_attendee_email14 = nuno@sig9.net
| summit_session_attendee_username14 =
| summit_session_attendee_company14= SAPO
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed14=

| summit_session_attendee_name15 = Mikko Saario
| summit_session_attendee_email15 = midis@ovi.com
| summit_session_attendee_username15 =
| summit_session_attendee_company15= Nokia
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed15=

| summit_session_attendee_name16 =
| summit_session_attendee_email16 =
| summit_session_attendee_username16 =
| summit_session_attendee_company16=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed16=

| summit_session_attendee_name17 =
| summit_session_attendee_email17 =
| summit_session_attendee_username17 =
| summit_session_attendee_company17=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed17=

| summit_session_attendee_name18 =
| summit_session_attendee_email18 =
| summit_session_attendee_username18 =
| summit_session_attendee_company18=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed18=

| summit_session_attendee_name19 =
| summit_session_attendee_email19 =
| summit_session_attendee_username19 =
| summit_session_attendee_company19=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed19=

| summit_session_attendee_name20 =
| summit_session_attendee_email20 =
| summit_session_attendee_username20 =
| summit_session_attendee_company20=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed20=
|-
| summit_track_logo = [[Image:T._mitigation.jpg]]
| summit_ws_logo = [[Image:WS._mitigation.jpg]]
| summit_session_name = Scaling Web Application Security Testing
| summit_session_url = http://www.owasp.org/index.php/Summit_2011_Working_Sessions/Session092
| mailing_list =

|-

| short_working_session_description= One of the challenge that large companies have is how to scale web application security testing when hundreds if not thousands of applications need to be retested regularly. The objective of this Working Sessions is for the security teams that are trying to do this today (including Tools and Host based solutions) to exchange ideas, expose current problems and share solutions

|-

| related_project_name1 =
| related_project_url_1 =

| related_project_name2 =
| related_project_url_2 =

| related_project_name3 =
| related_project_url_3 =

| related_project_name4 =
| related_project_url_4 =

| related_project_name5 =
| related_project_url_5 =

|-

| summit_session_objective_name1=

| summit_session_objective_name2 =

| summit_session_objective_name3 =

| summit_session_objective_name4 =

| summit_session_objective_name5 =

|-

| working_session_date_and_time =

|-

| discussion_model = participants and attendees

|-

| operational_resources = Projector, whiteboards, markers, Internet connectivity, power

|-

| working_session_additional_details =

|-

|summit_session_deliverable_name1 = A white paper describing strategies for scaling application security verification programs beyond a single application at a time. Should address achieving coverage of expected controls, depth of assurance, both automated and manual approaches, custom rules, rule management, rule deployment.

|summit_session_deliverable_name2 =

|summit_session_deliverable_name3 =

|summit_session_deliverable_name4 =

|summit_session_deliverable_name5 =

|summit_session_deliverable_name6 =

|summit_session_deliverable_name7 =

|summit_session_deliverable_name8 =

|-

| summit_session_leader_name1 = Arian Evans
| summit_session_leader_email1 =
| summit_session_leader_username1 =

| summit_session_leader_name2 = Dinis Cruz
| summit_session_leader_email2 = dinis.cruz@owasp.org
| summit_session_leader_username2 = Dinis.cruz

| summit_session_leader_name3 =
| summit_session_leader_email3 =
| summit_session_leader_username3 =

|-

| operational_leader_name1 =
| operational_leader_email1 =
| operational_leader_username1 =

|-

| meeting_notes =

|-
| session_name_mask =  Session092
| session_home_page =  Summit_2011_Working_Sessions/Session092
}}

Summit 2011 Working Sessions/Session055

2011-02-05T11:31:34Z

Msaario: Added Mikko Saario to attendee list

{{Template:<includeonly>{{{1}}}</includeonly><noinclude>Summit 2011 Working Sessions test tab</noinclude>
|-

| summit_session_attendee_name1 = Tony UcedaVelez
| summit_session_attendee_email1 = tonyuv@owasp.org
| summit_session_attendee_username1 = Tony UcedaVelez
| summit_session_attendee_company1= VerSprite
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed1=

| summit_session_attendee_name2 = Justin Clarke
| summit_session_attendee_email2 = justin.clarke@owasp.org
| summit_session_attendee_username2 = Justin42
| summit_session_attendee_company2= Gotham Digital Science
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed2=

| summit_session_attendee_name2 = Eoin Keary
| summit_session_attendee_email2 = eoin.keary@owasp.org
| summit_session_attendee_username2 = EoinKeary
| summit_session_attendee_company2= Ernst & Young
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed2=

| summit_session_attendee_name3 = Sherif Koussa
| summit_session_attendee_email3 = sherif.koussa@owasp.org
| summit_session_attendee_username3 = Koussa
| summit_session_attendee_company3= Software Secured
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed3=

| summit_session_attendee_name4 = Konstantinos Papapanagiotou
| summit_session_attendee_email4 = Konstantinos@owasp.org
| summit_session_attendee_username4 = conpap
| summit_session_attendee_company4= Syntax IT Inc
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed4=

| summit_session_attendee_name5 = Vishal Garg
| summit_session_attendee_email5 = vishalgrg@gmail.com
| summit_session_attendee_username5= Vishal_Garg
| summit_session_attendee_company5= AppSecure Labs Ltd
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed5=

| summit_session_attendee_name6 = Mateo Martinez
| summit_session_attendee_email6 = mateo.martinez@owasp.org
| summit_session_attendee_username6=
| summit_session_attendee_company6=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed6=

| summit_session_attendee_name7 = Mikko Saario
| summit_session_attendee_email7 = midis@ovi.com
| summit_session_attendee_username7=
| summit_session_attendee_company7= Nokia
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed7=

| summit_session_attendee_name8 =
| summit_session_attendee_email8 =
| summit_session_attendee_username8=
| summit_session_attendee_company8=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed8=

| summit_session_attendee_name9 =
| summit_session_attendee_email9 =
| summit_session_attendee_username9=
| summit_session_attendee_company9=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed9=

| summit_session_attendee_name10 =
| summit_session_attendee_email10 =
| summit_session_attendee_username10=
| summit_session_attendee_company10=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed10=

| summit_session_attendee_name11 =
| summit_session_attendee_email11 =
| summit_session_attendee_username11=
| summit_session_attendee_company11=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed11=

| summit_session_attendee_name12 =
| summit_session_attendee_email12 =
| summit_session_attendee_username12=
| summit_session_attendee_company12 =
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed12=

| summit_session_attendee_name13 =
| summit_session_attendee_email13 =
| summit_session_attendee_username13 =
| summit_session_attendee_company13=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed13=

| summit_session_attendee_name14 =
| summit_session_attendee_email14 =
| summit_session_attendee_username14=
| summit_session_attendee_company14=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed14=

| summit_session_attendee_name15 =
| summit_session_attendee_email15 =
| summit_session_attendee_username15=
| summit_session_attendee_company15=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed15=

| summit_session_attendee_name16 =
| summit_session_attendee_email16 =
| summit_session_attendee_username16=
| summit_session_attendee_company16=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed16=

| summit_session_attendee_name17 =
| summit_session_attendee_email17 =
| summit_session_attendee_username17=
| summit_session_attendee_company17=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed17=

| summit_session_attendee_name18 =
| summit_session_attendee_email18 =
| summit_session_attendee_username18=
| summit_session_attendee_company18=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed18=

| summit_session_attendee_name19 =
| summit_session_attendee_email19 =
| summit_session_attendee_username19=
| summit_session_attendee_company19=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed19=

| summit_session_attendee_name20 =
| summit_session_attendee_email20 =
| summit_session_attendee_username20=
| summit_session_attendee_company20=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed20=

|-
| summit_track_logo = [[Image:T._metrics.jpg]]
| summit_ws_logo = [[Image:WS._metrics.jpg]]
| summit_session_name = Risk Metrics
| summit_session_url = http://www.owasp.org/index.php/Summit_2011_Working_Sessions/Session055
| mailing_list =

|-

| short_working_session_description= We all know that you can’t control what you can’t measure and that you need to measure the right things or you won’t be steering towards the right outcome. For this session we will define the right outcome as “low risk to an organization from vulnerabilities in applications.” This session will discuss assigning business risk to applications and it would also be great if this could be translated into monetary risk to determine if an organizations investment in applications is not too much or too little. This is a big unsolved problem so come prepared with ideas and be willing to take part in a discussion.

|-

| related_project_name1 =
| related_project_url_1 =

| related_project_name2 =
| related_project_url_2 =

| related_project_name3 =
| related_project_url_3 =

| related_project_name4 =
| related_project_url_4 =

| related_project_name5 =
| related_project_url_5 =

|-

| summit_session_objective_name1= Quantify business criticality of a deployed application

| summit_session_objective_name2 = Translate technical risks into business risks (speak the language of management)

| summit_session_objective_name3 = Translate technical risk into approximate financial risk

| summit_session_objective_name4 =

| summit_session_objective_name5 =

|-

| working_session_date_and_time =

|-

| discussion_model = participants and attendees

|-

| operational_resources = Projector, whiteboards, markers, Internet connectivity, power

|-

| working_session_additional_details =

|-

|summit_session_deliverable_name1 = Paper describing definitions and formula for determining business criticality

|summit_session_deliverable_name2 = Paper translating technical language and risks into business language and monetary risk

|summit_session_deliverable_name3 =

|summit_session_deliverable_name4 =

|summit_session_deliverable_name5 =

|summit_session_deliverable_name6 =

|summit_session_deliverable_name7 =

|summit_session_deliverable_name8 =

|-

| summit_session_leader_name1 = Chris Wysopal
| summit_session_leader_email1 = cwysopal@Veracode.com
| summit_session_leader_username1 = Chris Wysopal

| summit_session_leader_name2 =
| summit_session_leader_email2 =
| summit_session_leader_username2 =

| summit_session_leader_name3 =
| summit_session_leader_email3 =
| summit_session_leader_username3 =

|-

| operational_leader_name1 =
| operational_leader_email1 =
| operational_leader_username1 =
|-

| meeting_notes =

|-
| session_name_mask =  Session055
| session_home_page =  Summit_2011_Working_Sessions/Session055
}}

Helsinki

2008-11-06T20:50:28Z

Msaario: /* OWASP Helsinki Meeting #7: Tuesday November 11 2008 */

{{Chapter Template|chaptername=Helsinki|extra=The chapter leader is [mailto:antti@owasp.org Antti Laulajainen]
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-helsinki|emailarchives=http://lists.owasp.org/pipermail/owasp-helsinki}}

<paypal>Helsinki</paypal>

== Local News ==

'''Welcome to the OWASP Helsinki Chapter'''

The plan is to meet at least three to four times a year, each lasting 1,5-3 hours (more active "hands" means more meetings). This chapter is based in the capital area and therefore the meetings will be in or around Helsinki.

If you wish to present at one of the meetings or have any other inquiries, please contact the chapter leader.

== Current Activities ==

Currently OWASP Helsinki is working on the following tasks:
*[[Top 10 2007 Finnish]] aim to translate OWASP Top 10 list in Finnish

== OWASP Helsinki Meeting #7: Tuesday November 11th 2008 ==

'''Location: Nokia Ruoholahti, Itämerenkatu 11-13, 00180 Helsinki'''

'''Time: 17:00-18:30'''

'''Schedule''' 

'''17:00 Welcome by Anssi Laulajainen, OWASP Chapter Leader'''

*Current state and progress of OWASP Top 10 Finnish translation

'''17:20 Antti Vähä-Sipilä, Nokia: SAFECode'''

*Introduction and overview of SAFECode (The Software Assurance Forum for Excellence in Code)
*SAFECode publications

'''17:40 Juhani Eronen, CERT-FI: Lifecycle of a security vulnerability'''

*Microsoft MS08-067 (Vulnerability in Server Service Could Allow Remote Code Execution), its history (MS06-040) and exploitation.

'''Discussion'''

'''18:30 or so'''

* Enjoy local establishments at own risk & cost [cerveza, aqua con gas, etc]

''' PLEASE REGISTER WITH: mikko . saario at nokia . com (we have reserved snacks for 25 people)'''

== OWASP Helsinki Web Hacking Workshop, Tuesday September 10th 2008 ==

'''Location: Teleware / KPMG, Laajalahdentie 23, 6. floor, reception at the ground floor, 00330 Helsinki'''

'''Time: 18.00 - 20.00'''

'''Schedule'''

'''18.00 Welcome and recent activities. Antti Laulajainen '''

'''18.05 Web Hacking Workshop, Anssi Porttikivi, Senior ICT Advisor KPMG/Teleware'''

*KPMG Oy IT Security Advisory marketing presentation 15 min
*Web hacking exercises and demonstrations in a laboratory class (using WebGoat and WebScarab tools)

'''Snacks available. Send your reservations to Anssi's mail address, anssi.porttikivi@kpmg.fi. Room for 20 participants.'''

'''Note! Be in time, because the reception closes at 18.'''

== OWASP Goes! CERT-FI, Thursday, June 12th 2008 ==

'''Location: Viestintävirasto, Itämerenkatu 3 A, 00180 Helsinki and One Pint Pub Santakatu 2, 00180 Helsinki'''

'''Time: 16.00 - 20.00'''

'''Schedule'''

'''16.00 Welcome and recent activities. Antti Laulajainen '''

'''16.10 Introduction of CERT-FI. Juhani Eronen, Information Security Adviser, CERT-FI'''

'''16.30 Vulnerability coordination. Juhani Eronen'''
* CERT-FI as a vulnerability coordinator
* Coordination examples

'''18.00 Possibility to continue the evening at the One Pint Pub'''
* If someone fancies a (self-financed) beer

'''Viestintävirasto asks those who wish to participate to the meeting to register in advance. For registrations please contact CERT-FI Unit Secretary Virpi Hienonen (virpi.hienonen(at)ficora.fi). The deadline is June 6, 2008.'''

== OWASP Helsinki Chapter meeting/Get Together #6 Tuesday, May 13th 2008 ==

Thank you for attending.

You can download the presentation here''' https://www.owasp.org/images/7/70/OWASP_HelsinkiChapter_130508.pdf

Coverage of the event in local news (Finnish only) http://mikropc.net/uutiset/index.jsp?categoryId=atk&day=20080514#w2008051411524012715

'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki and Ravintola Kaisla, Vilhonkatu 4, 00100 Helsinki'''

'''Time: 16.00 - 20.00'''

Welcome to spring meeting 2008.

'''Schedule'''

'''16.00 - 16.10 OWASP update. Antti Laulajainen'''

'''16.10-17.00 Notes From The field, OWASP tools and usage experiences, Jarkko Holappa & Antti Laulajainen'''

'''17.30 - 20.00 Drinks at Ravintola Kaisla (Bring Your Own Wallet)'''

Hope to see as many of you as possible!

== OWASP Helsinki Chapter meeting #5 Tuesday, March 11th 2008 ==
'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki.'''

'''Time: 18.30 - 20.30'''

Welcome to first meeting of 2008. OWASP Helsinki resumes activities after winter break.

We are pleased to have as a speaker Technology Manager of Nokia Product Security, Alexandr Seleznyov. His topic will be current state of application security.

'''Schedule'''

'''18.30 - 18.40 OWASP update. Antti Laulajainen'''

'''18.40 - 20.30 Current State of Application Security. Alexandr Seleznyov'''

Hope to see as many of you as possible!

== OWASP Helsinki & RWSUG Seminar Tuesday, January 29th 2008 ==
'''Location: IBM, Laajalahdentie 23, 00330 Helsinki.'''
'''Time: 11.15 - 19.00'''

OWASP Helsinki and Rational and Websphere User Group Finland RWSUG are aiming to co-operate to raise application security awareness. OWASP Helsinki will have a presentation in RWSUG agility seminar. More information from http://www.rwsug.fi/default.asp?path=1,39,385

'''You can download the presentation here''' https://www.owasp.org/images/c/cd/RWSUG5_Agile_Security_Management.pdf

See program below. Most of it is Finnish only
*11.15 Ilmoittautuminen alkaa
*11.15-12.00 Buffet-lounas
*12.00-12.10 Tilaisuuden avaus Jussi Jutila, Puheenjohtaja, RWSUG ry

KEYNOTE

*12.10-13.30 Scaling Agile Software Development: Strategies for Applying Agile in Complex Situations Scott W. Ambler, Practice Leader Agile Development, IBM Canada
*13.30-13.45 Kahvitauko
*13.45-15.30 SOA liiketoiminnan näkökulmasta ja SOA toteutuksen näkökulmasta kansainvälisessa hankkeessa Kari Laine, IT Architect, IF ja Jarmo Laine, Senior Software Architect,Primasoft
*15.30-15.45 Tauko
*15.45-16.30 Ketterä tietoturvan hallinta ohjelmistotuotannossa Reijo Savola, VTT
*16.30-17.15 Jazz Update IBM
*17.15-19.00 Iltapalaa ja verkostoitumista IBM Forumissa
 

== OWASP Helsinki Introduction to ISACA Finland Thursday January 24th 2008 ==
OWASP Helsinki participated in ISACA Finland meeting to raise application security awareness among system auditors and inspectors.
 A presentation was held that introduced basic web techniques, some security issues, OWASP in general, OWASP projects and OWASP Helsinki chapter.
 
'''You can download the presentation here''': https://www.owasp.org/images/e/e4/OWASP_ISACA_20080124.pdf (Finnish Only)
 

== OWASP Helsinki meeting #4 Fall 2007 with Mark Curphey, Tuesday, October 2 2007 ==
'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki.'''

Thank you for all participants and Mark from great presentation.

Coverage of the meeting in the local news (in Finnish):
http://mikropc.net/uutiset/index.jsp?categoryId=atk&day=20071003#w2007100315112711629

We are delighted to have Mark Curphey - the OWASP founder and new head of Microsoft's ACE (Application Consulting & Engineering) team in Europe - to visit Finland and discuss web app security with us. Hopefully as many as of you possible can participate!

'''18:30 Welcome and recent Helsinki chapter activities. Antti Laulajainen'''

'''18:40 Naked Software Security. Mark Curphey'''
*Commentary on how to build secure software
*Thoughts on the industry

'''WELCOME!'''

== OWASP Helsinki meeting #3 Summer 2007: "SOA, Web Services & XML Security", Tuesday, June 5th 2007 ==

Date: June 5th

Location: Smilehouse, Itälahdenkatu 22A (Stonesoft building), Lauttasaari.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/tietoturva_docview.jsp?f_id=1186167

'''19:00 Welcome & quick recap of recent OWASP activity and the Spring conference. Mikko Saario.'''

'''19:15 Gunnar Peterson, CTO Arctec Group and project lead for the OWASP "XML Security Gateway Evaluation Criteria".'''

Gunnar will be visiting Finland to provide training via Tietoturva ry on this subject. Topics to be covered:
* XML Security Gateways
* Message level threats and security countermeasures in Web services
* OWASP XML Security Gateway Evaluation Criteria Project

'''20:15 "Real-life usage of OWASP tools". Alexandr Seleznyov, Nokia Product Security.'''

(There is a chance Alex cannot make it. In that case we will discuss SOA stuff in more detail or just head off to bar earlier.)

'''20:45 Enter Bar 52...'''
--> Enjoy (sponsored) beverages.

== OWASP Helsinki meeting #2 Winter 2007, Web Application Firewalls, Thursday, February 22 2007 ==

Thank you for the 29 participants, the speakers and the host - Nixu - for making this event happen!

'''Location: Nixu, Mäkelänkatu 91, 00601 Helsinki.'''

What are Web Application Firewalls (WAF), how do they work, what do they do and what don't they do. Discussion and sharing of experiences of various technologies and products.

'''18.30 Welcome. Mikko Saario, Chapter Leader.'''

Today's topic and agenda in short.

'''18.35 "Web Application Firewalls Technical Analysis". Joakim Sandström, CTO nSense.'''

http://www.owasp.org/images/6/6a/Owasp_waf_joakim.pdf

- Technology

- Blacklisting & Whitelisting

- mod_security features

- Do's and Don'ts

'''19.30 "The Core Rule Sets". Ofer Shezaf, CTO Breach Security.'''

http://www.owasp.org/images/f/f4/The_Core_Rule_Set_-_Ofer.pdf

- WAF deployment and protection strategies

- Detection of generic web layer attacks

- Virtual patching

== OWASP Helsinki meeting #1, Tuesday, Dec 12 2006 at Ernst & Young ==

The Helsinki chapter had the first meeting at Ernst & Young office in Elielinaukio 5 B. The agenda and the presentations for the meeting are below. We had a good turnout: 22 people were present i.e. all seats were taken - we were very happy to see all these people to be interested in application security issues.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/doc.do?f_id=1083463

'''18:30 Welcome. What is OWASP and why OWASP Helsinki?'''

Mikko Saario made a short presentation about OWASP and the objective for the local Helsinki chapter.

'''19:00 Analyzing Threats (Olli Wiren; olli [at] juurihoito.org)'''

Olli Wiren discussed application related threats and corresponding security issues.

http://www.owasp.org/images/7/7c/Owasp-olli.pdf

'''19:45 Open discussion regarding OWASP Helsinki; what is expected or wished; how to go ahead and so forth.'''

There was a lively discussion regarding what type of activities should be arranged in the future. More details will follow...

Helsinki

2008-11-06T20:50:13Z

Msaario: /* OWASP Helsinki Meeting #7: Tuesday November 11 */

{{Chapter Template|chaptername=Helsinki|extra=The chapter leader is [mailto:antti@owasp.org Antti Laulajainen]
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-helsinki|emailarchives=http://lists.owasp.org/pipermail/owasp-helsinki}}

<paypal>Helsinki</paypal>

== Local News ==

'''Welcome to the OWASP Helsinki Chapter'''

The plan is to meet at least three to four times a year, each lasting 1,5-3 hours (more active "hands" means more meetings). This chapter is based in the capital area and therefore the meetings will be in or around Helsinki.

If you wish to present at one of the meetings or have any other inquiries, please contact the chapter leader.

== Current Activities ==

Currently OWASP Helsinki is working on the following tasks:
*[[Top 10 2007 Finnish]] aim to translate OWASP Top 10 list in Finnish

== OWASP Helsinki Meeting #7: Tuesday November 11 2008 ==

'''Location: Nokia Ruoholahti, Itämerenkatu 11-13, 00180 Helsinki'''

'''Time: 17:00-18:30'''

'''Schedule''' 

'''17:00 Welcome by Anssi Laulajainen, OWASP Chapter Leader'''

*Current state and progress of OWASP Top 10 Finnish translation

'''17:20 Antti Vähä-Sipilä, Nokia: SAFECode'''

*Introduction and overview of SAFECode (The Software Assurance Forum for Excellence in Code)
*SAFECode publications

'''17:40 Juhani Eronen, CERT-FI: Lifecycle of a security vulnerability'''

*Microsoft MS08-067 (Vulnerability in Server Service Could Allow Remote Code Execution), its history (MS06-040) and exploitation.

'''Discussion'''

'''18:30 or so'''

* Enjoy local establishments at own risk & cost [cerveza, aqua con gas, etc]

''' PLEASE REGISTER WITH: mikko . saario at nokia . com (we have reserved snacks for 25 people)'''

== OWASP Helsinki Web Hacking Workshop, Tuesday September 10th 2008 ==

'''Location: Teleware / KPMG, Laajalahdentie 23, 6. floor, reception at the ground floor, 00330 Helsinki'''

'''Time: 18.00 - 20.00'''

'''Schedule'''

'''18.00 Welcome and recent activities. Antti Laulajainen '''

'''18.05 Web Hacking Workshop, Anssi Porttikivi, Senior ICT Advisor KPMG/Teleware'''

*KPMG Oy IT Security Advisory marketing presentation 15 min
*Web hacking exercises and demonstrations in a laboratory class (using WebGoat and WebScarab tools)

'''Snacks available. Send your reservations to Anssi's mail address, anssi.porttikivi@kpmg.fi. Room for 20 participants.'''

'''Note! Be in time, because the reception closes at 18.'''

== OWASP Goes! CERT-FI, Thursday, June 12th 2008 ==

'''Location: Viestintävirasto, Itämerenkatu 3 A, 00180 Helsinki and One Pint Pub Santakatu 2, 00180 Helsinki'''

'''Time: 16.00 - 20.00'''

'''Schedule'''

'''16.00 Welcome and recent activities. Antti Laulajainen '''

'''16.10 Introduction of CERT-FI. Juhani Eronen, Information Security Adviser, CERT-FI'''

'''16.30 Vulnerability coordination. Juhani Eronen'''
* CERT-FI as a vulnerability coordinator
* Coordination examples

'''18.00 Possibility to continue the evening at the One Pint Pub'''
* If someone fancies a (self-financed) beer

'''Viestintävirasto asks those who wish to participate to the meeting to register in advance. For registrations please contact CERT-FI Unit Secretary Virpi Hienonen (virpi.hienonen(at)ficora.fi). The deadline is June 6, 2008.'''

== OWASP Helsinki Chapter meeting/Get Together #6 Tuesday, May 13th 2008 ==

Thank you for attending.

You can download the presentation here''' https://www.owasp.org/images/7/70/OWASP_HelsinkiChapter_130508.pdf

Coverage of the event in local news (Finnish only) http://mikropc.net/uutiset/index.jsp?categoryId=atk&day=20080514#w2008051411524012715

'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki and Ravintola Kaisla, Vilhonkatu 4, 00100 Helsinki'''

'''Time: 16.00 - 20.00'''

Welcome to spring meeting 2008.

'''Schedule'''

'''16.00 - 16.10 OWASP update. Antti Laulajainen'''

'''16.10-17.00 Notes From The field, OWASP tools and usage experiences, Jarkko Holappa & Antti Laulajainen'''

'''17.30 - 20.00 Drinks at Ravintola Kaisla (Bring Your Own Wallet)'''

Hope to see as many of you as possible!

== OWASP Helsinki Chapter meeting #5 Tuesday, March 11th 2008 ==
'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki.'''

'''Time: 18.30 - 20.30'''

Welcome to first meeting of 2008. OWASP Helsinki resumes activities after winter break.

We are pleased to have as a speaker Technology Manager of Nokia Product Security, Alexandr Seleznyov. His topic will be current state of application security.

'''Schedule'''

'''18.30 - 18.40 OWASP update. Antti Laulajainen'''

'''18.40 - 20.30 Current State of Application Security. Alexandr Seleznyov'''

Hope to see as many of you as possible!

== OWASP Helsinki & RWSUG Seminar Tuesday, January 29th 2008 ==
'''Location: IBM, Laajalahdentie 23, 00330 Helsinki.'''
'''Time: 11.15 - 19.00'''

OWASP Helsinki and Rational and Websphere User Group Finland RWSUG are aiming to co-operate to raise application security awareness. OWASP Helsinki will have a presentation in RWSUG agility seminar. More information from http://www.rwsug.fi/default.asp?path=1,39,385

'''You can download the presentation here''' https://www.owasp.org/images/c/cd/RWSUG5_Agile_Security_Management.pdf

See program below. Most of it is Finnish only
*11.15 Ilmoittautuminen alkaa
*11.15-12.00 Buffet-lounas
*12.00-12.10 Tilaisuuden avaus Jussi Jutila, Puheenjohtaja, RWSUG ry

KEYNOTE

*12.10-13.30 Scaling Agile Software Development: Strategies for Applying Agile in Complex Situations Scott W. Ambler, Practice Leader Agile Development, IBM Canada
*13.30-13.45 Kahvitauko
*13.45-15.30 SOA liiketoiminnan näkökulmasta ja SOA toteutuksen näkökulmasta kansainvälisessa hankkeessa Kari Laine, IT Architect, IF ja Jarmo Laine, Senior Software Architect,Primasoft
*15.30-15.45 Tauko
*15.45-16.30 Ketterä tietoturvan hallinta ohjelmistotuotannossa Reijo Savola, VTT
*16.30-17.15 Jazz Update IBM
*17.15-19.00 Iltapalaa ja verkostoitumista IBM Forumissa
 

== OWASP Helsinki Introduction to ISACA Finland Thursday January 24th 2008 ==
OWASP Helsinki participated in ISACA Finland meeting to raise application security awareness among system auditors and inspectors.
 A presentation was held that introduced basic web techniques, some security issues, OWASP in general, OWASP projects and OWASP Helsinki chapter.
 
'''You can download the presentation here''': https://www.owasp.org/images/e/e4/OWASP_ISACA_20080124.pdf (Finnish Only)
 

== OWASP Helsinki meeting #4 Fall 2007 with Mark Curphey, Tuesday, October 2 2007 ==
'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki.'''

Thank you for all participants and Mark from great presentation.

Coverage of the meeting in the local news (in Finnish):
http://mikropc.net/uutiset/index.jsp?categoryId=atk&day=20071003#w2007100315112711629

We are delighted to have Mark Curphey - the OWASP founder and new head of Microsoft's ACE (Application Consulting & Engineering) team in Europe - to visit Finland and discuss web app security with us. Hopefully as many as of you possible can participate!

'''18:30 Welcome and recent Helsinki chapter activities. Antti Laulajainen'''

'''18:40 Naked Software Security. Mark Curphey'''
*Commentary on how to build secure software
*Thoughts on the industry

'''WELCOME!'''

== OWASP Helsinki meeting #3 Summer 2007: "SOA, Web Services & XML Security", Tuesday, June 5th 2007 ==

Date: June 5th

Location: Smilehouse, Itälahdenkatu 22A (Stonesoft building), Lauttasaari.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/tietoturva_docview.jsp?f_id=1186167

'''19:00 Welcome & quick recap of recent OWASP activity and the Spring conference. Mikko Saario.'''

'''19:15 Gunnar Peterson, CTO Arctec Group and project lead for the OWASP "XML Security Gateway Evaluation Criteria".'''

Gunnar will be visiting Finland to provide training via Tietoturva ry on this subject. Topics to be covered:
* XML Security Gateways
* Message level threats and security countermeasures in Web services
* OWASP XML Security Gateway Evaluation Criteria Project

'''20:15 "Real-life usage of OWASP tools". Alexandr Seleznyov, Nokia Product Security.'''

(There is a chance Alex cannot make it. In that case we will discuss SOA stuff in more detail or just head off to bar earlier.)

'''20:45 Enter Bar 52...'''
--> Enjoy (sponsored) beverages.

== OWASP Helsinki meeting #2 Winter 2007, Web Application Firewalls, Thursday, February 22 2007 ==

Thank you for the 29 participants, the speakers and the host - Nixu - for making this event happen!

'''Location: Nixu, Mäkelänkatu 91, 00601 Helsinki.'''

What are Web Application Firewalls (WAF), how do they work, what do they do and what don't they do. Discussion and sharing of experiences of various technologies and products.

'''18.30 Welcome. Mikko Saario, Chapter Leader.'''

Today's topic and agenda in short.

'''18.35 "Web Application Firewalls Technical Analysis". Joakim Sandström, CTO nSense.'''

http://www.owasp.org/images/6/6a/Owasp_waf_joakim.pdf

- Technology

- Blacklisting & Whitelisting

- mod_security features

- Do's and Don'ts

'''19.30 "The Core Rule Sets". Ofer Shezaf, CTO Breach Security.'''

http://www.owasp.org/images/f/f4/The_Core_Rule_Set_-_Ofer.pdf

- WAF deployment and protection strategies

- Detection of generic web layer attacks

- Virtual patching

== OWASP Helsinki meeting #1, Tuesday, Dec 12 2006 at Ernst & Young ==

The Helsinki chapter had the first meeting at Ernst & Young office in Elielinaukio 5 B. The agenda and the presentations for the meeting are below. We had a good turnout: 22 people were present i.e. all seats were taken - we were very happy to see all these people to be interested in application security issues.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/doc.do?f_id=1083463

'''18:30 Welcome. What is OWASP and why OWASP Helsinki?'''

Mikko Saario made a short presentation about OWASP and the objective for the local Helsinki chapter.

'''19:00 Analyzing Threats (Olli Wiren; olli [at] juurihoito.org)'''

Olli Wiren discussed application related threats and corresponding security issues.

http://www.owasp.org/images/7/7c/Owasp-olli.pdf

'''19:45 Open discussion regarding OWASP Helsinki; what is expected or wished; how to go ahead and so forth.'''

There was a lively discussion regarding what type of activities should be arranged in the future. More details will follow...

Helsinki

2008-11-06T20:49:52Z

Msaario: /* OWASP Helsinki Meeting: Tuesday November 11 */

{{Chapter Template|chaptername=Helsinki|extra=The chapter leader is [mailto:antti@owasp.org Antti Laulajainen]
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-helsinki|emailarchives=http://lists.owasp.org/pipermail/owasp-helsinki}}

<paypal>Helsinki</paypal>

== Local News ==

'''Welcome to the OWASP Helsinki Chapter'''

The plan is to meet at least three to four times a year, each lasting 1,5-3 hours (more active "hands" means more meetings). This chapter is based in the capital area and therefore the meetings will be in or around Helsinki.

If you wish to present at one of the meetings or have any other inquiries, please contact the chapter leader.

== Current Activities ==

Currently OWASP Helsinki is working on the following tasks:
*[[Top 10 2007 Finnish]] aim to translate OWASP Top 10 list in Finnish

== OWASP Helsinki Meeting #7: Tuesday November 11 ==

'''Location: Nokia Ruoholahti, Itämerenkatu 11-13, 00180 Helsinki'''

'''Time: 17:00-18:30'''

'''Schedule''' 

'''17:00 Welcome by Anssi Laulajainen, OWASP Chapter Leader'''

*Current state and progress of OWASP Top 10 Finnish translation

'''17:20 Antti Vähä-Sipilä, Nokia: SAFECode'''

*Introduction and overview of SAFECode (The Software Assurance Forum for Excellence in Code)
*SAFECode publications

'''17:40 Juhani Eronen, CERT-FI: Lifecycle of a security vulnerability'''

*Microsoft MS08-067 (Vulnerability in Server Service Could Allow Remote Code Execution), its history (MS06-040) and exploitation.

'''Discussion'''

'''18:30 or so'''

* Enjoy local establishments at own risk & cost [cerveza, aqua con gas, etc]

''' PLEASE REGISTER WITH: mikko . saario at nokia . com (we have reserved snacks for 25 people)'''

== OWASP Helsinki Web Hacking Workshop, Tuesday September 10th 2008 ==

'''Location: Teleware / KPMG, Laajalahdentie 23, 6. floor, reception at the ground floor, 00330 Helsinki'''

'''Time: 18.00 - 20.00'''

'''Schedule'''

'''18.00 Welcome and recent activities. Antti Laulajainen '''

'''18.05 Web Hacking Workshop, Anssi Porttikivi, Senior ICT Advisor KPMG/Teleware'''

*KPMG Oy IT Security Advisory marketing presentation 15 min
*Web hacking exercises and demonstrations in a laboratory class (using WebGoat and WebScarab tools)

'''Snacks available. Send your reservations to Anssi's mail address, anssi.porttikivi@kpmg.fi. Room for 20 participants.'''

'''Note! Be in time, because the reception closes at 18.'''

== OWASP Goes! CERT-FI, Thursday, June 12th 2008 ==

'''Location: Viestintävirasto, Itämerenkatu 3 A, 00180 Helsinki and One Pint Pub Santakatu 2, 00180 Helsinki'''

'''Time: 16.00 - 20.00'''

'''Schedule'''

'''16.00 Welcome and recent activities. Antti Laulajainen '''

'''16.10 Introduction of CERT-FI. Juhani Eronen, Information Security Adviser, CERT-FI'''

'''16.30 Vulnerability coordination. Juhani Eronen'''
* CERT-FI as a vulnerability coordinator
* Coordination examples

'''18.00 Possibility to continue the evening at the One Pint Pub'''
* If someone fancies a (self-financed) beer

'''Viestintävirasto asks those who wish to participate to the meeting to register in advance. For registrations please contact CERT-FI Unit Secretary Virpi Hienonen (virpi.hienonen(at)ficora.fi). The deadline is June 6, 2008.'''

== OWASP Helsinki Chapter meeting/Get Together #6 Tuesday, May 13th 2008 ==

Thank you for attending.

You can download the presentation here''' https://www.owasp.org/images/7/70/OWASP_HelsinkiChapter_130508.pdf

Coverage of the event in local news (Finnish only) http://mikropc.net/uutiset/index.jsp?categoryId=atk&day=20080514#w2008051411524012715

'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki and Ravintola Kaisla, Vilhonkatu 4, 00100 Helsinki'''

'''Time: 16.00 - 20.00'''

Welcome to spring meeting 2008.

'''Schedule'''

'''16.00 - 16.10 OWASP update. Antti Laulajainen'''

'''16.10-17.00 Notes From The field, OWASP tools and usage experiences, Jarkko Holappa & Antti Laulajainen'''

'''17.30 - 20.00 Drinks at Ravintola Kaisla (Bring Your Own Wallet)'''

Hope to see as many of you as possible!

== OWASP Helsinki Chapter meeting #5 Tuesday, March 11th 2008 ==
'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki.'''

'''Time: 18.30 - 20.30'''

Welcome to first meeting of 2008. OWASP Helsinki resumes activities after winter break.

We are pleased to have as a speaker Technology Manager of Nokia Product Security, Alexandr Seleznyov. His topic will be current state of application security.

'''Schedule'''

'''18.30 - 18.40 OWASP update. Antti Laulajainen'''

'''18.40 - 20.30 Current State of Application Security. Alexandr Seleznyov'''

Hope to see as many of you as possible!

== OWASP Helsinki & RWSUG Seminar Tuesday, January 29th 2008 ==
'''Location: IBM, Laajalahdentie 23, 00330 Helsinki.'''
'''Time: 11.15 - 19.00'''

OWASP Helsinki and Rational and Websphere User Group Finland RWSUG are aiming to co-operate to raise application security awareness. OWASP Helsinki will have a presentation in RWSUG agility seminar. More information from http://www.rwsug.fi/default.asp?path=1,39,385

'''You can download the presentation here''' https://www.owasp.org/images/c/cd/RWSUG5_Agile_Security_Management.pdf

See program below. Most of it is Finnish only
*11.15 Ilmoittautuminen alkaa
*11.15-12.00 Buffet-lounas
*12.00-12.10 Tilaisuuden avaus Jussi Jutila, Puheenjohtaja, RWSUG ry

KEYNOTE

*12.10-13.30 Scaling Agile Software Development: Strategies for Applying Agile in Complex Situations Scott W. Ambler, Practice Leader Agile Development, IBM Canada
*13.30-13.45 Kahvitauko
*13.45-15.30 SOA liiketoiminnan näkökulmasta ja SOA toteutuksen näkökulmasta kansainvälisessa hankkeessa Kari Laine, IT Architect, IF ja Jarmo Laine, Senior Software Architect,Primasoft
*15.30-15.45 Tauko
*15.45-16.30 Ketterä tietoturvan hallinta ohjelmistotuotannossa Reijo Savola, VTT
*16.30-17.15 Jazz Update IBM
*17.15-19.00 Iltapalaa ja verkostoitumista IBM Forumissa
 

== OWASP Helsinki Introduction to ISACA Finland Thursday January 24th 2008 ==
OWASP Helsinki participated in ISACA Finland meeting to raise application security awareness among system auditors and inspectors.
 A presentation was held that introduced basic web techniques, some security issues, OWASP in general, OWASP projects and OWASP Helsinki chapter.
 
'''You can download the presentation here''': https://www.owasp.org/images/e/e4/OWASP_ISACA_20080124.pdf (Finnish Only)
 

== OWASP Helsinki meeting #4 Fall 2007 with Mark Curphey, Tuesday, October 2 2007 ==
'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki.'''

Thank you for all participants and Mark from great presentation.

Coverage of the meeting in the local news (in Finnish):
http://mikropc.net/uutiset/index.jsp?categoryId=atk&day=20071003#w2007100315112711629

We are delighted to have Mark Curphey - the OWASP founder and new head of Microsoft's ACE (Application Consulting & Engineering) team in Europe - to visit Finland and discuss web app security with us. Hopefully as many as of you possible can participate!

'''18:30 Welcome and recent Helsinki chapter activities. Antti Laulajainen'''

'''18:40 Naked Software Security. Mark Curphey'''
*Commentary on how to build secure software
*Thoughts on the industry

'''WELCOME!'''

== OWASP Helsinki meeting #3 Summer 2007: "SOA, Web Services & XML Security", Tuesday, June 5th 2007 ==

Date: June 5th

Location: Smilehouse, Itälahdenkatu 22A (Stonesoft building), Lauttasaari.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/tietoturva_docview.jsp?f_id=1186167

'''19:00 Welcome & quick recap of recent OWASP activity and the Spring conference. Mikko Saario.'''

'''19:15 Gunnar Peterson, CTO Arctec Group and project lead for the OWASP "XML Security Gateway Evaluation Criteria".'''

Gunnar will be visiting Finland to provide training via Tietoturva ry on this subject. Topics to be covered:
* XML Security Gateways
* Message level threats and security countermeasures in Web services
* OWASP XML Security Gateway Evaluation Criteria Project

'''20:15 "Real-life usage of OWASP tools". Alexandr Seleznyov, Nokia Product Security.'''

(There is a chance Alex cannot make it. In that case we will discuss SOA stuff in more detail or just head off to bar earlier.)

'''20:45 Enter Bar 52...'''
--> Enjoy (sponsored) beverages.

== OWASP Helsinki meeting #2 Winter 2007, Web Application Firewalls, Thursday, February 22 2007 ==

Thank you for the 29 participants, the speakers and the host - Nixu - for making this event happen!

'''Location: Nixu, Mäkelänkatu 91, 00601 Helsinki.'''

What are Web Application Firewalls (WAF), how do they work, what do they do and what don't they do. Discussion and sharing of experiences of various technologies and products.

'''18.30 Welcome. Mikko Saario, Chapter Leader.'''

Today's topic and agenda in short.

'''18.35 "Web Application Firewalls Technical Analysis". Joakim Sandström, CTO nSense.'''

http://www.owasp.org/images/6/6a/Owasp_waf_joakim.pdf

- Technology

- Blacklisting & Whitelisting

- mod_security features

- Do's and Don'ts

'''19.30 "The Core Rule Sets". Ofer Shezaf, CTO Breach Security.'''

http://www.owasp.org/images/f/f4/The_Core_Rule_Set_-_Ofer.pdf

- WAF deployment and protection strategies

- Detection of generic web layer attacks

- Virtual patching

== OWASP Helsinki meeting #1, Tuesday, Dec 12 2006 at Ernst & Young ==

The Helsinki chapter had the first meeting at Ernst & Young office in Elielinaukio 5 B. The agenda and the presentations for the meeting are below. We had a good turnout: 22 people were present i.e. all seats were taken - we were very happy to see all these people to be interested in application security issues.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/doc.do?f_id=1083463

'''18:30 Welcome. What is OWASP and why OWASP Helsinki?'''

Mikko Saario made a short presentation about OWASP and the objective for the local Helsinki chapter.

'''19:00 Analyzing Threats (Olli Wiren; olli [at] juurihoito.org)'''

Olli Wiren discussed application related threats and corresponding security issues.

http://www.owasp.org/images/7/7c/Owasp-olli.pdf

'''19:45 Open discussion regarding OWASP Helsinki; what is expected or wished; how to go ahead and so forth.'''

There was a lively discussion regarding what type of activities should be arranged in the future. More details will follow...

Helsinki

2008-11-06T20:47:28Z

Msaario: /* OWASP Helsinki Meeting: Tuesday November 11 */

{{Chapter Template|chaptername=Helsinki|extra=The chapter leader is [mailto:antti@owasp.org Antti Laulajainen]
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-helsinki|emailarchives=http://lists.owasp.org/pipermail/owasp-helsinki}}

<paypal>Helsinki</paypal>

== Local News ==

'''Welcome to the OWASP Helsinki Chapter'''

The plan is to meet at least three to four times a year, each lasting 1,5-3 hours (more active "hands" means more meetings). This chapter is based in the capital area and therefore the meetings will be in or around Helsinki.

If you wish to present at one of the meetings or have any other inquiries, please contact the chapter leader.

== Current Activities ==

Currently OWASP Helsinki is working on the following tasks:
*[[Top 10 2007 Finnish]] aim to translate OWASP Top 10 list in Finnish

== OWASP Helsinki Meeting: Tuesday November 11 ==

'''Location: Nokia Ruoholahti, Itämerenkatu 11-13, 00180 Helsinki'''

'''Time: 17:00-18:30'''

'''Schedule''' 

'''17:00 Welcome by Anssi Laulajainen, OWASP Chapter Leader'''

*Current state and progress of OWASP Top 10 Finnish translation

'''17:20 Antti Vähä-Sipilä, Nokia: SAFECode'''

*Introduction and overview of SAFECode (The Software Assurance Forum for Excellence in Code)
*SAFECode publications

'''17:40 Juhani Eronen, CERT-FI: Lifecycle of a security vulnerability'''

*Microsoft MS08-067 (Vulnerability in Server Service Could Allow Remote Code Execution), its history (MS06-040) and exploitation.

'''Discussion'''

'''18:30 or so'''

* Enjoy local establishments at own risk & cost [cerveza, aqua con gas, etc]

''' PLEASE REGISTER WITH: mikko . saario at nokia . com (we have reserved snacks for 25 people)'''

== OWASP Helsinki Web Hacking Workshop, Tuesday September 10th 2008 ==

'''Location: Teleware / KPMG, Laajalahdentie 23, 6. floor, reception at the ground floor, 00330 Helsinki'''

'''Time: 18.00 - 20.00'''

'''Schedule'''

'''18.00 Welcome and recent activities. Antti Laulajainen '''

'''18.05 Web Hacking Workshop, Anssi Porttikivi, Senior ICT Advisor KPMG/Teleware'''

*KPMG Oy IT Security Advisory marketing presentation 15 min
*Web hacking exercises and demonstrations in a laboratory class (using WebGoat and WebScarab tools)

'''Snacks available. Send your reservations to Anssi's mail address, anssi.porttikivi@kpmg.fi. Room for 20 participants.'''

'''Note! Be in time, because the reception closes at 18.'''

== OWASP Goes! CERT-FI, Thursday, June 12th 2008 ==

'''Location: Viestintävirasto, Itämerenkatu 3 A, 00180 Helsinki and One Pint Pub Santakatu 2, 00180 Helsinki'''

'''Time: 16.00 - 20.00'''

'''Schedule'''

'''16.00 Welcome and recent activities. Antti Laulajainen '''

'''16.10 Introduction of CERT-FI. Juhani Eronen, Information Security Adviser, CERT-FI'''

'''16.30 Vulnerability coordination. Juhani Eronen'''
* CERT-FI as a vulnerability coordinator
* Coordination examples

'''18.00 Possibility to continue the evening at the One Pint Pub'''
* If someone fancies a (self-financed) beer

'''Viestintävirasto asks those who wish to participate to the meeting to register in advance. For registrations please contact CERT-FI Unit Secretary Virpi Hienonen (virpi.hienonen(at)ficora.fi). The deadline is June 6, 2008.'''

== OWASP Helsinki Chapter meeting/Get Together #6 Tuesday, May 13th 2008 ==

Thank you for attending.

You can download the presentation here''' https://www.owasp.org/images/7/70/OWASP_HelsinkiChapter_130508.pdf

Coverage of the event in local news (Finnish only) http://mikropc.net/uutiset/index.jsp?categoryId=atk&day=20080514#w2008051411524012715

'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki and Ravintola Kaisla, Vilhonkatu 4, 00100 Helsinki'''

'''Time: 16.00 - 20.00'''

Welcome to spring meeting 2008.

'''Schedule'''

'''16.00 - 16.10 OWASP update. Antti Laulajainen'''

'''16.10-17.00 Notes From The field, OWASP tools and usage experiences, Jarkko Holappa & Antti Laulajainen'''

'''17.30 - 20.00 Drinks at Ravintola Kaisla (Bring Your Own Wallet)'''

Hope to see as many of you as possible!

== OWASP Helsinki Chapter meeting #5 Tuesday, March 11th 2008 ==
'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki.'''

'''Time: 18.30 - 20.30'''

Welcome to first meeting of 2008. OWASP Helsinki resumes activities after winter break.

We are pleased to have as a speaker Technology Manager of Nokia Product Security, Alexandr Seleznyov. His topic will be current state of application security.

'''Schedule'''

'''18.30 - 18.40 OWASP update. Antti Laulajainen'''

'''18.40 - 20.30 Current State of Application Security. Alexandr Seleznyov'''

Hope to see as many of you as possible!

== OWASP Helsinki & RWSUG Seminar Tuesday, January 29th 2008 ==
'''Location: IBM, Laajalahdentie 23, 00330 Helsinki.'''
'''Time: 11.15 - 19.00'''

OWASP Helsinki and Rational and Websphere User Group Finland RWSUG are aiming to co-operate to raise application security awareness. OWASP Helsinki will have a presentation in RWSUG agility seminar. More information from http://www.rwsug.fi/default.asp?path=1,39,385

'''You can download the presentation here''' https://www.owasp.org/images/c/cd/RWSUG5_Agile_Security_Management.pdf

See program below. Most of it is Finnish only
*11.15 Ilmoittautuminen alkaa
*11.15-12.00 Buffet-lounas
*12.00-12.10 Tilaisuuden avaus Jussi Jutila, Puheenjohtaja, RWSUG ry

KEYNOTE

*12.10-13.30 Scaling Agile Software Development: Strategies for Applying Agile in Complex Situations Scott W. Ambler, Practice Leader Agile Development, IBM Canada
*13.30-13.45 Kahvitauko
*13.45-15.30 SOA liiketoiminnan näkökulmasta ja SOA toteutuksen näkökulmasta kansainvälisessa hankkeessa Kari Laine, IT Architect, IF ja Jarmo Laine, Senior Software Architect,Primasoft
*15.30-15.45 Tauko
*15.45-16.30 Ketterä tietoturvan hallinta ohjelmistotuotannossa Reijo Savola, VTT
*16.30-17.15 Jazz Update IBM
*17.15-19.00 Iltapalaa ja verkostoitumista IBM Forumissa
 

== OWASP Helsinki Introduction to ISACA Finland Thursday January 24th 2008 ==
OWASP Helsinki participated in ISACA Finland meeting to raise application security awareness among system auditors and inspectors.
 A presentation was held that introduced basic web techniques, some security issues, OWASP in general, OWASP projects and OWASP Helsinki chapter.
 
'''You can download the presentation here''': https://www.owasp.org/images/e/e4/OWASP_ISACA_20080124.pdf (Finnish Only)
 

== OWASP Helsinki meeting #4 Fall 2007 with Mark Curphey, Tuesday, October 2 2007 ==
'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki.'''

Thank you for all participants and Mark from great presentation.

Coverage of the meeting in the local news (in Finnish):
http://mikropc.net/uutiset/index.jsp?categoryId=atk&day=20071003#w2007100315112711629

We are delighted to have Mark Curphey - the OWASP founder and new head of Microsoft's ACE (Application Consulting & Engineering) team in Europe - to visit Finland and discuss web app security with us. Hopefully as many as of you possible can participate!

'''18:30 Welcome and recent Helsinki chapter activities. Antti Laulajainen'''

'''18:40 Naked Software Security. Mark Curphey'''
*Commentary on how to build secure software
*Thoughts on the industry

'''WELCOME!'''

== OWASP Helsinki meeting #3 Summer 2007: "SOA, Web Services & XML Security", Tuesday, June 5th 2007 ==

Date: June 5th

Location: Smilehouse, Itälahdenkatu 22A (Stonesoft building), Lauttasaari.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/tietoturva_docview.jsp?f_id=1186167

'''19:00 Welcome & quick recap of recent OWASP activity and the Spring conference. Mikko Saario.'''

'''19:15 Gunnar Peterson, CTO Arctec Group and project lead for the OWASP "XML Security Gateway Evaluation Criteria".'''

Gunnar will be visiting Finland to provide training via Tietoturva ry on this subject. Topics to be covered:
* XML Security Gateways
* Message level threats and security countermeasures in Web services
* OWASP XML Security Gateway Evaluation Criteria Project

'''20:15 "Real-life usage of OWASP tools". Alexandr Seleznyov, Nokia Product Security.'''

(There is a chance Alex cannot make it. In that case we will discuss SOA stuff in more detail or just head off to bar earlier.)

'''20:45 Enter Bar 52...'''
--> Enjoy (sponsored) beverages.

== OWASP Helsinki meeting #2 Winter 2007, Web Application Firewalls, Thursday, February 22 2007 ==

Thank you for the 29 participants, the speakers and the host - Nixu - for making this event happen!

'''Location: Nixu, Mäkelänkatu 91, 00601 Helsinki.'''

What are Web Application Firewalls (WAF), how do they work, what do they do and what don't they do. Discussion and sharing of experiences of various technologies and products.

'''18.30 Welcome. Mikko Saario, Chapter Leader.'''

Today's topic and agenda in short.

'''18.35 "Web Application Firewalls Technical Analysis". Joakim Sandström, CTO nSense.'''

http://www.owasp.org/images/6/6a/Owasp_waf_joakim.pdf

- Technology

- Blacklisting & Whitelisting

- mod_security features

- Do's and Don'ts

'''19.30 "The Core Rule Sets". Ofer Shezaf, CTO Breach Security.'''

http://www.owasp.org/images/f/f4/The_Core_Rule_Set_-_Ofer.pdf

- WAF deployment and protection strategies

- Detection of generic web layer attacks

- Virtual patching

== OWASP Helsinki meeting #1, Tuesday, Dec 12 2006 at Ernst & Young ==

The Helsinki chapter had the first meeting at Ernst & Young office in Elielinaukio 5 B. The agenda and the presentations for the meeting are below. We had a good turnout: 22 people were present i.e. all seats were taken - we were very happy to see all these people to be interested in application security issues.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/doc.do?f_id=1083463

'''18:30 Welcome. What is OWASP and why OWASP Helsinki?'''

Mikko Saario made a short presentation about OWASP and the objective for the local Helsinki chapter.

'''19:00 Analyzing Threats (Olli Wiren; olli [at] juurihoito.org)'''

Olli Wiren discussed application related threats and corresponding security issues.

http://www.owasp.org/images/7/7c/Owasp-olli.pdf

'''19:45 Open discussion regarding OWASP Helsinki; what is expected or wished; how to go ahead and so forth.'''

There was a lively discussion regarding what type of activities should be arranged in the future. More details will follow...

Helsinki

2008-11-06T20:46:16Z

Msaario: /* OWASP Helsinki Meeting: Tuesday November 11 */

{{Chapter Template|chaptername=Helsinki|extra=The chapter leader is [mailto:antti@owasp.org Antti Laulajainen]
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-helsinki|emailarchives=http://lists.owasp.org/pipermail/owasp-helsinki}}

<paypal>Helsinki</paypal>

== Local News ==

'''Welcome to the OWASP Helsinki Chapter'''

The plan is to meet at least three to four times a year, each lasting 1,5-3 hours (more active "hands" means more meetings). This chapter is based in the capital area and therefore the meetings will be in or around Helsinki.

If you wish to present at one of the meetings or have any other inquiries, please contact the chapter leader.

== Current Activities ==

Currently OWASP Helsinki is working on the following tasks:
*[[Top 10 2007 Finnish]] aim to translate OWASP Top 10 list in Finnish

== OWASP Helsinki Meeting: Tuesday November 11 ==

'''Location: Nokia Ruoholahti, Itämerenkatu 11-13, 00180 Helsinki'''

'''Time: 17:00-18:30'''

'''Schedule''' 

'''17:00 Welcome by Anssi Laulajainen, OWASP Chapter Leader'''

*Current state and progress of OWASP Top 10 Finnish translation

'''17:20 Antti Vähä-Sipilä, Nokia: SAFECode'''

*Introduction and overview of SAFECode
*SAFECode publications

'''17:40 Juhani Eronen, CERT-FI: Lifecycle of a security vulnerability'''

*Microsoft MS08-067 (Vulnerability in Server Service Could Allow Remote Code Execution), its history (MS06-040) and exploitation.

'''Discussion'''

'''18:30 or so'''

* Enjoy local establishments at own risk & cost [cerveza, aqua con gas, etc]

''' PLEASE REGISTER WITH: mikko . saario at nokia . com (we have reserved snacks for 25 people)'''

== OWASP Helsinki Web Hacking Workshop, Tuesday September 10th 2008 ==

'''Location: Teleware / KPMG, Laajalahdentie 23, 6. floor, reception at the ground floor, 00330 Helsinki'''

'''Time: 18.00 - 20.00'''

'''Schedule'''

'''18.00 Welcome and recent activities. Antti Laulajainen '''

'''18.05 Web Hacking Workshop, Anssi Porttikivi, Senior ICT Advisor KPMG/Teleware'''

*KPMG Oy IT Security Advisory marketing presentation 15 min
*Web hacking exercises and demonstrations in a laboratory class (using WebGoat and WebScarab tools)

'''Snacks available. Send your reservations to Anssi's mail address, anssi.porttikivi@kpmg.fi. Room for 20 participants.'''

'''Note! Be in time, because the reception closes at 18.'''

== OWASP Goes! CERT-FI, Thursday, June 12th 2008 ==

'''Location: Viestintävirasto, Itämerenkatu 3 A, 00180 Helsinki and One Pint Pub Santakatu 2, 00180 Helsinki'''

'''Time: 16.00 - 20.00'''

'''Schedule'''

'''16.00 Welcome and recent activities. Antti Laulajainen '''

'''16.10 Introduction of CERT-FI. Juhani Eronen, Information Security Adviser, CERT-FI'''

'''16.30 Vulnerability coordination. Juhani Eronen'''
* CERT-FI as a vulnerability coordinator
* Coordination examples

'''18.00 Possibility to continue the evening at the One Pint Pub'''
* If someone fancies a (self-financed) beer

'''Viestintävirasto asks those who wish to participate to the meeting to register in advance. For registrations please contact CERT-FI Unit Secretary Virpi Hienonen (virpi.hienonen(at)ficora.fi). The deadline is June 6, 2008.'''

== OWASP Helsinki Chapter meeting/Get Together #6 Tuesday, May 13th 2008 ==

Thank you for attending.

You can download the presentation here''' https://www.owasp.org/images/7/70/OWASP_HelsinkiChapter_130508.pdf

Coverage of the event in local news (Finnish only) http://mikropc.net/uutiset/index.jsp?categoryId=atk&day=20080514#w2008051411524012715

'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki and Ravintola Kaisla, Vilhonkatu 4, 00100 Helsinki'''

'''Time: 16.00 - 20.00'''

Welcome to spring meeting 2008.

'''Schedule'''

'''16.00 - 16.10 OWASP update. Antti Laulajainen'''

'''16.10-17.00 Notes From The field, OWASP tools and usage experiences, Jarkko Holappa & Antti Laulajainen'''

'''17.30 - 20.00 Drinks at Ravintola Kaisla (Bring Your Own Wallet)'''

Hope to see as many of you as possible!

== OWASP Helsinki Chapter meeting #5 Tuesday, March 11th 2008 ==
'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki.'''

'''Time: 18.30 - 20.30'''

Welcome to first meeting of 2008. OWASP Helsinki resumes activities after winter break.

We are pleased to have as a speaker Technology Manager of Nokia Product Security, Alexandr Seleznyov. His topic will be current state of application security.

'''Schedule'''

'''18.30 - 18.40 OWASP update. Antti Laulajainen'''

'''18.40 - 20.30 Current State of Application Security. Alexandr Seleznyov'''

Hope to see as many of you as possible!

== OWASP Helsinki & RWSUG Seminar Tuesday, January 29th 2008 ==
'''Location: IBM, Laajalahdentie 23, 00330 Helsinki.'''
'''Time: 11.15 - 19.00'''

OWASP Helsinki and Rational and Websphere User Group Finland RWSUG are aiming to co-operate to raise application security awareness. OWASP Helsinki will have a presentation in RWSUG agility seminar. More information from http://www.rwsug.fi/default.asp?path=1,39,385

'''You can download the presentation here''' https://www.owasp.org/images/c/cd/RWSUG5_Agile_Security_Management.pdf

See program below. Most of it is Finnish only
*11.15 Ilmoittautuminen alkaa
*11.15-12.00 Buffet-lounas
*12.00-12.10 Tilaisuuden avaus Jussi Jutila, Puheenjohtaja, RWSUG ry

KEYNOTE

*12.10-13.30 Scaling Agile Software Development: Strategies for Applying Agile in Complex Situations Scott W. Ambler, Practice Leader Agile Development, IBM Canada
*13.30-13.45 Kahvitauko
*13.45-15.30 SOA liiketoiminnan näkökulmasta ja SOA toteutuksen näkökulmasta kansainvälisessa hankkeessa Kari Laine, IT Architect, IF ja Jarmo Laine, Senior Software Architect,Primasoft
*15.30-15.45 Tauko
*15.45-16.30 Ketterä tietoturvan hallinta ohjelmistotuotannossa Reijo Savola, VTT
*16.30-17.15 Jazz Update IBM
*17.15-19.00 Iltapalaa ja verkostoitumista IBM Forumissa
 

== OWASP Helsinki Introduction to ISACA Finland Thursday January 24th 2008 ==
OWASP Helsinki participated in ISACA Finland meeting to raise application security awareness among system auditors and inspectors.
 A presentation was held that introduced basic web techniques, some security issues, OWASP in general, OWASP projects and OWASP Helsinki chapter.
 
'''You can download the presentation here''': https://www.owasp.org/images/e/e4/OWASP_ISACA_20080124.pdf (Finnish Only)
 

== OWASP Helsinki meeting #4 Fall 2007 with Mark Curphey, Tuesday, October 2 2007 ==
'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki.'''

Thank you for all participants and Mark from great presentation.

Coverage of the meeting in the local news (in Finnish):
http://mikropc.net/uutiset/index.jsp?categoryId=atk&day=20071003#w2007100315112711629

We are delighted to have Mark Curphey - the OWASP founder and new head of Microsoft's ACE (Application Consulting & Engineering) team in Europe - to visit Finland and discuss web app security with us. Hopefully as many as of you possible can participate!

'''18:30 Welcome and recent Helsinki chapter activities. Antti Laulajainen'''

'''18:40 Naked Software Security. Mark Curphey'''
*Commentary on how to build secure software
*Thoughts on the industry

'''WELCOME!'''

== OWASP Helsinki meeting #3 Summer 2007: "SOA, Web Services & XML Security", Tuesday, June 5th 2007 ==

Date: June 5th

Location: Smilehouse, Itälahdenkatu 22A (Stonesoft building), Lauttasaari.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/tietoturva_docview.jsp?f_id=1186167

'''19:00 Welcome & quick recap of recent OWASP activity and the Spring conference. Mikko Saario.'''

'''19:15 Gunnar Peterson, CTO Arctec Group and project lead for the OWASP "XML Security Gateway Evaluation Criteria".'''

Gunnar will be visiting Finland to provide training via Tietoturva ry on this subject. Topics to be covered:
* XML Security Gateways
* Message level threats and security countermeasures in Web services
* OWASP XML Security Gateway Evaluation Criteria Project

'''20:15 "Real-life usage of OWASP tools". Alexandr Seleznyov, Nokia Product Security.'''

(There is a chance Alex cannot make it. In that case we will discuss SOA stuff in more detail or just head off to bar earlier.)

'''20:45 Enter Bar 52...'''
--> Enjoy (sponsored) beverages.

== OWASP Helsinki meeting #2 Winter 2007, Web Application Firewalls, Thursday, February 22 2007 ==

Thank you for the 29 participants, the speakers and the host - Nixu - for making this event happen!

'''Location: Nixu, Mäkelänkatu 91, 00601 Helsinki.'''

What are Web Application Firewalls (WAF), how do they work, what do they do and what don't they do. Discussion and sharing of experiences of various technologies and products.

'''18.30 Welcome. Mikko Saario, Chapter Leader.'''

Today's topic and agenda in short.

'''18.35 "Web Application Firewalls Technical Analysis". Joakim Sandström, CTO nSense.'''

http://www.owasp.org/images/6/6a/Owasp_waf_joakim.pdf

- Technology

- Blacklisting & Whitelisting

- mod_security features

- Do's and Don'ts

'''19.30 "The Core Rule Sets". Ofer Shezaf, CTO Breach Security.'''

http://www.owasp.org/images/f/f4/The_Core_Rule_Set_-_Ofer.pdf

- WAF deployment and protection strategies

- Detection of generic web layer attacks

- Virtual patching

== OWASP Helsinki meeting #1, Tuesday, Dec 12 2006 at Ernst & Young ==

The Helsinki chapter had the first meeting at Ernst & Young office in Elielinaukio 5 B. The agenda and the presentations for the meeting are below. We had a good turnout: 22 people were present i.e. all seats were taken - we were very happy to see all these people to be interested in application security issues.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/doc.do?f_id=1083463

'''18:30 Welcome. What is OWASP and why OWASP Helsinki?'''

Mikko Saario made a short presentation about OWASP and the objective for the local Helsinki chapter.

'''19:00 Analyzing Threats (Olli Wiren; olli [at] juurihoito.org)'''

Olli Wiren discussed application related threats and corresponding security issues.

http://www.owasp.org/images/7/7c/Owasp-olli.pdf

'''19:45 Open discussion regarding OWASP Helsinki; what is expected or wished; how to go ahead and so forth.'''

There was a lively discussion regarding what type of activities should be arranged in the future. More details will follow...

Helsinki

2008-11-06T07:38:02Z

Msaario: /* OWASP Helsinki Meeting: Tuesday November 11 */

{{Chapter Template|chaptername=Helsinki|extra=The chapter leader is [mailto:antti@owasp.org Antti Laulajainen]
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-helsinki|emailarchives=http://lists.owasp.org/pipermail/owasp-helsinki}}

<paypal>Helsinki</paypal>

== Local News ==

'''Welcome to the OWASP Helsinki Chapter'''

The plan is to meet at least three to four times a year, each lasting 1,5-3 hours (more active "hands" means more meetings). This chapter is based in the capital area and therefore the meetings will be in or around Helsinki.

If you wish to present at one of the meetings or have any other inquiries, please contact the chapter leader.

== Current Activities ==

Currently OWASP Helsinki is working on the following tasks:
*[[Top 10 2007 Finnish]] aim to translate OWASP Top 10 list in Finnish

== OWASP Helsinki Meeting: Tuesday November 11 ==

'''Location: Nokia Ruoholahti, Itämerenkatu 11-13, 00180 Helsinki'''

'''Time: 17:00-18:30'''

'''Schedule''' 

'''17:00 Welcome by Anssi Laulajainen, OWASP Chapter Leader'''

*Current state and progress of OWASP Top 10 Finnish translation

'''17:20 Juhani Eronen, CERT-FI: Lifecycle of a security vulnerability'''

*Microsoft MS08-067 (Vulnerability in Server Service Could Allow Remote Code Execution), its history (MS06-040) and exploitation.

'''Discussion'''

'''18:30 or so'''

* Enjoy local establishments at own risk & cost [cerveza, aqua con gas, etc]

''' PLEASE REGISTER WITH: mikko . saario at nokia . com (we have reserved snacks for 25 people)'''

== OWASP Helsinki Web Hacking Workshop, Tuesday September 10th 2008 ==

'''Location: Teleware / KPMG, Laajalahdentie 23, 6. floor, reception at the ground floor, 00330 Helsinki'''

'''Time: 18.00 - 20.00'''

'''Schedule'''

'''18.00 Welcome and recent activities. Antti Laulajainen '''

'''18.05 Web Hacking Workshop, Anssi Porttikivi, Senior ICT Advisor KPMG/Teleware'''

*KPMG Oy IT Security Advisory marketing presentation 15 min
*Web hacking exercises and demonstrations in a laboratory class (using WebGoat and WebScarab tools)

'''Snacks available. Send your reservations to Anssi's mail address, anssi.porttikivi@kpmg.fi. Room for 20 participants.'''

'''Note! Be in time, because the reception closes at 18.'''

== OWASP Goes! CERT-FI, Thursday, June 12th 2008 ==

'''Location: Viestintävirasto, Itämerenkatu 3 A, 00180 Helsinki and One Pint Pub Santakatu 2, 00180 Helsinki'''

'''Time: 16.00 - 20.00'''

'''Schedule'''

'''16.00 Welcome and recent activities. Antti Laulajainen '''

'''16.10 Introduction of CERT-FI. Juhani Eronen, Information Security Adviser, CERT-FI'''

'''16.30 Vulnerability coordination. Juhani Eronen'''
* CERT-FI as a vulnerability coordinator
* Coordination examples

'''18.00 Possibility to continue the evening at the One Pint Pub'''
* If someone fancies a (self-financed) beer

'''Viestintävirasto asks those who wish to participate to the meeting to register in advance. For registrations please contact CERT-FI Unit Secretary Virpi Hienonen (virpi.hienonen(at)ficora.fi). The deadline is June 6, 2008.'''

== OWASP Helsinki Chapter meeting/Get Together #6 Tuesday, May 13th 2008 ==

Thank you for attending.

You can download the presentation here''' https://www.owasp.org/images/7/70/OWASP_HelsinkiChapter_130508.pdf

Coverage of the event in local news (Finnish only) http://mikropc.net/uutiset/index.jsp?categoryId=atk&day=20080514#w2008051411524012715

'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki and Ravintola Kaisla, Vilhonkatu 4, 00100 Helsinki'''

'''Time: 16.00 - 20.00'''

Welcome to spring meeting 2008.

'''Schedule'''

'''16.00 - 16.10 OWASP update. Antti Laulajainen'''

'''16.10-17.00 Notes From The field, OWASP tools and usage experiences, Jarkko Holappa & Antti Laulajainen'''

'''17.30 - 20.00 Drinks at Ravintola Kaisla (Bring Your Own Wallet)'''

Hope to see as many of you as possible!

== OWASP Helsinki Chapter meeting #5 Tuesday, March 11th 2008 ==
'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki.'''

'''Time: 18.30 - 20.30'''

Welcome to first meeting of 2008. OWASP Helsinki resumes activities after winter break.

We are pleased to have as a speaker Technology Manager of Nokia Product Security, Alexandr Seleznyov. His topic will be current state of application security.

'''Schedule'''

'''18.30 - 18.40 OWASP update. Antti Laulajainen'''

'''18.40 - 20.30 Current State of Application Security. Alexandr Seleznyov'''

Hope to see as many of you as possible!

== OWASP Helsinki & RWSUG Seminar Tuesday, January 29th 2008 ==
'''Location: IBM, Laajalahdentie 23, 00330 Helsinki.'''
'''Time: 11.15 - 19.00'''

OWASP Helsinki and Rational and Websphere User Group Finland RWSUG are aiming to co-operate to raise application security awareness. OWASP Helsinki will have a presentation in RWSUG agility seminar. More information from http://www.rwsug.fi/default.asp?path=1,39,385

'''You can download the presentation here''' https://www.owasp.org/images/c/cd/RWSUG5_Agile_Security_Management.pdf

See program below. Most of it is Finnish only
*11.15 Ilmoittautuminen alkaa
*11.15-12.00 Buffet-lounas
*12.00-12.10 Tilaisuuden avaus Jussi Jutila, Puheenjohtaja, RWSUG ry

KEYNOTE

*12.10-13.30 Scaling Agile Software Development: Strategies for Applying Agile in Complex Situations Scott W. Ambler, Practice Leader Agile Development, IBM Canada
*13.30-13.45 Kahvitauko
*13.45-15.30 SOA liiketoiminnan näkökulmasta ja SOA toteutuksen näkökulmasta kansainvälisessa hankkeessa Kari Laine, IT Architect, IF ja Jarmo Laine, Senior Software Architect,Primasoft
*15.30-15.45 Tauko
*15.45-16.30 Ketterä tietoturvan hallinta ohjelmistotuotannossa Reijo Savola, VTT
*16.30-17.15 Jazz Update IBM
*17.15-19.00 Iltapalaa ja verkostoitumista IBM Forumissa
 

== OWASP Helsinki Introduction to ISACA Finland Thursday January 24th 2008 ==
OWASP Helsinki participated in ISACA Finland meeting to raise application security awareness among system auditors and inspectors.
 A presentation was held that introduced basic web techniques, some security issues, OWASP in general, OWASP projects and OWASP Helsinki chapter.
 
'''You can download the presentation here''': https://www.owasp.org/images/e/e4/OWASP_ISACA_20080124.pdf (Finnish Only)
 

== OWASP Helsinki meeting #4 Fall 2007 with Mark Curphey, Tuesday, October 2 2007 ==
'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki.'''

Thank you for all participants and Mark from great presentation.

Coverage of the meeting in the local news (in Finnish):
http://mikropc.net/uutiset/index.jsp?categoryId=atk&day=20071003#w2007100315112711629

We are delighted to have Mark Curphey - the OWASP founder and new head of Microsoft's ACE (Application Consulting & Engineering) team in Europe - to visit Finland and discuss web app security with us. Hopefully as many as of you possible can participate!

'''18:30 Welcome and recent Helsinki chapter activities. Antti Laulajainen'''

'''18:40 Naked Software Security. Mark Curphey'''
*Commentary on how to build secure software
*Thoughts on the industry

'''WELCOME!'''

== OWASP Helsinki meeting #3 Summer 2007: "SOA, Web Services & XML Security", Tuesday, June 5th 2007 ==

Date: June 5th

Location: Smilehouse, Itälahdenkatu 22A (Stonesoft building), Lauttasaari.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/tietoturva_docview.jsp?f_id=1186167

'''19:00 Welcome & quick recap of recent OWASP activity and the Spring conference. Mikko Saario.'''

'''19:15 Gunnar Peterson, CTO Arctec Group and project lead for the OWASP "XML Security Gateway Evaluation Criteria".'''

Gunnar will be visiting Finland to provide training via Tietoturva ry on this subject. Topics to be covered:
* XML Security Gateways
* Message level threats and security countermeasures in Web services
* OWASP XML Security Gateway Evaluation Criteria Project

'''20:15 "Real-life usage of OWASP tools". Alexandr Seleznyov, Nokia Product Security.'''

(There is a chance Alex cannot make it. In that case we will discuss SOA stuff in more detail or just head off to bar earlier.)

'''20:45 Enter Bar 52...'''
--> Enjoy (sponsored) beverages.

== OWASP Helsinki meeting #2 Winter 2007, Web Application Firewalls, Thursday, February 22 2007 ==

Thank you for the 29 participants, the speakers and the host - Nixu - for making this event happen!

'''Location: Nixu, Mäkelänkatu 91, 00601 Helsinki.'''

What are Web Application Firewalls (WAF), how do they work, what do they do and what don't they do. Discussion and sharing of experiences of various technologies and products.

'''18.30 Welcome. Mikko Saario, Chapter Leader.'''

Today's topic and agenda in short.

'''18.35 "Web Application Firewalls Technical Analysis". Joakim Sandström, CTO nSense.'''

http://www.owasp.org/images/6/6a/Owasp_waf_joakim.pdf

- Technology

- Blacklisting & Whitelisting

- mod_security features

- Do's and Don'ts

'''19.30 "The Core Rule Sets". Ofer Shezaf, CTO Breach Security.'''

http://www.owasp.org/images/f/f4/The_Core_Rule_Set_-_Ofer.pdf

- WAF deployment and protection strategies

- Detection of generic web layer attacks

- Virtual patching

== OWASP Helsinki meeting #1, Tuesday, Dec 12 2006 at Ernst & Young ==

The Helsinki chapter had the first meeting at Ernst & Young office in Elielinaukio 5 B. The agenda and the presentations for the meeting are below. We had a good turnout: 22 people were present i.e. all seats were taken - we were very happy to see all these people to be interested in application security issues.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/doc.do?f_id=1083463

'''18:30 Welcome. What is OWASP and why OWASP Helsinki?'''

Mikko Saario made a short presentation about OWASP and the objective for the local Helsinki chapter.

'''19:00 Analyzing Threats (Olli Wiren; olli [at] juurihoito.org)'''

Olli Wiren discussed application related threats and corresponding security issues.

http://www.owasp.org/images/7/7c/Owasp-olli.pdf

'''19:45 Open discussion regarding OWASP Helsinki; what is expected or wished; how to go ahead and so forth.'''

There was a lively discussion regarding what type of activities should be arranged in the future. More details will follow...

Helsinki

2008-11-05T14:58:16Z

Msaario: /* OWASP Helsinki Meeting: <TIME AND PLACE TO BE CONFIRMED> */

{{Chapter Template|chaptername=Helsinki|extra=The chapter leader is [mailto:antti@owasp.org Antti Laulajainen]
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-helsinki|emailarchives=http://lists.owasp.org/pipermail/owasp-helsinki}}

<paypal>Helsinki</paypal>

== Local News ==

'''Welcome to the OWASP Helsinki Chapter'''

The plan is to meet at least three to four times a year, each lasting 1,5-3 hours (more active "hands" means more meetings). This chapter is based in the capital area and therefore the meetings will be in or around Helsinki.

If you wish to present at one of the meetings or have any other inquiries, please contact the chapter leader.

== Current Activities ==

Currently OWASP Helsinki is working on the following tasks:
*[[Top 10 2007 Finnish]] aim to translate OWASP Top 10 list in Finnish

== OWASP Helsinki Meeting: <TIME AND PLACE TO BE CONFIRMED> ==

'''Location: Nokia Ruoholahti, Itämerenkatu 11-13, 00180 Helsinki'''

'''Time: 17:00-18:30'''

'''Schedule''' 

'''17:00 Welcome by Anssi Laulajainen, OWASP Chapter Leader'''

*Current state and progress of OWASP Top 10 Finnish translation

'''17:20 Juhani Eronen, CERT-FI: A recent security vulnerability'''

*Microsoft MS08-067 (Vulnerability in Server Service Could Allow Remote Code Execution), its history (MS06-040) and exploitation.

'''Discussion'''

'''18:30 or so'''

* Enjoy local establishments at own risk & cost [cerveza, aqua con gas, etc]

''' PLEASE REGISTER WITH: mikko . saario at nokia . com (we have reserved snacks for 25 people)'''

== OWASP Helsinki Web Hacking Workshop, Tuesday September 10th 2008 ==

'''Location: Teleware / KPMG, Laajalahdentie 23, 6. floor, reception at the ground floor, 00330 Helsinki'''

'''Time: 18.00 - 20.00'''

'''Schedule'''

'''18.00 Welcome and recent activities. Antti Laulajainen '''

'''18.05 Web Hacking Workshop, Anssi Porttikivi, Senior ICT Advisor KPMG/Teleware'''

*KPMG Oy IT Security Advisory marketing presentation 15 min
*Web hacking exercises and demonstrations in a laboratory class (using WebGoat and WebScarab tools)

'''Snacks available. Send your reservations to Anssi's mail address, anssi.porttikivi@kpmg.fi. Room for 20 participants.'''

'''Note! Be in time, because the reception closes at 18.'''

== OWASP Goes! CERT-FI, Thursday, June 12th 2008 ==

'''Location: Viestintävirasto, Itämerenkatu 3 A, 00180 Helsinki and One Pint Pub Santakatu 2, 00180 Helsinki'''

'''Time: 16.00 - 20.00'''

'''Schedule'''

'''16.00 Welcome and recent activities. Antti Laulajainen '''

'''16.10 Introduction of CERT-FI. Juhani Eronen, Information Security Adviser, CERT-FI'''

'''16.30 Vulnerability coordination. Juhani Eronen'''
* CERT-FI as a vulnerability coordinator
* Coordination examples

'''18.00 Possibility to continue the evening at the One Pint Pub'''
* If someone fancies a (self-financed) beer

'''Viestintävirasto asks those who wish to participate to the meeting to register in advance. For registrations please contact CERT-FI Unit Secretary Virpi Hienonen (virpi.hienonen(at)ficora.fi). The deadline is June 6, 2008.'''

== OWASP Helsinki Chapter meeting/Get Together #6 Tuesday, May 13th 2008 ==

Thank you for attending.

You can download the presentation here''' https://www.owasp.org/images/7/70/OWASP_HelsinkiChapter_130508.pdf

Coverage of the event in local news (Finnish only) http://mikropc.net/uutiset/index.jsp?categoryId=atk&day=20080514#w2008051411524012715

'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki and Ravintola Kaisla, Vilhonkatu 4, 00100 Helsinki'''

'''Time: 16.00 - 20.00'''

Welcome to spring meeting 2008.

'''Schedule'''

'''16.00 - 16.10 OWASP update. Antti Laulajainen'''

'''16.10-17.00 Notes From The field, OWASP tools and usage experiences, Jarkko Holappa & Antti Laulajainen'''

'''17.30 - 20.00 Drinks at Ravintola Kaisla (Bring Your Own Wallet)'''

Hope to see as many of you as possible!

== OWASP Helsinki Chapter meeting #5 Tuesday, March 11th 2008 ==
'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki.'''

'''Time: 18.30 - 20.30'''

Welcome to first meeting of 2008. OWASP Helsinki resumes activities after winter break.

We are pleased to have as a speaker Technology Manager of Nokia Product Security, Alexandr Seleznyov. His topic will be current state of application security.

'''Schedule'''

'''18.30 - 18.40 OWASP update. Antti Laulajainen'''

'''18.40 - 20.30 Current State of Application Security. Alexandr Seleznyov'''

Hope to see as many of you as possible!

== OWASP Helsinki & RWSUG Seminar Tuesday, January 29th 2008 ==
'''Location: IBM, Laajalahdentie 23, 00330 Helsinki.'''
'''Time: 11.15 - 19.00'''

OWASP Helsinki and Rational and Websphere User Group Finland RWSUG are aiming to co-operate to raise application security awareness. OWASP Helsinki will have a presentation in RWSUG agility seminar. More information from http://www.rwsug.fi/default.asp?path=1,39,385

'''You can download the presentation here''' https://www.owasp.org/images/c/cd/RWSUG5_Agile_Security_Management.pdf

See program below. Most of it is Finnish only
*11.15 Ilmoittautuminen alkaa
*11.15-12.00 Buffet-lounas
*12.00-12.10 Tilaisuuden avaus Jussi Jutila, Puheenjohtaja, RWSUG ry

KEYNOTE

*12.10-13.30 Scaling Agile Software Development: Strategies for Applying Agile in Complex Situations Scott W. Ambler, Practice Leader Agile Development, IBM Canada
*13.30-13.45 Kahvitauko
*13.45-15.30 SOA liiketoiminnan näkökulmasta ja SOA toteutuksen näkökulmasta kansainvälisessa hankkeessa Kari Laine, IT Architect, IF ja Jarmo Laine, Senior Software Architect,Primasoft
*15.30-15.45 Tauko
*15.45-16.30 Ketterä tietoturvan hallinta ohjelmistotuotannossa Reijo Savola, VTT
*16.30-17.15 Jazz Update IBM
*17.15-19.00 Iltapalaa ja verkostoitumista IBM Forumissa
 

== OWASP Helsinki Introduction to ISACA Finland Thursday January 24th 2008 ==
OWASP Helsinki participated in ISACA Finland meeting to raise application security awareness among system auditors and inspectors.
 A presentation was held that introduced basic web techniques, some security issues, OWASP in general, OWASP projects and OWASP Helsinki chapter.
 
'''You can download the presentation here''': https://www.owasp.org/images/e/e4/OWASP_ISACA_20080124.pdf (Finnish Only)
 

== OWASP Helsinki meeting #4 Fall 2007 with Mark Curphey, Tuesday, October 2 2007 ==
'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki.'''

Thank you for all participants and Mark from great presentation.

Coverage of the meeting in the local news (in Finnish):
http://mikropc.net/uutiset/index.jsp?categoryId=atk&day=20071003#w2007100315112711629

We are delighted to have Mark Curphey - the OWASP founder and new head of Microsoft's ACE (Application Consulting & Engineering) team in Europe - to visit Finland and discuss web app security with us. Hopefully as many as of you possible can participate!

'''18:30 Welcome and recent Helsinki chapter activities. Antti Laulajainen'''

'''18:40 Naked Software Security. Mark Curphey'''
*Commentary on how to build secure software
*Thoughts on the industry

'''WELCOME!'''

== OWASP Helsinki meeting #3 Summer 2007: "SOA, Web Services & XML Security", Tuesday, June 5th 2007 ==

Date: June 5th

Location: Smilehouse, Itälahdenkatu 22A (Stonesoft building), Lauttasaari.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/tietoturva_docview.jsp?f_id=1186167

'''19:00 Welcome & quick recap of recent OWASP activity and the Spring conference. Mikko Saario.'''

'''19:15 Gunnar Peterson, CTO Arctec Group and project lead for the OWASP "XML Security Gateway Evaluation Criteria".'''

Gunnar will be visiting Finland to provide training via Tietoturva ry on this subject. Topics to be covered:
* XML Security Gateways
* Message level threats and security countermeasures in Web services
* OWASP XML Security Gateway Evaluation Criteria Project

'''20:15 "Real-life usage of OWASP tools". Alexandr Seleznyov, Nokia Product Security.'''

(There is a chance Alex cannot make it. In that case we will discuss SOA stuff in more detail or just head off to bar earlier.)

'''20:45 Enter Bar 52...'''
--> Enjoy (sponsored) beverages.

== OWASP Helsinki meeting #2 Winter 2007, Web Application Firewalls, Thursday, February 22 2007 ==

Thank you for the 29 participants, the speakers and the host - Nixu - for making this event happen!

'''Location: Nixu, Mäkelänkatu 91, 00601 Helsinki.'''

What are Web Application Firewalls (WAF), how do they work, what do they do and what don't they do. Discussion and sharing of experiences of various technologies and products.

'''18.30 Welcome. Mikko Saario, Chapter Leader.'''

Today's topic and agenda in short.

'''18.35 "Web Application Firewalls Technical Analysis". Joakim Sandström, CTO nSense.'''

http://www.owasp.org/images/6/6a/Owasp_waf_joakim.pdf

- Technology

- Blacklisting & Whitelisting

- mod_security features

- Do's and Don'ts

'''19.30 "The Core Rule Sets". Ofer Shezaf, CTO Breach Security.'''

http://www.owasp.org/images/f/f4/The_Core_Rule_Set_-_Ofer.pdf

- WAF deployment and protection strategies

- Detection of generic web layer attacks

- Virtual patching

== OWASP Helsinki meeting #1, Tuesday, Dec 12 2006 at Ernst & Young ==

The Helsinki chapter had the first meeting at Ernst & Young office in Elielinaukio 5 B. The agenda and the presentations for the meeting are below. We had a good turnout: 22 people were present i.e. all seats were taken - we were very happy to see all these people to be interested in application security issues.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/doc.do?f_id=1083463

'''18:30 Welcome. What is OWASP and why OWASP Helsinki?'''

Mikko Saario made a short presentation about OWASP and the objective for the local Helsinki chapter.

'''19:00 Analyzing Threats (Olli Wiren; olli [at] juurihoito.org)'''

Olli Wiren discussed application related threats and corresponding security issues.

http://www.owasp.org/images/7/7c/Owasp-olli.pdf

'''19:45 Open discussion regarding OWASP Helsinki; what is expected or wished; how to go ahead and so forth.'''

There was a lively discussion regarding what type of activities should be arranged in the future. More details will follow...

Helsinki

2008-11-05T14:57:20Z

Msaario: /* OWASP Helsinki Meeting: <TIME AND PLACE TO BE CONFIRMED> */

{{Chapter Template|chaptername=Helsinki|extra=The chapter leader is [mailto:antti@owasp.org Antti Laulajainen]
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-helsinki|emailarchives=http://lists.owasp.org/pipermail/owasp-helsinki}}

<paypal>Helsinki</paypal>

== Local News ==

'''Welcome to the OWASP Helsinki Chapter'''

The plan is to meet at least three to four times a year, each lasting 1,5-3 hours (more active "hands" means more meetings). This chapter is based in the capital area and therefore the meetings will be in or around Helsinki.

If you wish to present at one of the meetings or have any other inquiries, please contact the chapter leader.

== Current Activities ==

Currently OWASP Helsinki is working on the following tasks:
*[[Top 10 2007 Finnish]] aim to translate OWASP Top 10 list in Finnish

== OWASP Helsinki Meeting: <TIME AND PLACE TO BE CONFIRMED> ==

'''Location: Nokia Ruoholahti, Itämerenkatu 11-13, 00180 Helsinki'''

'''Time: 17:00-18:30'''

'''Schedule''' 

'''17:00 Welcome by Anssi Laulajainen, OWASP Chapter Leader'''

*Current state and progress of OWASP Top 10 Finnish translation

'''17:20 Juhani Eronen, CERT-FI: A recent security vulnerability'''

*Microsoft MS08-067 (Vulnerability in Server Service Could Allow Remote Code Execution), its history (MS06-040) and exploitation.

'''Discussion'''

'''18:30 or so'''

* Enjoy local establishments at own risk :) [cerveza etc]

''' PLEASE REGISTER WITH: mikko . saario at nokia . com (we have reserved snacks for 25 people)'''

== OWASP Helsinki Web Hacking Workshop, Tuesday September 10th 2008 ==

'''Location: Teleware / KPMG, Laajalahdentie 23, 6. floor, reception at the ground floor, 00330 Helsinki'''

'''Time: 18.00 - 20.00'''

'''Schedule'''

'''18.00 Welcome and recent activities. Antti Laulajainen '''

'''18.05 Web Hacking Workshop, Anssi Porttikivi, Senior ICT Advisor KPMG/Teleware'''

*KPMG Oy IT Security Advisory marketing presentation 15 min
*Web hacking exercises and demonstrations in a laboratory class (using WebGoat and WebScarab tools)

'''Snacks available. Send your reservations to Anssi's mail address, anssi.porttikivi@kpmg.fi. Room for 20 participants.'''

'''Note! Be in time, because the reception closes at 18.'''

== OWASP Goes! CERT-FI, Thursday, June 12th 2008 ==

'''Location: Viestintävirasto, Itämerenkatu 3 A, 00180 Helsinki and One Pint Pub Santakatu 2, 00180 Helsinki'''

'''Time: 16.00 - 20.00'''

'''Schedule'''

'''16.00 Welcome and recent activities. Antti Laulajainen '''

'''16.10 Introduction of CERT-FI. Juhani Eronen, Information Security Adviser, CERT-FI'''

'''16.30 Vulnerability coordination. Juhani Eronen'''
* CERT-FI as a vulnerability coordinator
* Coordination examples

'''18.00 Possibility to continue the evening at the One Pint Pub'''
* If someone fancies a (self-financed) beer

'''Viestintävirasto asks those who wish to participate to the meeting to register in advance. For registrations please contact CERT-FI Unit Secretary Virpi Hienonen (virpi.hienonen(at)ficora.fi). The deadline is June 6, 2008.'''

== OWASP Helsinki Chapter meeting/Get Together #6 Tuesday, May 13th 2008 ==

Thank you for attending.

You can download the presentation here''' https://www.owasp.org/images/7/70/OWASP_HelsinkiChapter_130508.pdf

Coverage of the event in local news (Finnish only) http://mikropc.net/uutiset/index.jsp?categoryId=atk&day=20080514#w2008051411524012715

'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki and Ravintola Kaisla, Vilhonkatu 4, 00100 Helsinki'''

'''Time: 16.00 - 20.00'''

Welcome to spring meeting 2008.

'''Schedule'''

'''16.00 - 16.10 OWASP update. Antti Laulajainen'''

'''16.10-17.00 Notes From The field, OWASP tools and usage experiences, Jarkko Holappa & Antti Laulajainen'''

'''17.30 - 20.00 Drinks at Ravintola Kaisla (Bring Your Own Wallet)'''

Hope to see as many of you as possible!

== OWASP Helsinki Chapter meeting #5 Tuesday, March 11th 2008 ==
'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki.'''

'''Time: 18.30 - 20.30'''

Welcome to first meeting of 2008. OWASP Helsinki resumes activities after winter break.

We are pleased to have as a speaker Technology Manager of Nokia Product Security, Alexandr Seleznyov. His topic will be current state of application security.

'''Schedule'''

'''18.30 - 18.40 OWASP update. Antti Laulajainen'''

'''18.40 - 20.30 Current State of Application Security. Alexandr Seleznyov'''

Hope to see as many of you as possible!

== OWASP Helsinki & RWSUG Seminar Tuesday, January 29th 2008 ==
'''Location: IBM, Laajalahdentie 23, 00330 Helsinki.'''
'''Time: 11.15 - 19.00'''

OWASP Helsinki and Rational and Websphere User Group Finland RWSUG are aiming to co-operate to raise application security awareness. OWASP Helsinki will have a presentation in RWSUG agility seminar. More information from http://www.rwsug.fi/default.asp?path=1,39,385

'''You can download the presentation here''' https://www.owasp.org/images/c/cd/RWSUG5_Agile_Security_Management.pdf

See program below. Most of it is Finnish only
*11.15 Ilmoittautuminen alkaa
*11.15-12.00 Buffet-lounas
*12.00-12.10 Tilaisuuden avaus Jussi Jutila, Puheenjohtaja, RWSUG ry

KEYNOTE

*12.10-13.30 Scaling Agile Software Development: Strategies for Applying Agile in Complex Situations Scott W. Ambler, Practice Leader Agile Development, IBM Canada
*13.30-13.45 Kahvitauko
*13.45-15.30 SOA liiketoiminnan näkökulmasta ja SOA toteutuksen näkökulmasta kansainvälisessa hankkeessa Kari Laine, IT Architect, IF ja Jarmo Laine, Senior Software Architect,Primasoft
*15.30-15.45 Tauko
*15.45-16.30 Ketterä tietoturvan hallinta ohjelmistotuotannossa Reijo Savola, VTT
*16.30-17.15 Jazz Update IBM
*17.15-19.00 Iltapalaa ja verkostoitumista IBM Forumissa
 

== OWASP Helsinki Introduction to ISACA Finland Thursday January 24th 2008 ==
OWASP Helsinki participated in ISACA Finland meeting to raise application security awareness among system auditors and inspectors.
 A presentation was held that introduced basic web techniques, some security issues, OWASP in general, OWASP projects and OWASP Helsinki chapter.
 
'''You can download the presentation here''': https://www.owasp.org/images/e/e4/OWASP_ISACA_20080124.pdf (Finnish Only)
 

== OWASP Helsinki meeting #4 Fall 2007 with Mark Curphey, Tuesday, October 2 2007 ==
'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki.'''

Thank you for all participants and Mark from great presentation.

Coverage of the meeting in the local news (in Finnish):
http://mikropc.net/uutiset/index.jsp?categoryId=atk&day=20071003#w2007100315112711629

We are delighted to have Mark Curphey - the OWASP founder and new head of Microsoft's ACE (Application Consulting & Engineering) team in Europe - to visit Finland and discuss web app security with us. Hopefully as many as of you possible can participate!

'''18:30 Welcome and recent Helsinki chapter activities. Antti Laulajainen'''

'''18:40 Naked Software Security. Mark Curphey'''
*Commentary on how to build secure software
*Thoughts on the industry

'''WELCOME!'''

== OWASP Helsinki meeting #3 Summer 2007: "SOA, Web Services & XML Security", Tuesday, June 5th 2007 ==

Date: June 5th

Location: Smilehouse, Itälahdenkatu 22A (Stonesoft building), Lauttasaari.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/tietoturva_docview.jsp?f_id=1186167

'''19:00 Welcome & quick recap of recent OWASP activity and the Spring conference. Mikko Saario.'''

'''19:15 Gunnar Peterson, CTO Arctec Group and project lead for the OWASP "XML Security Gateway Evaluation Criteria".'''

Gunnar will be visiting Finland to provide training via Tietoturva ry on this subject. Topics to be covered:
* XML Security Gateways
* Message level threats and security countermeasures in Web services
* OWASP XML Security Gateway Evaluation Criteria Project

'''20:15 "Real-life usage of OWASP tools". Alexandr Seleznyov, Nokia Product Security.'''

(There is a chance Alex cannot make it. In that case we will discuss SOA stuff in more detail or just head off to bar earlier.)

'''20:45 Enter Bar 52...'''
--> Enjoy (sponsored) beverages.

== OWASP Helsinki meeting #2 Winter 2007, Web Application Firewalls, Thursday, February 22 2007 ==

Thank you for the 29 participants, the speakers and the host - Nixu - for making this event happen!

'''Location: Nixu, Mäkelänkatu 91, 00601 Helsinki.'''

What are Web Application Firewalls (WAF), how do they work, what do they do and what don't they do. Discussion and sharing of experiences of various technologies and products.

'''18.30 Welcome. Mikko Saario, Chapter Leader.'''

Today's topic and agenda in short.

'''18.35 "Web Application Firewalls Technical Analysis". Joakim Sandström, CTO nSense.'''

http://www.owasp.org/images/6/6a/Owasp_waf_joakim.pdf

- Technology

- Blacklisting & Whitelisting

- mod_security features

- Do's and Don'ts

'''19.30 "The Core Rule Sets". Ofer Shezaf, CTO Breach Security.'''

http://www.owasp.org/images/f/f4/The_Core_Rule_Set_-_Ofer.pdf

- WAF deployment and protection strategies

- Detection of generic web layer attacks

- Virtual patching

== OWASP Helsinki meeting #1, Tuesday, Dec 12 2006 at Ernst & Young ==

The Helsinki chapter had the first meeting at Ernst & Young office in Elielinaukio 5 B. The agenda and the presentations for the meeting are below. We had a good turnout: 22 people were present i.e. all seats were taken - we were very happy to see all these people to be interested in application security issues.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/doc.do?f_id=1083463

'''18:30 Welcome. What is OWASP and why OWASP Helsinki?'''

Mikko Saario made a short presentation about OWASP and the objective for the local Helsinki chapter.

'''19:00 Analyzing Threats (Olli Wiren; olli [at] juurihoito.org)'''

Olli Wiren discussed application related threats and corresponding security issues.

http://www.owasp.org/images/7/7c/Owasp-olli.pdf

'''19:45 Open discussion regarding OWASP Helsinki; what is expected or wished; how to go ahead and so forth.'''

There was a lively discussion regarding what type of activities should be arranged in the future. More details will follow...

Helsinki

2008-11-05T14:55:37Z

Msaario: /* OWASP Helsinki Meeting: <TIME AND PLACE TO BE CONFIRMED> */

{{Chapter Template|chaptername=Helsinki|extra=The chapter leader is [mailto:antti@owasp.org Antti Laulajainen]
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-helsinki|emailarchives=http://lists.owasp.org/pipermail/owasp-helsinki}}

<paypal>Helsinki</paypal>

== Local News ==

'''Welcome to the OWASP Helsinki Chapter'''

The plan is to meet at least three to four times a year, each lasting 1,5-3 hours (more active "hands" means more meetings). This chapter is based in the capital area and therefore the meetings will be in or around Helsinki.

If you wish to present at one of the meetings or have any other inquiries, please contact the chapter leader.

== Current Activities ==

Currently OWASP Helsinki is working on the following tasks:
*[[Top 10 2007 Finnish]] aim to translate OWASP Top 10 list in Finnish

== OWASP Helsinki Meeting: <TIME AND PLACE TO BE CONFIRMED> ==

'''Location: Nokia Ruoholahti, Itämerenkatu 11-13, 00180 Helsinki'''

'''Time: 17:00-18:30'''

'''Schedule''' 

'''17:00 Welcome by Anssi Laulajainen, OWASP Chapter Leader'''

*Current state and progress of OWASP Top 10 Finnish translation

'''17:20 Juhani Eronen, CERT-FI: A recent security vulnerability'''

*Microsoft MS08-067 (Vulnerability in Server Service Could Allow Remote Code Execution), its history (MS06-040) and exploitation.

'''Discussion'''

''' PLEASE REGISTER WITH: mikko . saario at nokia . com (we have reserved snacks for 25 people)'''

== OWASP Helsinki Web Hacking Workshop, Tuesday September 10th 2008 ==

'''Location: Teleware / KPMG, Laajalahdentie 23, 6. floor, reception at the ground floor, 00330 Helsinki'''

'''Time: 18.00 - 20.00'''

'''Schedule'''

'''18.00 Welcome and recent activities. Antti Laulajainen '''

'''18.05 Web Hacking Workshop, Anssi Porttikivi, Senior ICT Advisor KPMG/Teleware'''

*KPMG Oy IT Security Advisory marketing presentation 15 min
*Web hacking exercises and demonstrations in a laboratory class (using WebGoat and WebScarab tools)

'''Snacks available. Send your reservations to Anssi's mail address, anssi.porttikivi@kpmg.fi. Room for 20 participants.'''

'''Note! Be in time, because the reception closes at 18.'''

== OWASP Goes! CERT-FI, Thursday, June 12th 2008 ==

'''Location: Viestintävirasto, Itämerenkatu 3 A, 00180 Helsinki and One Pint Pub Santakatu 2, 00180 Helsinki'''

'''Time: 16.00 - 20.00'''

'''Schedule'''

'''16.00 Welcome and recent activities. Antti Laulajainen '''

'''16.10 Introduction of CERT-FI. Juhani Eronen, Information Security Adviser, CERT-FI'''

'''16.30 Vulnerability coordination. Juhani Eronen'''
* CERT-FI as a vulnerability coordinator
* Coordination examples

'''18.00 Possibility to continue the evening at the One Pint Pub'''
* If someone fancies a (self-financed) beer

'''Viestintävirasto asks those who wish to participate to the meeting to register in advance. For registrations please contact CERT-FI Unit Secretary Virpi Hienonen (virpi.hienonen(at)ficora.fi). The deadline is June 6, 2008.'''

== OWASP Helsinki Chapter meeting/Get Together #6 Tuesday, May 13th 2008 ==

Thank you for attending.

You can download the presentation here''' https://www.owasp.org/images/7/70/OWASP_HelsinkiChapter_130508.pdf

Coverage of the event in local news (Finnish only) http://mikropc.net/uutiset/index.jsp?categoryId=atk&day=20080514#w2008051411524012715

'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki and Ravintola Kaisla, Vilhonkatu 4, 00100 Helsinki'''

'''Time: 16.00 - 20.00'''

Welcome to spring meeting 2008.

'''Schedule'''

'''16.00 - 16.10 OWASP update. Antti Laulajainen'''

'''16.10-17.00 Notes From The field, OWASP tools and usage experiences, Jarkko Holappa & Antti Laulajainen'''

'''17.30 - 20.00 Drinks at Ravintola Kaisla (Bring Your Own Wallet)'''

Hope to see as many of you as possible!

== OWASP Helsinki Chapter meeting #5 Tuesday, March 11th 2008 ==
'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki.'''

'''Time: 18.30 - 20.30'''

Welcome to first meeting of 2008. OWASP Helsinki resumes activities after winter break.

We are pleased to have as a speaker Technology Manager of Nokia Product Security, Alexandr Seleznyov. His topic will be current state of application security.

'''Schedule'''

'''18.30 - 18.40 OWASP update. Antti Laulajainen'''

'''18.40 - 20.30 Current State of Application Security. Alexandr Seleznyov'''

Hope to see as many of you as possible!

== OWASP Helsinki & RWSUG Seminar Tuesday, January 29th 2008 ==
'''Location: IBM, Laajalahdentie 23, 00330 Helsinki.'''
'''Time: 11.15 - 19.00'''

OWASP Helsinki and Rational and Websphere User Group Finland RWSUG are aiming to co-operate to raise application security awareness. OWASP Helsinki will have a presentation in RWSUG agility seminar. More information from http://www.rwsug.fi/default.asp?path=1,39,385

'''You can download the presentation here''' https://www.owasp.org/images/c/cd/RWSUG5_Agile_Security_Management.pdf

See program below. Most of it is Finnish only
*11.15 Ilmoittautuminen alkaa
*11.15-12.00 Buffet-lounas
*12.00-12.10 Tilaisuuden avaus Jussi Jutila, Puheenjohtaja, RWSUG ry

KEYNOTE

*12.10-13.30 Scaling Agile Software Development: Strategies for Applying Agile in Complex Situations Scott W. Ambler, Practice Leader Agile Development, IBM Canada
*13.30-13.45 Kahvitauko
*13.45-15.30 SOA liiketoiminnan näkökulmasta ja SOA toteutuksen näkökulmasta kansainvälisessa hankkeessa Kari Laine, IT Architect, IF ja Jarmo Laine, Senior Software Architect,Primasoft
*15.30-15.45 Tauko
*15.45-16.30 Ketterä tietoturvan hallinta ohjelmistotuotannossa Reijo Savola, VTT
*16.30-17.15 Jazz Update IBM
*17.15-19.00 Iltapalaa ja verkostoitumista IBM Forumissa
 

== OWASP Helsinki Introduction to ISACA Finland Thursday January 24th 2008 ==
OWASP Helsinki participated in ISACA Finland meeting to raise application security awareness among system auditors and inspectors.
 A presentation was held that introduced basic web techniques, some security issues, OWASP in general, OWASP projects and OWASP Helsinki chapter.
 
'''You can download the presentation here''': https://www.owasp.org/images/e/e4/OWASP_ISACA_20080124.pdf (Finnish Only)
 

== OWASP Helsinki meeting #4 Fall 2007 with Mark Curphey, Tuesday, October 2 2007 ==
'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki.'''

Thank you for all participants and Mark from great presentation.

Coverage of the meeting in the local news (in Finnish):
http://mikropc.net/uutiset/index.jsp?categoryId=atk&day=20071003#w2007100315112711629

We are delighted to have Mark Curphey - the OWASP founder and new head of Microsoft's ACE (Application Consulting & Engineering) team in Europe - to visit Finland and discuss web app security with us. Hopefully as many as of you possible can participate!

'''18:30 Welcome and recent Helsinki chapter activities. Antti Laulajainen'''

'''18:40 Naked Software Security. Mark Curphey'''
*Commentary on how to build secure software
*Thoughts on the industry

'''WELCOME!'''

== OWASP Helsinki meeting #3 Summer 2007: "SOA, Web Services & XML Security", Tuesday, June 5th 2007 ==

Date: June 5th

Location: Smilehouse, Itälahdenkatu 22A (Stonesoft building), Lauttasaari.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/tietoturva_docview.jsp?f_id=1186167

'''19:00 Welcome & quick recap of recent OWASP activity and the Spring conference. Mikko Saario.'''

'''19:15 Gunnar Peterson, CTO Arctec Group and project lead for the OWASP "XML Security Gateway Evaluation Criteria".'''

Gunnar will be visiting Finland to provide training via Tietoturva ry on this subject. Topics to be covered:
* XML Security Gateways
* Message level threats and security countermeasures in Web services
* OWASP XML Security Gateway Evaluation Criteria Project

'''20:15 "Real-life usage of OWASP tools". Alexandr Seleznyov, Nokia Product Security.'''

(There is a chance Alex cannot make it. In that case we will discuss SOA stuff in more detail or just head off to bar earlier.)

'''20:45 Enter Bar 52...'''
--> Enjoy (sponsored) beverages.

== OWASP Helsinki meeting #2 Winter 2007, Web Application Firewalls, Thursday, February 22 2007 ==

Thank you for the 29 participants, the speakers and the host - Nixu - for making this event happen!

'''Location: Nixu, Mäkelänkatu 91, 00601 Helsinki.'''

What are Web Application Firewalls (WAF), how do they work, what do they do and what don't they do. Discussion and sharing of experiences of various technologies and products.

'''18.30 Welcome. Mikko Saario, Chapter Leader.'''

Today's topic and agenda in short.

'''18.35 "Web Application Firewalls Technical Analysis". Joakim Sandström, CTO nSense.'''

http://www.owasp.org/images/6/6a/Owasp_waf_joakim.pdf

- Technology

- Blacklisting & Whitelisting

- mod_security features

- Do's and Don'ts

'''19.30 "The Core Rule Sets". Ofer Shezaf, CTO Breach Security.'''

http://www.owasp.org/images/f/f4/The_Core_Rule_Set_-_Ofer.pdf

- WAF deployment and protection strategies

- Detection of generic web layer attacks

- Virtual patching

== OWASP Helsinki meeting #1, Tuesday, Dec 12 2006 at Ernst & Young ==

The Helsinki chapter had the first meeting at Ernst & Young office in Elielinaukio 5 B. The agenda and the presentations for the meeting are below. We had a good turnout: 22 people were present i.e. all seats were taken - we were very happy to see all these people to be interested in application security issues.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/doc.do?f_id=1083463

'''18:30 Welcome. What is OWASP and why OWASP Helsinki?'''

Mikko Saario made a short presentation about OWASP and the objective for the local Helsinki chapter.

'''19:00 Analyzing Threats (Olli Wiren; olli [at] juurihoito.org)'''

Olli Wiren discussed application related threats and corresponding security issues.

http://www.owasp.org/images/7/7c/Owasp-olli.pdf

'''19:45 Open discussion regarding OWASP Helsinki; what is expected or wished; how to go ahead and so forth.'''

There was a lively discussion regarding what type of activities should be arranged in the future. More details will follow...

Helsinki

2008-11-05T14:55:05Z

Msaario: /* OWASP Helsinki Meeting: <TIME AND PLACE TO BE CONFIRMED> */

{{Chapter Template|chaptername=Helsinki|extra=The chapter leader is [mailto:antti@owasp.org Antti Laulajainen]
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-helsinki|emailarchives=http://lists.owasp.org/pipermail/owasp-helsinki}}

<paypal>Helsinki</paypal>

== Local News ==

'''Welcome to the OWASP Helsinki Chapter'''

The plan is to meet at least three to four times a year, each lasting 1,5-3 hours (more active "hands" means more meetings). This chapter is based in the capital area and therefore the meetings will be in or around Helsinki.

If you wish to present at one of the meetings or have any other inquiries, please contact the chapter leader.

== Current Activities ==

Currently OWASP Helsinki is working on the following tasks:
*[[Top 10 2007 Finnish]] aim to translate OWASP Top 10 list in Finnish

== OWASP Helsinki Meeting: <TIME AND PLACE TO BE CONFIRMED> ==

'''Location: Nokia Ruoholahti, Itämerenkatu 11-13, 00180 Helsinki'''

'''Time: 17:00-18:30'''

'''Schedule''' 

'''17:00 Welcome by Anssi Laulajainen, OWASP Chapter Leader'''

*Current state and progress of OWASP Top 10 Finnish translation

'''17:15 Juhani Eronen, CERT-FI: A recent security vulnerability'''

*Microsoft MS08-067 (Vulnerability in Server Service Could Allow Remote Code Execution), its history (MS06-040) and exploitation.

'''Discussion'''

''' PLEASE REGISTER WITH: mikko . saario at nokia . com (we have reserved snacks for 25 people)'''

== OWASP Helsinki Web Hacking Workshop, Tuesday September 10th 2008 ==

'''Location: Teleware / KPMG, Laajalahdentie 23, 6. floor, reception at the ground floor, 00330 Helsinki'''

'''Time: 18.00 - 20.00'''

'''Schedule'''

'''18.00 Welcome and recent activities. Antti Laulajainen '''

'''18.05 Web Hacking Workshop, Anssi Porttikivi, Senior ICT Advisor KPMG/Teleware'''

*KPMG Oy IT Security Advisory marketing presentation 15 min
*Web hacking exercises and demonstrations in a laboratory class (using WebGoat and WebScarab tools)

'''Snacks available. Send your reservations to Anssi's mail address, anssi.porttikivi@kpmg.fi. Room for 20 participants.'''

'''Note! Be in time, because the reception closes at 18.'''

== OWASP Goes! CERT-FI, Thursday, June 12th 2008 ==

'''Location: Viestintävirasto, Itämerenkatu 3 A, 00180 Helsinki and One Pint Pub Santakatu 2, 00180 Helsinki'''

'''Time: 16.00 - 20.00'''

'''Schedule'''

'''16.00 Welcome and recent activities. Antti Laulajainen '''

'''16.10 Introduction of CERT-FI. Juhani Eronen, Information Security Adviser, CERT-FI'''

'''16.30 Vulnerability coordination. Juhani Eronen'''
* CERT-FI as a vulnerability coordinator
* Coordination examples

'''18.00 Possibility to continue the evening at the One Pint Pub'''
* If someone fancies a (self-financed) beer

'''Viestintävirasto asks those who wish to participate to the meeting to register in advance. For registrations please contact CERT-FI Unit Secretary Virpi Hienonen (virpi.hienonen(at)ficora.fi). The deadline is June 6, 2008.'''

== OWASP Helsinki Chapter meeting/Get Together #6 Tuesday, May 13th 2008 ==

Thank you for attending.

You can download the presentation here''' https://www.owasp.org/images/7/70/OWASP_HelsinkiChapter_130508.pdf

Coverage of the event in local news (Finnish only) http://mikropc.net/uutiset/index.jsp?categoryId=atk&day=20080514#w2008051411524012715

'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki and Ravintola Kaisla, Vilhonkatu 4, 00100 Helsinki'''

'''Time: 16.00 - 20.00'''

Welcome to spring meeting 2008.

'''Schedule'''

'''16.00 - 16.10 OWASP update. Antti Laulajainen'''

'''16.10-17.00 Notes From The field, OWASP tools and usage experiences, Jarkko Holappa & Antti Laulajainen'''

'''17.30 - 20.00 Drinks at Ravintola Kaisla (Bring Your Own Wallet)'''

Hope to see as many of you as possible!

== OWASP Helsinki Chapter meeting #5 Tuesday, March 11th 2008 ==
'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki.'''

'''Time: 18.30 - 20.30'''

Welcome to first meeting of 2008. OWASP Helsinki resumes activities after winter break.

We are pleased to have as a speaker Technology Manager of Nokia Product Security, Alexandr Seleznyov. His topic will be current state of application security.

'''Schedule'''

'''18.30 - 18.40 OWASP update. Antti Laulajainen'''

'''18.40 - 20.30 Current State of Application Security. Alexandr Seleznyov'''

Hope to see as many of you as possible!

== OWASP Helsinki & RWSUG Seminar Tuesday, January 29th 2008 ==
'''Location: IBM, Laajalahdentie 23, 00330 Helsinki.'''
'''Time: 11.15 - 19.00'''

OWASP Helsinki and Rational and Websphere User Group Finland RWSUG are aiming to co-operate to raise application security awareness. OWASP Helsinki will have a presentation in RWSUG agility seminar. More information from http://www.rwsug.fi/default.asp?path=1,39,385

'''You can download the presentation here''' https://www.owasp.org/images/c/cd/RWSUG5_Agile_Security_Management.pdf

See program below. Most of it is Finnish only
*11.15 Ilmoittautuminen alkaa
*11.15-12.00 Buffet-lounas
*12.00-12.10 Tilaisuuden avaus Jussi Jutila, Puheenjohtaja, RWSUG ry

KEYNOTE

*12.10-13.30 Scaling Agile Software Development: Strategies for Applying Agile in Complex Situations Scott W. Ambler, Practice Leader Agile Development, IBM Canada
*13.30-13.45 Kahvitauko
*13.45-15.30 SOA liiketoiminnan näkökulmasta ja SOA toteutuksen näkökulmasta kansainvälisessa hankkeessa Kari Laine, IT Architect, IF ja Jarmo Laine, Senior Software Architect,Primasoft
*15.30-15.45 Tauko
*15.45-16.30 Ketterä tietoturvan hallinta ohjelmistotuotannossa Reijo Savola, VTT
*16.30-17.15 Jazz Update IBM
*17.15-19.00 Iltapalaa ja verkostoitumista IBM Forumissa
 

== OWASP Helsinki Introduction to ISACA Finland Thursday January 24th 2008 ==
OWASP Helsinki participated in ISACA Finland meeting to raise application security awareness among system auditors and inspectors.
 A presentation was held that introduced basic web techniques, some security issues, OWASP in general, OWASP projects and OWASP Helsinki chapter.
 
'''You can download the presentation here''': https://www.owasp.org/images/e/e4/OWASP_ISACA_20080124.pdf (Finnish Only)
 

== OWASP Helsinki meeting #4 Fall 2007 with Mark Curphey, Tuesday, October 2 2007 ==
'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki.'''

Thank you for all participants and Mark from great presentation.

Coverage of the meeting in the local news (in Finnish):
http://mikropc.net/uutiset/index.jsp?categoryId=atk&day=20071003#w2007100315112711629

We are delighted to have Mark Curphey - the OWASP founder and new head of Microsoft's ACE (Application Consulting & Engineering) team in Europe - to visit Finland and discuss web app security with us. Hopefully as many as of you possible can participate!

'''18:30 Welcome and recent Helsinki chapter activities. Antti Laulajainen'''

'''18:40 Naked Software Security. Mark Curphey'''
*Commentary on how to build secure software
*Thoughts on the industry

'''WELCOME!'''

== OWASP Helsinki meeting #3 Summer 2007: "SOA, Web Services & XML Security", Tuesday, June 5th 2007 ==

Date: June 5th

Location: Smilehouse, Itälahdenkatu 22A (Stonesoft building), Lauttasaari.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/tietoturva_docview.jsp?f_id=1186167

'''19:00 Welcome & quick recap of recent OWASP activity and the Spring conference. Mikko Saario.'''

'''19:15 Gunnar Peterson, CTO Arctec Group and project lead for the OWASP "XML Security Gateway Evaluation Criteria".'''

Gunnar will be visiting Finland to provide training via Tietoturva ry on this subject. Topics to be covered:
* XML Security Gateways
* Message level threats and security countermeasures in Web services
* OWASP XML Security Gateway Evaluation Criteria Project

'''20:15 "Real-life usage of OWASP tools". Alexandr Seleznyov, Nokia Product Security.'''

(There is a chance Alex cannot make it. In that case we will discuss SOA stuff in more detail or just head off to bar earlier.)

'''20:45 Enter Bar 52...'''
--> Enjoy (sponsored) beverages.

== OWASP Helsinki meeting #2 Winter 2007, Web Application Firewalls, Thursday, February 22 2007 ==

Thank you for the 29 participants, the speakers and the host - Nixu - for making this event happen!

'''Location: Nixu, Mäkelänkatu 91, 00601 Helsinki.'''

What are Web Application Firewalls (WAF), how do they work, what do they do and what don't they do. Discussion and sharing of experiences of various technologies and products.

'''18.30 Welcome. Mikko Saario, Chapter Leader.'''

Today's topic and agenda in short.

'''18.35 "Web Application Firewalls Technical Analysis". Joakim Sandström, CTO nSense.'''

http://www.owasp.org/images/6/6a/Owasp_waf_joakim.pdf

- Technology

- Blacklisting & Whitelisting

- mod_security features

- Do's and Don'ts

'''19.30 "The Core Rule Sets". Ofer Shezaf, CTO Breach Security.'''

http://www.owasp.org/images/f/f4/The_Core_Rule_Set_-_Ofer.pdf

- WAF deployment and protection strategies

- Detection of generic web layer attacks

- Virtual patching

== OWASP Helsinki meeting #1, Tuesday, Dec 12 2006 at Ernst & Young ==

The Helsinki chapter had the first meeting at Ernst & Young office in Elielinaukio 5 B. The agenda and the presentations for the meeting are below. We had a good turnout: 22 people were present i.e. all seats were taken - we were very happy to see all these people to be interested in application security issues.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/doc.do?f_id=1083463

'''18:30 Welcome. What is OWASP and why OWASP Helsinki?'''

Mikko Saario made a short presentation about OWASP and the objective for the local Helsinki chapter.

'''19:00 Analyzing Threats (Olli Wiren; olli [at] juurihoito.org)'''

Olli Wiren discussed application related threats and corresponding security issues.

http://www.owasp.org/images/7/7c/Owasp-olli.pdf

'''19:45 Open discussion regarding OWASP Helsinki; what is expected or wished; how to go ahead and so forth.'''

There was a lively discussion regarding what type of activities should be arranged in the future. More details will follow...

Helsinki

2008-11-05T14:46:46Z

Msaario: /* OWASP Helsinki Meeting: <TIME AND PLACE TO BE CONFIRMED> */

{{Chapter Template|chaptername=Helsinki|extra=The chapter leader is [mailto:antti@owasp.org Antti Laulajainen]
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-helsinki|emailarchives=http://lists.owasp.org/pipermail/owasp-helsinki}}

<paypal>Helsinki</paypal>

== Local News ==

'''Welcome to the OWASP Helsinki Chapter'''

The plan is to meet at least three to four times a year, each lasting 1,5-3 hours (more active "hands" means more meetings). This chapter is based in the capital area and therefore the meetings will be in or around Helsinki.

If you wish to present at one of the meetings or have any other inquiries, please contact the chapter leader.

== Current Activities ==

Currently OWASP Helsinki is working on the following tasks:
*[[Top 10 2007 Finnish]] aim to translate OWASP Top 10 list in Finnish

== OWASP Helsinki Meeting: <TIME AND PLACE TO BE CONFIRMED> ==

'''Location: Nokia Ruoholahti, Itämerenkatu 11-13, 00180 Helsinki'''

'''Time: 17:00-18:30'''

'''Schedule''' 

'''* Latest OWASP updates'''

i.e. something like 'the current state and progress of OWASP Top 10 Finnish translation'. 

'''* CERT-FI: A recent security vulnerability, Microsoft MS08-067 (Vulnerability in Server Service Could Allow Remote Code Execution), its history (MS06-040) and exploitation.'''

'''* Discussion'''

''' PLEASE REGISTER WITH: mikko . saario at nokia . com (we have reserved snacks for 25 people)'''

== OWASP Helsinki Web Hacking Workshop, Tuesday September 10th 2008 ==

'''Location: Teleware / KPMG, Laajalahdentie 23, 6. floor, reception at the ground floor, 00330 Helsinki'''

'''Time: 18.00 - 20.00'''

'''Schedule'''

'''18.00 Welcome and recent activities. Antti Laulajainen '''

'''18.05 Web Hacking Workshop, Anssi Porttikivi, Senior ICT Advisor KPMG/Teleware'''

*KPMG Oy IT Security Advisory marketing presentation 15 min
*Web hacking exercises and demonstrations in a laboratory class (using WebGoat and WebScarab tools)

'''Snacks available. Send your reservations to Anssi's mail address, anssi.porttikivi@kpmg.fi. Room for 20 participants.'''

'''Note! Be in time, because the reception closes at 18.'''

== OWASP Goes! CERT-FI, Thursday, June 12th 2008 ==

'''Location: Viestintävirasto, Itämerenkatu 3 A, 00180 Helsinki and One Pint Pub Santakatu 2, 00180 Helsinki'''

'''Time: 16.00 - 20.00'''

'''Schedule'''

'''16.00 Welcome and recent activities. Antti Laulajainen '''

'''16.10 Introduction of CERT-FI. Juhani Eronen, Information Security Adviser, CERT-FI'''

'''16.30 Vulnerability coordination. Juhani Eronen'''
* CERT-FI as a vulnerability coordinator
* Coordination examples

'''18.00 Possibility to continue the evening at the One Pint Pub'''
* If someone fancies a (self-financed) beer

'''Viestintävirasto asks those who wish to participate to the meeting to register in advance. For registrations please contact CERT-FI Unit Secretary Virpi Hienonen (virpi.hienonen(at)ficora.fi). The deadline is June 6, 2008.'''

== OWASP Helsinki Chapter meeting/Get Together #6 Tuesday, May 13th 2008 ==

Thank you for attending.

You can download the presentation here''' https://www.owasp.org/images/7/70/OWASP_HelsinkiChapter_130508.pdf

Coverage of the event in local news (Finnish only) http://mikropc.net/uutiset/index.jsp?categoryId=atk&day=20080514#w2008051411524012715

'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki and Ravintola Kaisla, Vilhonkatu 4, 00100 Helsinki'''

'''Time: 16.00 - 20.00'''

Welcome to spring meeting 2008.

'''Schedule'''

'''16.00 - 16.10 OWASP update. Antti Laulajainen'''

'''16.10-17.00 Notes From The field, OWASP tools and usage experiences, Jarkko Holappa & Antti Laulajainen'''

'''17.30 - 20.00 Drinks at Ravintola Kaisla (Bring Your Own Wallet)'''

Hope to see as many of you as possible!

== OWASP Helsinki Chapter meeting #5 Tuesday, March 11th 2008 ==
'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki.'''

'''Time: 18.30 - 20.30'''

Welcome to first meeting of 2008. OWASP Helsinki resumes activities after winter break.

We are pleased to have as a speaker Technology Manager of Nokia Product Security, Alexandr Seleznyov. His topic will be current state of application security.

'''Schedule'''

'''18.30 - 18.40 OWASP update. Antti Laulajainen'''

'''18.40 - 20.30 Current State of Application Security. Alexandr Seleznyov'''

Hope to see as many of you as possible!

== OWASP Helsinki & RWSUG Seminar Tuesday, January 29th 2008 ==
'''Location: IBM, Laajalahdentie 23, 00330 Helsinki.'''
'''Time: 11.15 - 19.00'''

OWASP Helsinki and Rational and Websphere User Group Finland RWSUG are aiming to co-operate to raise application security awareness. OWASP Helsinki will have a presentation in RWSUG agility seminar. More information from http://www.rwsug.fi/default.asp?path=1,39,385

'''You can download the presentation here''' https://www.owasp.org/images/c/cd/RWSUG5_Agile_Security_Management.pdf

See program below. Most of it is Finnish only
*11.15 Ilmoittautuminen alkaa
*11.15-12.00 Buffet-lounas
*12.00-12.10 Tilaisuuden avaus Jussi Jutila, Puheenjohtaja, RWSUG ry

KEYNOTE

*12.10-13.30 Scaling Agile Software Development: Strategies for Applying Agile in Complex Situations Scott W. Ambler, Practice Leader Agile Development, IBM Canada
*13.30-13.45 Kahvitauko
*13.45-15.30 SOA liiketoiminnan näkökulmasta ja SOA toteutuksen näkökulmasta kansainvälisessa hankkeessa Kari Laine, IT Architect, IF ja Jarmo Laine, Senior Software Architect,Primasoft
*15.30-15.45 Tauko
*15.45-16.30 Ketterä tietoturvan hallinta ohjelmistotuotannossa Reijo Savola, VTT
*16.30-17.15 Jazz Update IBM
*17.15-19.00 Iltapalaa ja verkostoitumista IBM Forumissa
 

== OWASP Helsinki Introduction to ISACA Finland Thursday January 24th 2008 ==
OWASP Helsinki participated in ISACA Finland meeting to raise application security awareness among system auditors and inspectors.
 A presentation was held that introduced basic web techniques, some security issues, OWASP in general, OWASP projects and OWASP Helsinki chapter.
 
'''You can download the presentation here''': https://www.owasp.org/images/e/e4/OWASP_ISACA_20080124.pdf (Finnish Only)
 

== OWASP Helsinki meeting #4 Fall 2007 with Mark Curphey, Tuesday, October 2 2007 ==
'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki.'''

Thank you for all participants and Mark from great presentation.

Coverage of the meeting in the local news (in Finnish):
http://mikropc.net/uutiset/index.jsp?categoryId=atk&day=20071003#w2007100315112711629

We are delighted to have Mark Curphey - the OWASP founder and new head of Microsoft's ACE (Application Consulting & Engineering) team in Europe - to visit Finland and discuss web app security with us. Hopefully as many as of you possible can participate!

'''18:30 Welcome and recent Helsinki chapter activities. Antti Laulajainen'''

'''18:40 Naked Software Security. Mark Curphey'''
*Commentary on how to build secure software
*Thoughts on the industry

'''WELCOME!'''

== OWASP Helsinki meeting #3 Summer 2007: "SOA, Web Services & XML Security", Tuesday, June 5th 2007 ==

Date: June 5th

Location: Smilehouse, Itälahdenkatu 22A (Stonesoft building), Lauttasaari.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/tietoturva_docview.jsp?f_id=1186167

'''19:00 Welcome & quick recap of recent OWASP activity and the Spring conference. Mikko Saario.'''

'''19:15 Gunnar Peterson, CTO Arctec Group and project lead for the OWASP "XML Security Gateway Evaluation Criteria".'''

Gunnar will be visiting Finland to provide training via Tietoturva ry on this subject. Topics to be covered:
* XML Security Gateways
* Message level threats and security countermeasures in Web services
* OWASP XML Security Gateway Evaluation Criteria Project

'''20:15 "Real-life usage of OWASP tools". Alexandr Seleznyov, Nokia Product Security.'''

(There is a chance Alex cannot make it. In that case we will discuss SOA stuff in more detail or just head off to bar earlier.)

'''20:45 Enter Bar 52...'''
--> Enjoy (sponsored) beverages.

== OWASP Helsinki meeting #2 Winter 2007, Web Application Firewalls, Thursday, February 22 2007 ==

Thank you for the 29 participants, the speakers and the host - Nixu - for making this event happen!

'''Location: Nixu, Mäkelänkatu 91, 00601 Helsinki.'''

What are Web Application Firewalls (WAF), how do they work, what do they do and what don't they do. Discussion and sharing of experiences of various technologies and products.

'''18.30 Welcome. Mikko Saario, Chapter Leader.'''

Today's topic and agenda in short.

'''18.35 "Web Application Firewalls Technical Analysis". Joakim Sandström, CTO nSense.'''

http://www.owasp.org/images/6/6a/Owasp_waf_joakim.pdf

- Technology

- Blacklisting & Whitelisting

- mod_security features

- Do's and Don'ts

'''19.30 "The Core Rule Sets". Ofer Shezaf, CTO Breach Security.'''

http://www.owasp.org/images/f/f4/The_Core_Rule_Set_-_Ofer.pdf

- WAF deployment and protection strategies

- Detection of generic web layer attacks

- Virtual patching

== OWASP Helsinki meeting #1, Tuesday, Dec 12 2006 at Ernst & Young ==

The Helsinki chapter had the first meeting at Ernst & Young office in Elielinaukio 5 B. The agenda and the presentations for the meeting are below. We had a good turnout: 22 people were present i.e. all seats were taken - we were very happy to see all these people to be interested in application security issues.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/doc.do?f_id=1083463

'''18:30 Welcome. What is OWASP and why OWASP Helsinki?'''

Mikko Saario made a short presentation about OWASP and the objective for the local Helsinki chapter.

'''19:00 Analyzing Threats (Olli Wiren; olli [at] juurihoito.org)'''

Olli Wiren discussed application related threats and corresponding security issues.

http://www.owasp.org/images/7/7c/Owasp-olli.pdf

'''19:45 Open discussion regarding OWASP Helsinki; what is expected or wished; how to go ahead and so forth.'''

There was a lively discussion regarding what type of activities should be arranged in the future. More details will follow...

Helsinki

2008-11-05T14:29:25Z

Msaario: /* OWASP Helsinki Meeting: <TIME AND PLACE TO BE CONFIRMED> */

{{Chapter Template|chaptername=Helsinki|extra=The chapter leader is [mailto:antti@owasp.org Antti Laulajainen]
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-helsinki|emailarchives=http://lists.owasp.org/pipermail/owasp-helsinki}}

<paypal>Helsinki</paypal>

== Local News ==

'''Welcome to the OWASP Helsinki Chapter'''

The plan is to meet at least three to four times a year, each lasting 1,5-3 hours (more active "hands" means more meetings). This chapter is based in the capital area and therefore the meetings will be in or around Helsinki.

If you wish to present at one of the meetings or have any other inquiries, please contact the chapter leader.

== Current Activities ==

Currently OWASP Helsinki is working on the following tasks:
*[[Top 10 2007 Finnish]] aim to translate OWASP Top 10 list in Finnish

== OWASP Helsinki Meeting: <TIME AND PLACE TO BE CONFIRMED> ==

'''Location: Nokia Ruoholahti, Itämerenkatu 11-13, 00180 Helsinki'''

'''Time: 17:00-18:30'''

'''Schedule''' 

'''* Latest OWASP updates'''

i.e. something like 'the current state and progress of OWASP Top 10 Finnish translation'. 

'''* CERT-FI: A recent security vulnerability.'''

'''* Discussion'''

''' PLEASE REGISTER WITH: mikko . saario at nokia . com (we have reserved snacks for 25 people)'''

== OWASP Helsinki Web Hacking Workshop, Tuesday September 10th 2008 ==

'''Location: Teleware / KPMG, Laajalahdentie 23, 6. floor, reception at the ground floor, 00330 Helsinki'''

'''Time: 18.00 - 20.00'''

'''Schedule'''

'''18.00 Welcome and recent activities. Antti Laulajainen '''

'''18.05 Web Hacking Workshop, Anssi Porttikivi, Senior ICT Advisor KPMG/Teleware'''

*KPMG Oy IT Security Advisory marketing presentation 15 min
*Web hacking exercises and demonstrations in a laboratory class (using WebGoat and WebScarab tools)

'''Snacks available. Send your reservations to Anssi's mail address, anssi.porttikivi@kpmg.fi. Room for 20 participants.'''

'''Note! Be in time, because the reception closes at 18.'''

== OWASP Goes! CERT-FI, Thursday, June 12th 2008 ==

'''Location: Viestintävirasto, Itämerenkatu 3 A, 00180 Helsinki and One Pint Pub Santakatu 2, 00180 Helsinki'''

'''Time: 16.00 - 20.00'''

'''Schedule'''

'''16.00 Welcome and recent activities. Antti Laulajainen '''

'''16.10 Introduction of CERT-FI. Juhani Eronen, Information Security Adviser, CERT-FI'''

'''16.30 Vulnerability coordination. Juhani Eronen'''
* CERT-FI as a vulnerability coordinator
* Coordination examples

'''18.00 Possibility to continue the evening at the One Pint Pub'''
* If someone fancies a (self-financed) beer

'''Viestintävirasto asks those who wish to participate to the meeting to register in advance. For registrations please contact CERT-FI Unit Secretary Virpi Hienonen (virpi.hienonen(at)ficora.fi). The deadline is June 6, 2008.'''

== OWASP Helsinki Chapter meeting/Get Together #6 Tuesday, May 13th 2008 ==

Thank you for attending.

You can download the presentation here''' https://www.owasp.org/images/7/70/OWASP_HelsinkiChapter_130508.pdf

Coverage of the event in local news (Finnish only) http://mikropc.net/uutiset/index.jsp?categoryId=atk&day=20080514#w2008051411524012715

'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki and Ravintola Kaisla, Vilhonkatu 4, 00100 Helsinki'''

'''Time: 16.00 - 20.00'''

Welcome to spring meeting 2008.

'''Schedule'''

'''16.00 - 16.10 OWASP update. Antti Laulajainen'''

'''16.10-17.00 Notes From The field, OWASP tools and usage experiences, Jarkko Holappa & Antti Laulajainen'''

'''17.30 - 20.00 Drinks at Ravintola Kaisla (Bring Your Own Wallet)'''

Hope to see as many of you as possible!

== OWASP Helsinki Chapter meeting #5 Tuesday, March 11th 2008 ==
'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki.'''

'''Time: 18.30 - 20.30'''

Welcome to first meeting of 2008. OWASP Helsinki resumes activities after winter break.

We are pleased to have as a speaker Technology Manager of Nokia Product Security, Alexandr Seleznyov. His topic will be current state of application security.

'''Schedule'''

'''18.30 - 18.40 OWASP update. Antti Laulajainen'''

'''18.40 - 20.30 Current State of Application Security. Alexandr Seleznyov'''

Hope to see as many of you as possible!

== OWASP Helsinki & RWSUG Seminar Tuesday, January 29th 2008 ==
'''Location: IBM, Laajalahdentie 23, 00330 Helsinki.'''
'''Time: 11.15 - 19.00'''

OWASP Helsinki and Rational and Websphere User Group Finland RWSUG are aiming to co-operate to raise application security awareness. OWASP Helsinki will have a presentation in RWSUG agility seminar. More information from http://www.rwsug.fi/default.asp?path=1,39,385

'''You can download the presentation here''' https://www.owasp.org/images/c/cd/RWSUG5_Agile_Security_Management.pdf

See program below. Most of it is Finnish only
*11.15 Ilmoittautuminen alkaa
*11.15-12.00 Buffet-lounas
*12.00-12.10 Tilaisuuden avaus Jussi Jutila, Puheenjohtaja, RWSUG ry

KEYNOTE

*12.10-13.30 Scaling Agile Software Development: Strategies for Applying Agile in Complex Situations Scott W. Ambler, Practice Leader Agile Development, IBM Canada
*13.30-13.45 Kahvitauko
*13.45-15.30 SOA liiketoiminnan näkökulmasta ja SOA toteutuksen näkökulmasta kansainvälisessa hankkeessa Kari Laine, IT Architect, IF ja Jarmo Laine, Senior Software Architect,Primasoft
*15.30-15.45 Tauko
*15.45-16.30 Ketterä tietoturvan hallinta ohjelmistotuotannossa Reijo Savola, VTT
*16.30-17.15 Jazz Update IBM
*17.15-19.00 Iltapalaa ja verkostoitumista IBM Forumissa
 

== OWASP Helsinki Introduction to ISACA Finland Thursday January 24th 2008 ==
OWASP Helsinki participated in ISACA Finland meeting to raise application security awareness among system auditors and inspectors.
 A presentation was held that introduced basic web techniques, some security issues, OWASP in general, OWASP projects and OWASP Helsinki chapter.
 
'''You can download the presentation here''': https://www.owasp.org/images/e/e4/OWASP_ISACA_20080124.pdf (Finnish Only)
 

== OWASP Helsinki meeting #4 Fall 2007 with Mark Curphey, Tuesday, October 2 2007 ==
'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki.'''

Thank you for all participants and Mark from great presentation.

Coverage of the meeting in the local news (in Finnish):
http://mikropc.net/uutiset/index.jsp?categoryId=atk&day=20071003#w2007100315112711629

We are delighted to have Mark Curphey - the OWASP founder and new head of Microsoft's ACE (Application Consulting & Engineering) team in Europe - to visit Finland and discuss web app security with us. Hopefully as many as of you possible can participate!

'''18:30 Welcome and recent Helsinki chapter activities. Antti Laulajainen'''

'''18:40 Naked Software Security. Mark Curphey'''
*Commentary on how to build secure software
*Thoughts on the industry

'''WELCOME!'''

== OWASP Helsinki meeting #3 Summer 2007: "SOA, Web Services & XML Security", Tuesday, June 5th 2007 ==

Date: June 5th

Location: Smilehouse, Itälahdenkatu 22A (Stonesoft building), Lauttasaari.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/tietoturva_docview.jsp?f_id=1186167

'''19:00 Welcome & quick recap of recent OWASP activity and the Spring conference. Mikko Saario.'''

'''19:15 Gunnar Peterson, CTO Arctec Group and project lead for the OWASP "XML Security Gateway Evaluation Criteria".'''

Gunnar will be visiting Finland to provide training via Tietoturva ry on this subject. Topics to be covered:
* XML Security Gateways
* Message level threats and security countermeasures in Web services
* OWASP XML Security Gateway Evaluation Criteria Project

'''20:15 "Real-life usage of OWASP tools". Alexandr Seleznyov, Nokia Product Security.'''

(There is a chance Alex cannot make it. In that case we will discuss SOA stuff in more detail or just head off to bar earlier.)

'''20:45 Enter Bar 52...'''
--> Enjoy (sponsored) beverages.

== OWASP Helsinki meeting #2 Winter 2007, Web Application Firewalls, Thursday, February 22 2007 ==

Thank you for the 29 participants, the speakers and the host - Nixu - for making this event happen!

'''Location: Nixu, Mäkelänkatu 91, 00601 Helsinki.'''

What are Web Application Firewalls (WAF), how do they work, what do they do and what don't they do. Discussion and sharing of experiences of various technologies and products.

'''18.30 Welcome. Mikko Saario, Chapter Leader.'''

Today's topic and agenda in short.

'''18.35 "Web Application Firewalls Technical Analysis". Joakim Sandström, CTO nSense.'''

http://www.owasp.org/images/6/6a/Owasp_waf_joakim.pdf

- Technology

- Blacklisting & Whitelisting

- mod_security features

- Do's and Don'ts

'''19.30 "The Core Rule Sets". Ofer Shezaf, CTO Breach Security.'''

http://www.owasp.org/images/f/f4/The_Core_Rule_Set_-_Ofer.pdf

- WAF deployment and protection strategies

- Detection of generic web layer attacks

- Virtual patching

== OWASP Helsinki meeting #1, Tuesday, Dec 12 2006 at Ernst & Young ==

The Helsinki chapter had the first meeting at Ernst & Young office in Elielinaukio 5 B. The agenda and the presentations for the meeting are below. We had a good turnout: 22 people were present i.e. all seats were taken - we were very happy to see all these people to be interested in application security issues.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/doc.do?f_id=1083463

'''18:30 Welcome. What is OWASP and why OWASP Helsinki?'''

Mikko Saario made a short presentation about OWASP and the objective for the local Helsinki chapter.

'''19:00 Analyzing Threats (Olli Wiren; olli [at] juurihoito.org)'''

Olli Wiren discussed application related threats and corresponding security issues.

http://www.owasp.org/images/7/7c/Owasp-olli.pdf

'''19:45 Open discussion regarding OWASP Helsinki; what is expected or wished; how to go ahead and so forth.'''

There was a lively discussion regarding what type of activities should be arranged in the future. More details will follow...

Helsinki

2008-11-05T14:26:38Z

Msaario: /* OWASP Helsinki Meeting: <TIME AND PLACE TO BE CONFIRMED> */

{{Chapter Template|chaptername=Helsinki|extra=The chapter leader is [mailto:antti@owasp.org Antti Laulajainen]
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-helsinki|emailarchives=http://lists.owasp.org/pipermail/owasp-helsinki}}

<paypal>Helsinki</paypal>

== Local News ==

'''Welcome to the OWASP Helsinki Chapter'''

The plan is to meet at least three to four times a year, each lasting 1,5-3 hours (more active "hands" means more meetings). This chapter is based in the capital area and therefore the meetings will be in or around Helsinki.

If you wish to present at one of the meetings or have any other inquiries, please contact the chapter leader.

== Current Activities ==

Currently OWASP Helsinki is working on the following tasks:
*[[Top 10 2007 Finnish]] aim to translate OWASP Top 10 list in Finnish

== OWASP Helsinki Meeting: <TIME AND PLACE TO BE CONFIRMED> ==

'''Location: Nokia Ruoholahti, Itämerenkatu 11-13, 00180 Helsinki'''

'''Time: 17:00-18:30'''

'''Schedule''' 

'''* Latest OWASP updates'''

i.e. something like 'the current state and progress of OWASP Top 10 Finnish translation'. 

'''* CERT-FI: A recent security vulnerability.'''

'''* Discussion'''

== OWASP Helsinki Web Hacking Workshop, Tuesday September 10th 2008 ==

'''Location: Teleware / KPMG, Laajalahdentie 23, 6. floor, reception at the ground floor, 00330 Helsinki'''

'''Time: 18.00 - 20.00'''

'''Schedule'''

'''18.00 Welcome and recent activities. Antti Laulajainen '''

'''18.05 Web Hacking Workshop, Anssi Porttikivi, Senior ICT Advisor KPMG/Teleware'''

*KPMG Oy IT Security Advisory marketing presentation 15 min
*Web hacking exercises and demonstrations in a laboratory class (using WebGoat and WebScarab tools)

'''Snacks available. Send your reservations to Anssi's mail address, anssi.porttikivi@kpmg.fi. Room for 20 participants.'''

'''Note! Be in time, because the reception closes at 18.'''

== OWASP Goes! CERT-FI, Thursday, June 12th 2008 ==

'''Location: Viestintävirasto, Itämerenkatu 3 A, 00180 Helsinki and One Pint Pub Santakatu 2, 00180 Helsinki'''

'''Time: 16.00 - 20.00'''

'''Schedule'''

'''16.00 Welcome and recent activities. Antti Laulajainen '''

'''16.10 Introduction of CERT-FI. Juhani Eronen, Information Security Adviser, CERT-FI'''

'''16.30 Vulnerability coordination. Juhani Eronen'''
* CERT-FI as a vulnerability coordinator
* Coordination examples

'''18.00 Possibility to continue the evening at the One Pint Pub'''
* If someone fancies a (self-financed) beer

'''Viestintävirasto asks those who wish to participate to the meeting to register in advance. For registrations please contact CERT-FI Unit Secretary Virpi Hienonen (virpi.hienonen(at)ficora.fi). The deadline is June 6, 2008.'''

== OWASP Helsinki Chapter meeting/Get Together #6 Tuesday, May 13th 2008 ==

Thank you for attending.

You can download the presentation here''' https://www.owasp.org/images/7/70/OWASP_HelsinkiChapter_130508.pdf

Coverage of the event in local news (Finnish only) http://mikropc.net/uutiset/index.jsp?categoryId=atk&day=20080514#w2008051411524012715

'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki and Ravintola Kaisla, Vilhonkatu 4, 00100 Helsinki'''

'''Time: 16.00 - 20.00'''

Welcome to spring meeting 2008.

'''Schedule'''

'''16.00 - 16.10 OWASP update. Antti Laulajainen'''

'''16.10-17.00 Notes From The field, OWASP tools and usage experiences, Jarkko Holappa & Antti Laulajainen'''

'''17.30 - 20.00 Drinks at Ravintola Kaisla (Bring Your Own Wallet)'''

Hope to see as many of you as possible!

== OWASP Helsinki Chapter meeting #5 Tuesday, March 11th 2008 ==
'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki.'''

'''Time: 18.30 - 20.30'''

Welcome to first meeting of 2008. OWASP Helsinki resumes activities after winter break.

We are pleased to have as a speaker Technology Manager of Nokia Product Security, Alexandr Seleznyov. His topic will be current state of application security.

'''Schedule'''

'''18.30 - 18.40 OWASP update. Antti Laulajainen'''

'''18.40 - 20.30 Current State of Application Security. Alexandr Seleznyov'''

Hope to see as many of you as possible!

== OWASP Helsinki & RWSUG Seminar Tuesday, January 29th 2008 ==
'''Location: IBM, Laajalahdentie 23, 00330 Helsinki.'''
'''Time: 11.15 - 19.00'''

OWASP Helsinki and Rational and Websphere User Group Finland RWSUG are aiming to co-operate to raise application security awareness. OWASP Helsinki will have a presentation in RWSUG agility seminar. More information from http://www.rwsug.fi/default.asp?path=1,39,385

'''You can download the presentation here''' https://www.owasp.org/images/c/cd/RWSUG5_Agile_Security_Management.pdf

See program below. Most of it is Finnish only
*11.15 Ilmoittautuminen alkaa
*11.15-12.00 Buffet-lounas
*12.00-12.10 Tilaisuuden avaus Jussi Jutila, Puheenjohtaja, RWSUG ry

KEYNOTE

*12.10-13.30 Scaling Agile Software Development: Strategies for Applying Agile in Complex Situations Scott W. Ambler, Practice Leader Agile Development, IBM Canada
*13.30-13.45 Kahvitauko
*13.45-15.30 SOA liiketoiminnan näkökulmasta ja SOA toteutuksen näkökulmasta kansainvälisessa hankkeessa Kari Laine, IT Architect, IF ja Jarmo Laine, Senior Software Architect,Primasoft
*15.30-15.45 Tauko
*15.45-16.30 Ketterä tietoturvan hallinta ohjelmistotuotannossa Reijo Savola, VTT
*16.30-17.15 Jazz Update IBM
*17.15-19.00 Iltapalaa ja verkostoitumista IBM Forumissa
 

== OWASP Helsinki Introduction to ISACA Finland Thursday January 24th 2008 ==
OWASP Helsinki participated in ISACA Finland meeting to raise application security awareness among system auditors and inspectors.
 A presentation was held that introduced basic web techniques, some security issues, OWASP in general, OWASP projects and OWASP Helsinki chapter.
 
'''You can download the presentation here''': https://www.owasp.org/images/e/e4/OWASP_ISACA_20080124.pdf (Finnish Only)
 

== OWASP Helsinki meeting #4 Fall 2007 with Mark Curphey, Tuesday, October 2 2007 ==
'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki.'''

Thank you for all participants and Mark from great presentation.

Coverage of the meeting in the local news (in Finnish):
http://mikropc.net/uutiset/index.jsp?categoryId=atk&day=20071003#w2007100315112711629

We are delighted to have Mark Curphey - the OWASP founder and new head of Microsoft's ACE (Application Consulting & Engineering) team in Europe - to visit Finland and discuss web app security with us. Hopefully as many as of you possible can participate!

'''18:30 Welcome and recent Helsinki chapter activities. Antti Laulajainen'''

'''18:40 Naked Software Security. Mark Curphey'''
*Commentary on how to build secure software
*Thoughts on the industry

'''WELCOME!'''

== OWASP Helsinki meeting #3 Summer 2007: "SOA, Web Services & XML Security", Tuesday, June 5th 2007 ==

Date: June 5th

Location: Smilehouse, Itälahdenkatu 22A (Stonesoft building), Lauttasaari.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/tietoturva_docview.jsp?f_id=1186167

'''19:00 Welcome & quick recap of recent OWASP activity and the Spring conference. Mikko Saario.'''

'''19:15 Gunnar Peterson, CTO Arctec Group and project lead for the OWASP "XML Security Gateway Evaluation Criteria".'''

Gunnar will be visiting Finland to provide training via Tietoturva ry on this subject. Topics to be covered:
* XML Security Gateways
* Message level threats and security countermeasures in Web services
* OWASP XML Security Gateway Evaluation Criteria Project

'''20:15 "Real-life usage of OWASP tools". Alexandr Seleznyov, Nokia Product Security.'''

(There is a chance Alex cannot make it. In that case we will discuss SOA stuff in more detail or just head off to bar earlier.)

'''20:45 Enter Bar 52...'''
--> Enjoy (sponsored) beverages.

== OWASP Helsinki meeting #2 Winter 2007, Web Application Firewalls, Thursday, February 22 2007 ==

Thank you for the 29 participants, the speakers and the host - Nixu - for making this event happen!

'''Location: Nixu, Mäkelänkatu 91, 00601 Helsinki.'''

What are Web Application Firewalls (WAF), how do they work, what do they do and what don't they do. Discussion and sharing of experiences of various technologies and products.

'''18.30 Welcome. Mikko Saario, Chapter Leader.'''

Today's topic and agenda in short.

'''18.35 "Web Application Firewalls Technical Analysis". Joakim Sandström, CTO nSense.'''

http://www.owasp.org/images/6/6a/Owasp_waf_joakim.pdf

- Technology

- Blacklisting & Whitelisting

- mod_security features

- Do's and Don'ts

'''19.30 "The Core Rule Sets". Ofer Shezaf, CTO Breach Security.'''

http://www.owasp.org/images/f/f4/The_Core_Rule_Set_-_Ofer.pdf

- WAF deployment and protection strategies

- Detection of generic web layer attacks

- Virtual patching

== OWASP Helsinki meeting #1, Tuesday, Dec 12 2006 at Ernst & Young ==

The Helsinki chapter had the first meeting at Ernst & Young office in Elielinaukio 5 B. The agenda and the presentations for the meeting are below. We had a good turnout: 22 people were present i.e. all seats were taken - we were very happy to see all these people to be interested in application security issues.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/doc.do?f_id=1083463

'''18:30 Welcome. What is OWASP and why OWASP Helsinki?'''

Mikko Saario made a short presentation about OWASP and the objective for the local Helsinki chapter.

'''19:00 Analyzing Threats (Olli Wiren; olli [at] juurihoito.org)'''

Olli Wiren discussed application related threats and corresponding security issues.

http://www.owasp.org/images/7/7c/Owasp-olli.pdf

'''19:45 Open discussion regarding OWASP Helsinki; what is expected or wished; how to go ahead and so forth.'''

There was a lively discussion regarding what type of activities should be arranged in the future. More details will follow...

Helsinki

2008-11-03T14:17:42Z

Msaario: /* OWASP Helsinki Meeting, Tuesday November 11th 2008 */

{{Chapter Template|chaptername=Helsinki|extra=The chapter leader is [mailto:antti@owasp.org Antti Laulajainen]
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-helsinki|emailarchives=http://lists.owasp.org/pipermail/owasp-helsinki}}

<paypal>Helsinki</paypal>

== Local News ==

'''Welcome to the OWASP Helsinki Chapter'''

The plan is to meet at least three to four times a year, each lasting 1,5-3 hours (more active "hands" means more meetings). This chapter is based in the capital area and therefore the meetings will be in or around Helsinki.

If you wish to present at one of the meetings or have any other inquiries, please contact the chapter leader.

== Current Activities ==

Currently OWASP Helsinki is working on the following tasks:
*[[Top 10 2007 Finnish]] aim to translate OWASP Top 10 list in Finnish

== OWASP Helsinki Meeting: <TIME AND PLACE TO BE CONFIRMED> ==

'''Location: TBD'''

'''Approximate time: TBD'''

'''Schedule''' 

'''* Latest OWASP updates'''

i.e. something like 'the current state and progress of OWASP Top 10 Finnish translation'. 

'''* MAIN TOPIC'''

''' [Sorry folks, we have had some issues locking down a main presentation, therefore this will likely move to a later date]'''

== OWASP Helsinki Web Hacking Workshop, Tuesday September 10th 2008 ==

'''Location: Teleware / KPMG, Laajalahdentie 23, 6. floor, reception at the ground floor, 00330 Helsinki'''

'''Time: 18.00 - 20.00'''

'''Schedule'''

'''18.00 Welcome and recent activities. Antti Laulajainen '''

'''18.05 Web Hacking Workshop, Anssi Porttikivi, Senior ICT Advisor KPMG/Teleware'''

*KPMG Oy IT Security Advisory marketing presentation 15 min
*Web hacking exercises and demonstrations in a laboratory class (using WebGoat and WebScarab tools)

'''Snacks available. Send your reservations to Anssi's mail address, anssi.porttikivi@kpmg.fi. Room for 20 participants.'''

'''Note! Be in time, because the reception closes at 18.'''

== OWASP Goes! CERT-FI, Thursday, June 12th 2008 ==

'''Location: Viestintävirasto, Itämerenkatu 3 A, 00180 Helsinki and One Pint Pub Santakatu 2, 00180 Helsinki'''

'''Time: 16.00 - 20.00'''

'''Schedule'''

'''16.00 Welcome and recent activities. Antti Laulajainen '''

'''16.10 Introduction of CERT-FI. Juhani Eronen, Information Security Adviser, CERT-FI'''

'''16.30 Vulnerability coordination. Juhani Eronen'''
* CERT-FI as a vulnerability coordinator
* Coordination examples

'''18.00 Possibility to continue the evening at the One Pint Pub'''
* If someone fancies a (self-financed) beer

'''Viestintävirasto asks those who wish to participate to the meeting to register in advance. For registrations please contact CERT-FI Unit Secretary Virpi Hienonen (virpi.hienonen(at)ficora.fi). The deadline is June 6, 2008.'''

== OWASP Helsinki Chapter meeting/Get Together #6 Tuesday, May 13th 2008 ==

Thank you for attending.

You can download the presentation here''' https://www.owasp.org/images/7/70/OWASP_HelsinkiChapter_130508.pdf

Coverage of the event in local news (Finnish only) http://mikropc.net/uutiset/index.jsp?categoryId=atk&day=20080514#w2008051411524012715

'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki and Ravintola Kaisla, Vilhonkatu 4, 00100 Helsinki'''

'''Time: 16.00 - 20.00'''

Welcome to spring meeting 2008.

'''Schedule'''

'''16.00 - 16.10 OWASP update. Antti Laulajainen'''

'''16.10-17.00 Notes From The field, OWASP tools and usage experiences, Jarkko Holappa & Antti Laulajainen'''

'''17.30 - 20.00 Drinks at Ravintola Kaisla (Bring Your Own Wallet)'''

Hope to see as many of you as possible!

== OWASP Helsinki Chapter meeting #5 Tuesday, March 11th 2008 ==
'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki.'''

'''Time: 18.30 - 20.30'''

Welcome to first meeting of 2008. OWASP Helsinki resumes activities after winter break.

We are pleased to have as a speaker Technology Manager of Nokia Product Security, Alexandr Seleznyov. His topic will be current state of application security.

'''Schedule'''

'''18.30 - 18.40 OWASP update. Antti Laulajainen'''

'''18.40 - 20.30 Current State of Application Security. Alexandr Seleznyov'''

Hope to see as many of you as possible!

== OWASP Helsinki & RWSUG Seminar Tuesday, January 29th 2008 ==
'''Location: IBM, Laajalahdentie 23, 00330 Helsinki.'''
'''Time: 11.15 - 19.00'''

OWASP Helsinki and Rational and Websphere User Group Finland RWSUG are aiming to co-operate to raise application security awareness. OWASP Helsinki will have a presentation in RWSUG agility seminar. More information from http://www.rwsug.fi/default.asp?path=1,39,385

'''You can download the presentation here''' https://www.owasp.org/images/c/cd/RWSUG5_Agile_Security_Management.pdf

See program below. Most of it is Finnish only
*11.15 Ilmoittautuminen alkaa
*11.15-12.00 Buffet-lounas
*12.00-12.10 Tilaisuuden avaus Jussi Jutila, Puheenjohtaja, RWSUG ry

KEYNOTE

*12.10-13.30 Scaling Agile Software Development: Strategies for Applying Agile in Complex Situations Scott W. Ambler, Practice Leader Agile Development, IBM Canada
*13.30-13.45 Kahvitauko
*13.45-15.30 SOA liiketoiminnan näkökulmasta ja SOA toteutuksen näkökulmasta kansainvälisessa hankkeessa Kari Laine, IT Architect, IF ja Jarmo Laine, Senior Software Architect,Primasoft
*15.30-15.45 Tauko
*15.45-16.30 Ketterä tietoturvan hallinta ohjelmistotuotannossa Reijo Savola, VTT
*16.30-17.15 Jazz Update IBM
*17.15-19.00 Iltapalaa ja verkostoitumista IBM Forumissa
 

== OWASP Helsinki Introduction to ISACA Finland Thursday January 24th 2008 ==
OWASP Helsinki participated in ISACA Finland meeting to raise application security awareness among system auditors and inspectors.
 A presentation was held that introduced basic web techniques, some security issues, OWASP in general, OWASP projects and OWASP Helsinki chapter.
 
'''You can download the presentation here''': https://www.owasp.org/images/e/e4/OWASP_ISACA_20080124.pdf (Finnish Only)
 

== OWASP Helsinki meeting #4 Fall 2007 with Mark Curphey, Tuesday, October 2 2007 ==
'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki.'''

Thank you for all participants and Mark from great presentation.

Coverage of the meeting in the local news (in Finnish):
http://mikropc.net/uutiset/index.jsp?categoryId=atk&day=20071003#w2007100315112711629

We are delighted to have Mark Curphey - the OWASP founder and new head of Microsoft's ACE (Application Consulting & Engineering) team in Europe - to visit Finland and discuss web app security with us. Hopefully as many as of you possible can participate!

'''18:30 Welcome and recent Helsinki chapter activities. Antti Laulajainen'''

'''18:40 Naked Software Security. Mark Curphey'''
*Commentary on how to build secure software
*Thoughts on the industry

'''WELCOME!'''

== OWASP Helsinki meeting #3 Summer 2007: "SOA, Web Services & XML Security", Tuesday, June 5th 2007 ==

Date: June 5th

Location: Smilehouse, Itälahdenkatu 22A (Stonesoft building), Lauttasaari.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/tietoturva_docview.jsp?f_id=1186167

'''19:00 Welcome & quick recap of recent OWASP activity and the Spring conference. Mikko Saario.'''

'''19:15 Gunnar Peterson, CTO Arctec Group and project lead for the OWASP "XML Security Gateway Evaluation Criteria".'''

Gunnar will be visiting Finland to provide training via Tietoturva ry on this subject. Topics to be covered:
* XML Security Gateways
* Message level threats and security countermeasures in Web services
* OWASP XML Security Gateway Evaluation Criteria Project

'''20:15 "Real-life usage of OWASP tools". Alexandr Seleznyov, Nokia Product Security.'''

(There is a chance Alex cannot make it. In that case we will discuss SOA stuff in more detail or just head off to bar earlier.)

'''20:45 Enter Bar 52...'''
--> Enjoy (sponsored) beverages.

== OWASP Helsinki meeting #2 Winter 2007, Web Application Firewalls, Thursday, February 22 2007 ==

Thank you for the 29 participants, the speakers and the host - Nixu - for making this event happen!

'''Location: Nixu, Mäkelänkatu 91, 00601 Helsinki.'''

What are Web Application Firewalls (WAF), how do they work, what do they do and what don't they do. Discussion and sharing of experiences of various technologies and products.

'''18.30 Welcome. Mikko Saario, Chapter Leader.'''

Today's topic and agenda in short.

'''18.35 "Web Application Firewalls Technical Analysis". Joakim Sandström, CTO nSense.'''

http://www.owasp.org/images/6/6a/Owasp_waf_joakim.pdf

- Technology

- Blacklisting & Whitelisting

- mod_security features

- Do's and Don'ts

'''19.30 "The Core Rule Sets". Ofer Shezaf, CTO Breach Security.'''

http://www.owasp.org/images/f/f4/The_Core_Rule_Set_-_Ofer.pdf

- WAF deployment and protection strategies

- Detection of generic web layer attacks

- Virtual patching

== OWASP Helsinki meeting #1, Tuesday, Dec 12 2006 at Ernst & Young ==

The Helsinki chapter had the first meeting at Ernst & Young office in Elielinaukio 5 B. The agenda and the presentations for the meeting are below. We had a good turnout: 22 people were present i.e. all seats were taken - we were very happy to see all these people to be interested in application security issues.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/doc.do?f_id=1083463

'''18:30 Welcome. What is OWASP and why OWASP Helsinki?'''

Mikko Saario made a short presentation about OWASP and the objective for the local Helsinki chapter.

'''19:00 Analyzing Threats (Olli Wiren; olli [at] juurihoito.org)'''

Olli Wiren discussed application related threats and corresponding security issues.

http://www.owasp.org/images/7/7c/Owasp-olli.pdf

'''19:45 Open discussion regarding OWASP Helsinki; what is expected or wished; how to go ahead and so forth.'''

There was a lively discussion regarding what type of activities should be arranged in the future. More details will follow...

Helsinki

2008-10-24T11:39:54Z

Msaario: /* OWASP Helsinki Meeting, Tuesday November 11th 2008 */

{{Chapter Template|chaptername=Helsinki|extra=The chapter leader is [mailto:antti@owasp.org Antti Laulajainen]
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-helsinki|emailarchives=http://lists.owasp.org/pipermail/owasp-helsinki}}

<paypal>Helsinki</paypal>

== Local News ==

'''Welcome to the OWASP Helsinki Chapter'''

The plan is to meet at least three to four times a year, each lasting 1,5-3 hours (more active "hands" means more meetings). This chapter is based in the capital area and therefore the meetings will be in or around Helsinki.

If you wish to present at one of the meetings or have any other inquiries, please contact the chapter leader.

== Current Activities ==

Currently OWASP Helsinki is working on the following tasks:
*[[Top 10 2007 Finnish]] aim to translate OWASP Top 10 list in Finnish

== OWASP Helsinki Meeting, Tuesday November 11th 2008 ==

'''Location: Nokia Ruoholahti, Itämerenkatu 11 - 13, 00180 Helsinki'''

'''Approximate time: 17.00 - 18.30'''

'''Schedule (working titles at this time - indicative of planned contents)''' 

'''* Latest OWASP updates'''

i.e. something like 'the current state and progress of OWASP Top 10 Finnish translation'. 

'''* [More discussions being planned]'''

''''' STAY TUNED!'''''

== OWASP Helsinki Web Hacking Workshop, Tuesday September 10th 2008 ==

'''Location: Teleware / KPMG, Laajalahdentie 23, 6. floor, reception at the ground floor, 00330 Helsinki'''

'''Time: 18.00 - 20.00'''

'''Schedule'''

'''18.00 Welcome and recent activities. Antti Laulajainen '''

'''18.05 Web Hacking Workshop, Anssi Porttikivi, Senior ICT Advisor KPMG/Teleware'''

*KPMG Oy IT Security Advisory marketing presentation 15 min
*Web hacking exercises and demonstrations in a laboratory class (using WebGoat and WebScarab tools)

'''Snacks available. Send your reservations to Anssi's mail address, anssi.porttikivi@kpmg.fi. Room for 20 participants.'''

'''Note! Be in time, because the reception closes at 18.'''

== OWASP Goes! CERT-FI, Thursday, June 12th 2008 ==

'''Location: Viestintävirasto, Itämerenkatu 3 A, 00180 Helsinki and One Pint Pub Santakatu 2, 00180 Helsinki'''

'''Time: 16.00 - 20.00'''

'''Schedule'''

'''16.00 Welcome and recent activities. Antti Laulajainen '''

'''16.10 Introduction of CERT-FI. Juhani Eronen, Information Security Adviser, CERT-FI'''

'''16.30 Vulnerability coordination. Juhani Eronen'''
* CERT-FI as a vulnerability coordinator
* Coordination examples

'''18.00 Possibility to continue the evening at the One Pint Pub'''
* If someone fancies a (self-financed) beer

'''Viestintävirasto asks those who wish to participate to the meeting to register in advance. For registrations please contact CERT-FI Unit Secretary Virpi Hienonen (virpi.hienonen(at)ficora.fi). The deadline is June 6, 2008.'''

== OWASP Helsinki Chapter meeting/Get Together #6 Tuesday, May 13th 2008 ==

Thank you for attending.

You can download the presentation here''' https://www.owasp.org/images/7/70/OWASP_HelsinkiChapter_130508.pdf

Coverage of the event in local news (Finnish only) http://mikropc.net/uutiset/index.jsp?categoryId=atk&day=20080514#w2008051411524012715

'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki and Ravintola Kaisla, Vilhonkatu 4, 00100 Helsinki'''

'''Time: 16.00 - 20.00'''

Welcome to spring meeting 2008.

'''Schedule'''

'''16.00 - 16.10 OWASP update. Antti Laulajainen'''

'''16.10-17.00 Notes From The field, OWASP tools and usage experiences, Jarkko Holappa & Antti Laulajainen'''

'''17.30 - 20.00 Drinks at Ravintola Kaisla (Bring Your Own Wallet)'''

Hope to see as many of you as possible!

== OWASP Helsinki Chapter meeting #5 Tuesday, March 11th 2008 ==
'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki.'''

'''Time: 18.30 - 20.30'''

Welcome to first meeting of 2008. OWASP Helsinki resumes activities after winter break.

We are pleased to have as a speaker Technology Manager of Nokia Product Security, Alexandr Seleznyov. His topic will be current state of application security.

'''Schedule'''

'''18.30 - 18.40 OWASP update. Antti Laulajainen'''

'''18.40 - 20.30 Current State of Application Security. Alexandr Seleznyov'''

Hope to see as many of you as possible!

== OWASP Helsinki & RWSUG Seminar Tuesday, January 29th 2008 ==
'''Location: IBM, Laajalahdentie 23, 00330 Helsinki.'''
'''Time: 11.15 - 19.00'''

OWASP Helsinki and Rational and Websphere User Group Finland RWSUG are aiming to co-operate to raise application security awareness. OWASP Helsinki will have a presentation in RWSUG agility seminar. More information from http://www.rwsug.fi/default.asp?path=1,39,385

'''You can download the presentation here''' https://www.owasp.org/images/c/cd/RWSUG5_Agile_Security_Management.pdf

See program below. Most of it is Finnish only
*11.15 Ilmoittautuminen alkaa
*11.15-12.00 Buffet-lounas
*12.00-12.10 Tilaisuuden avaus Jussi Jutila, Puheenjohtaja, RWSUG ry

KEYNOTE

*12.10-13.30 Scaling Agile Software Development: Strategies for Applying Agile in Complex Situations Scott W. Ambler, Practice Leader Agile Development, IBM Canada
*13.30-13.45 Kahvitauko
*13.45-15.30 SOA liiketoiminnan näkökulmasta ja SOA toteutuksen näkökulmasta kansainvälisessa hankkeessa Kari Laine, IT Architect, IF ja Jarmo Laine, Senior Software Architect,Primasoft
*15.30-15.45 Tauko
*15.45-16.30 Ketterä tietoturvan hallinta ohjelmistotuotannossa Reijo Savola, VTT
*16.30-17.15 Jazz Update IBM
*17.15-19.00 Iltapalaa ja verkostoitumista IBM Forumissa
 

== OWASP Helsinki Introduction to ISACA Finland Thursday January 24th 2008 ==
OWASP Helsinki participated in ISACA Finland meeting to raise application security awareness among system auditors and inspectors.
 A presentation was held that introduced basic web techniques, some security issues, OWASP in general, OWASP projects and OWASP Helsinki chapter.
 
'''You can download the presentation here''': https://www.owasp.org/images/e/e4/OWASP_ISACA_20080124.pdf (Finnish Only)
 

== OWASP Helsinki meeting #4 Fall 2007 with Mark Curphey, Tuesday, October 2 2007 ==
'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki.'''

Thank you for all participants and Mark from great presentation.

Coverage of the meeting in the local news (in Finnish):
http://mikropc.net/uutiset/index.jsp?categoryId=atk&day=20071003#w2007100315112711629

We are delighted to have Mark Curphey - the OWASP founder and new head of Microsoft's ACE (Application Consulting & Engineering) team in Europe - to visit Finland and discuss web app security with us. Hopefully as many as of you possible can participate!

'''18:30 Welcome and recent Helsinki chapter activities. Antti Laulajainen'''

'''18:40 Naked Software Security. Mark Curphey'''
*Commentary on how to build secure software
*Thoughts on the industry

'''WELCOME!'''

== OWASP Helsinki meeting #3 Summer 2007: "SOA, Web Services & XML Security", Tuesday, June 5th 2007 ==

Date: June 5th

Location: Smilehouse, Itälahdenkatu 22A (Stonesoft building), Lauttasaari.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/tietoturva_docview.jsp?f_id=1186167

'''19:00 Welcome & quick recap of recent OWASP activity and the Spring conference. Mikko Saario.'''

'''19:15 Gunnar Peterson, CTO Arctec Group and project lead for the OWASP "XML Security Gateway Evaluation Criteria".'''

Gunnar will be visiting Finland to provide training via Tietoturva ry on this subject. Topics to be covered:
* XML Security Gateways
* Message level threats and security countermeasures in Web services
* OWASP XML Security Gateway Evaluation Criteria Project

'''20:15 "Real-life usage of OWASP tools". Alexandr Seleznyov, Nokia Product Security.'''

(There is a chance Alex cannot make it. In that case we will discuss SOA stuff in more detail or just head off to bar earlier.)

'''20:45 Enter Bar 52...'''
--> Enjoy (sponsored) beverages.

== OWASP Helsinki meeting #2 Winter 2007, Web Application Firewalls, Thursday, February 22 2007 ==

Thank you for the 29 participants, the speakers and the host - Nixu - for making this event happen!

'''Location: Nixu, Mäkelänkatu 91, 00601 Helsinki.'''

What are Web Application Firewalls (WAF), how do they work, what do they do and what don't they do. Discussion and sharing of experiences of various technologies and products.

'''18.30 Welcome. Mikko Saario, Chapter Leader.'''

Today's topic and agenda in short.

'''18.35 "Web Application Firewalls Technical Analysis". Joakim Sandström, CTO nSense.'''

http://www.owasp.org/images/6/6a/Owasp_waf_joakim.pdf

- Technology

- Blacklisting & Whitelisting

- mod_security features

- Do's and Don'ts

'''19.30 "The Core Rule Sets". Ofer Shezaf, CTO Breach Security.'''

http://www.owasp.org/images/f/f4/The_Core_Rule_Set_-_Ofer.pdf

- WAF deployment and protection strategies

- Detection of generic web layer attacks

- Virtual patching

== OWASP Helsinki meeting #1, Tuesday, Dec 12 2006 at Ernst & Young ==

The Helsinki chapter had the first meeting at Ernst & Young office in Elielinaukio 5 B. The agenda and the presentations for the meeting are below. We had a good turnout: 22 people were present i.e. all seats were taken - we were very happy to see all these people to be interested in application security issues.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/doc.do?f_id=1083463

'''18:30 Welcome. What is OWASP and why OWASP Helsinki?'''

Mikko Saario made a short presentation about OWASP and the objective for the local Helsinki chapter.

'''19:00 Analyzing Threats (Olli Wiren; olli [at] juurihoito.org)'''

Olli Wiren discussed application related threats and corresponding security issues.

http://www.owasp.org/images/7/7c/Owasp-olli.pdf

'''19:45 Open discussion regarding OWASP Helsinki; what is expected or wished; how to go ahead and so forth.'''

There was a lively discussion regarding what type of activities should be arranged in the future. More details will follow...

Helsinki

2008-10-24T06:33:42Z

Msaario: /* OWASP Helsinki Meeting, Tuesday November 11th 2008 */

{{Chapter Template|chaptername=Helsinki|extra=The chapter leader is [mailto:antti@owasp.org Antti Laulajainen]
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-helsinki|emailarchives=http://lists.owasp.org/pipermail/owasp-helsinki}}

<paypal>Helsinki</paypal>

== Local News ==

'''Welcome to the OWASP Helsinki Chapter'''

The plan is to meet at least three to four times a year, each lasting 1,5-3 hours (more active "hands" means more meetings). This chapter is based in the capital area and therefore the meetings will be in or around Helsinki.

If you wish to present at one of the meetings or have any other inquiries, please contact the chapter leader.

== Current Activities ==

Currently OWASP Helsinki is working on the following tasks:
*[[Top 10 2007 Finnish]] aim to translate OWASP Top 10 list in Finnish

== OWASP Helsinki Meeting, Tuesday November 11th 2008 ==

'''Location: Nokia Ruoholahti, Itämerenkatu 11 - 13, 00180 Helsinki'''

'''Time: 17.00 - 18.30'''

'''Schedule (working titles at this time - indicative of planned contents)''' 

'''* Latest OWASP updates'''

i.e. something like 'the current state and progress of OWASP Top 10 Finnish translation'. 

'''* Detailed analysis of a real-life web intrusion'''

'''* What can be the consequences of a seemingly innocent security issue?'''

'''* [One more discussion being planned]'''

''''' STAY TUNED!'''''

== OWASP Helsinki Web Hacking Workshop, Tuesday September 10th 2008 ==

'''Location: Teleware / KPMG, Laajalahdentie 23, 6. floor, reception at the ground floor, 00330 Helsinki'''

'''Time: 18.00 - 20.00'''

'''Schedule'''

'''18.00 Welcome and recent activities. Antti Laulajainen '''

'''18.05 Web Hacking Workshop, Anssi Porttikivi, Senior ICT Advisor KPMG/Teleware'''

*KPMG Oy IT Security Advisory marketing presentation 15 min
*Web hacking exercises and demonstrations in a laboratory class (using WebGoat and WebScarab tools)

'''Snacks available. Send your reservations to Anssi's mail address, anssi.porttikivi@kpmg.fi. Room for 20 participants.'''

'''Note! Be in time, because the reception closes at 18.'''

== OWASP Goes! CERT-FI, Thursday, June 12th 2008 ==

'''Location: Viestintävirasto, Itämerenkatu 3 A, 00180 Helsinki and One Pint Pub Santakatu 2, 00180 Helsinki'''

'''Time: 16.00 - 20.00'''

'''Schedule'''

'''16.00 Welcome and recent activities. Antti Laulajainen '''

'''16.10 Introduction of CERT-FI. Juhani Eronen, Information Security Adviser, CERT-FI'''

'''16.30 Vulnerability coordination. Juhani Eronen'''
* CERT-FI as a vulnerability coordinator
* Coordination examples

'''18.00 Possibility to continue the evening at the One Pint Pub'''
* If someone fancies a (self-financed) beer

'''Viestintävirasto asks those who wish to participate to the meeting to register in advance. For registrations please contact CERT-FI Unit Secretary Virpi Hienonen (virpi.hienonen(at)ficora.fi). The deadline is June 6, 2008.'''

== OWASP Helsinki Chapter meeting/Get Together #6 Tuesday, May 13th 2008 ==

Thank you for attending.

You can download the presentation here''' https://www.owasp.org/images/7/70/OWASP_HelsinkiChapter_130508.pdf

Coverage of the event in local news (Finnish only) http://mikropc.net/uutiset/index.jsp?categoryId=atk&day=20080514#w2008051411524012715

'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki and Ravintola Kaisla, Vilhonkatu 4, 00100 Helsinki'''

'''Time: 16.00 - 20.00'''

Welcome to spring meeting 2008.

'''Schedule'''

'''16.00 - 16.10 OWASP update. Antti Laulajainen'''

'''16.10-17.00 Notes From The field, OWASP tools and usage experiences, Jarkko Holappa & Antti Laulajainen'''

'''17.30 - 20.00 Drinks at Ravintola Kaisla (Bring Your Own Wallet)'''

Hope to see as many of you as possible!

== OWASP Helsinki Chapter meeting #5 Tuesday, March 11th 2008 ==
'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki.'''

'''Time: 18.30 - 20.30'''

Welcome to first meeting of 2008. OWASP Helsinki resumes activities after winter break.

We are pleased to have as a speaker Technology Manager of Nokia Product Security, Alexandr Seleznyov. His topic will be current state of application security.

'''Schedule'''

'''18.30 - 18.40 OWASP update. Antti Laulajainen'''

'''18.40 - 20.30 Current State of Application Security. Alexandr Seleznyov'''

Hope to see as many of you as possible!

== OWASP Helsinki & RWSUG Seminar Tuesday, January 29th 2008 ==
'''Location: IBM, Laajalahdentie 23, 00330 Helsinki.'''
'''Time: 11.15 - 19.00'''

OWASP Helsinki and Rational and Websphere User Group Finland RWSUG are aiming to co-operate to raise application security awareness. OWASP Helsinki will have a presentation in RWSUG agility seminar. More information from http://www.rwsug.fi/default.asp?path=1,39,385

'''You can download the presentation here''' https://www.owasp.org/images/c/cd/RWSUG5_Agile_Security_Management.pdf

See program below. Most of it is Finnish only
*11.15 Ilmoittautuminen alkaa
*11.15-12.00 Buffet-lounas
*12.00-12.10 Tilaisuuden avaus Jussi Jutila, Puheenjohtaja, RWSUG ry

KEYNOTE

*12.10-13.30 Scaling Agile Software Development: Strategies for Applying Agile in Complex Situations Scott W. Ambler, Practice Leader Agile Development, IBM Canada
*13.30-13.45 Kahvitauko
*13.45-15.30 SOA liiketoiminnan näkökulmasta ja SOA toteutuksen näkökulmasta kansainvälisessa hankkeessa Kari Laine, IT Architect, IF ja Jarmo Laine, Senior Software Architect,Primasoft
*15.30-15.45 Tauko
*15.45-16.30 Ketterä tietoturvan hallinta ohjelmistotuotannossa Reijo Savola, VTT
*16.30-17.15 Jazz Update IBM
*17.15-19.00 Iltapalaa ja verkostoitumista IBM Forumissa
 

== OWASP Helsinki Introduction to ISACA Finland Thursday January 24th 2008 ==
OWASP Helsinki participated in ISACA Finland meeting to raise application security awareness among system auditors and inspectors.
 A presentation was held that introduced basic web techniques, some security issues, OWASP in general, OWASP projects and OWASP Helsinki chapter.
 
'''You can download the presentation here''': https://www.owasp.org/images/e/e4/OWASP_ISACA_20080124.pdf (Finnish Only)
 

== OWASP Helsinki meeting #4 Fall 2007 with Mark Curphey, Tuesday, October 2 2007 ==
'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki.'''

Thank you for all participants and Mark from great presentation.

Coverage of the meeting in the local news (in Finnish):
http://mikropc.net/uutiset/index.jsp?categoryId=atk&day=20071003#w2007100315112711629

We are delighted to have Mark Curphey - the OWASP founder and new head of Microsoft's ACE (Application Consulting & Engineering) team in Europe - to visit Finland and discuss web app security with us. Hopefully as many as of you possible can participate!

'''18:30 Welcome and recent Helsinki chapter activities. Antti Laulajainen'''

'''18:40 Naked Software Security. Mark Curphey'''
*Commentary on how to build secure software
*Thoughts on the industry

'''WELCOME!'''

== OWASP Helsinki meeting #3 Summer 2007: "SOA, Web Services & XML Security", Tuesday, June 5th 2007 ==

Date: June 5th

Location: Smilehouse, Itälahdenkatu 22A (Stonesoft building), Lauttasaari.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/tietoturva_docview.jsp?f_id=1186167

'''19:00 Welcome & quick recap of recent OWASP activity and the Spring conference. Mikko Saario.'''

'''19:15 Gunnar Peterson, CTO Arctec Group and project lead for the OWASP "XML Security Gateway Evaluation Criteria".'''

Gunnar will be visiting Finland to provide training via Tietoturva ry on this subject. Topics to be covered:
* XML Security Gateways
* Message level threats and security countermeasures in Web services
* OWASP XML Security Gateway Evaluation Criteria Project

'''20:15 "Real-life usage of OWASP tools". Alexandr Seleznyov, Nokia Product Security.'''

(There is a chance Alex cannot make it. In that case we will discuss SOA stuff in more detail or just head off to bar earlier.)

'''20:45 Enter Bar 52...'''
--> Enjoy (sponsored) beverages.

== OWASP Helsinki meeting #2 Winter 2007, Web Application Firewalls, Thursday, February 22 2007 ==

Thank you for the 29 participants, the speakers and the host - Nixu - for making this event happen!

'''Location: Nixu, Mäkelänkatu 91, 00601 Helsinki.'''

What are Web Application Firewalls (WAF), how do they work, what do they do and what don't they do. Discussion and sharing of experiences of various technologies and products.

'''18.30 Welcome. Mikko Saario, Chapter Leader.'''

Today's topic and agenda in short.

'''18.35 "Web Application Firewalls Technical Analysis". Joakim Sandström, CTO nSense.'''

http://www.owasp.org/images/6/6a/Owasp_waf_joakim.pdf

- Technology

- Blacklisting & Whitelisting

- mod_security features

- Do's and Don'ts

'''19.30 "The Core Rule Sets". Ofer Shezaf, CTO Breach Security.'''

http://www.owasp.org/images/f/f4/The_Core_Rule_Set_-_Ofer.pdf

- WAF deployment and protection strategies

- Detection of generic web layer attacks

- Virtual patching

== OWASP Helsinki meeting #1, Tuesday, Dec 12 2006 at Ernst & Young ==

The Helsinki chapter had the first meeting at Ernst & Young office in Elielinaukio 5 B. The agenda and the presentations for the meeting are below. We had a good turnout: 22 people were present i.e. all seats were taken - we were very happy to see all these people to be interested in application security issues.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/doc.do?f_id=1083463

'''18:30 Welcome. What is OWASP and why OWASP Helsinki?'''

Mikko Saario made a short presentation about OWASP and the objective for the local Helsinki chapter.

'''19:00 Analyzing Threats (Olli Wiren; olli [at] juurihoito.org)'''

Olli Wiren discussed application related threats and corresponding security issues.

http://www.owasp.org/images/7/7c/Owasp-olli.pdf

'''19:45 Open discussion regarding OWASP Helsinki; what is expected or wished; how to go ahead and so forth.'''

There was a lively discussion regarding what type of activities should be arranged in the future. More details will follow...

Helsinki

2008-10-01T13:54:06Z

Msaario: /* OWASP Helsinki Meeting, Tuesday November 11th 2008 */

{{Chapter Template|chaptername=Helsinki|extra=The chapter leader is [mailto:antti@owasp.org Antti Laulajainen]
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-helsinki|emailarchives=http://lists.owasp.org/pipermail/owasp-helsinki}}

== Local News ==

'''Welcome to the OWASP Helsinki Chapter'''

The plan is to meet at least three to four times a year, each lasting 1,5-3 hours (more active "hands" means more meetings). This chapter is based in the capital area and therefore the meetings will be in or around Helsinki.

If you wish to present at one of the meetings or have any other inquiries, please contact the chapter leader.

== Current Activities ==

Currently OWASP Helsinki is working on the following tasks:
*[[Top 10 2007 Finnish]] aim to translate OWASP Top 10 list in Finnish

== OWASP Helsinki Meeting, Tuesday November 11th 2008 ==

'''Location: Nokia Ruoholahti, Itämerenkatu 11 - 13, 00180 Helsinki'''

'''Time: 17.00 - 18.30 (NEW TIME)'''

'''Schedule (working titles at this time - indicative of planned contents)'''

'''* Latest OWASP updates'''

'''* Real-life incident dissemination(s)'''

'''* What can be the consequences of a seemingly innocent security issue?'''

== OWASP Helsinki Web Hacking Workshop, Tuesday September 10th 2008 ==

'''Location: Teleware / KPMG, Laajalahdentie 23, 6. floor, reception at the ground floor, 00330 Helsinki'''

'''Time: 18.00 - 20.00'''

'''Schedule'''

'''18.00 Welcome and recent activities. Antti Laulajainen '''

'''18.05 Web Hacking Workshop, Anssi Porttikivi, Senior ICT Advisor KPMG/Teleware'''

*KPMG Oy IT Security Advisory marketing presentation 15 min
*Web hacking exercises and demonstrations in a laboratory class (using WebGoat and WebScarab tools)

'''Snacks available. Send your reservations to Anssi's mail address, anssi.porttikivi@kpmg.fi. Room for 20 participants.'''

'''Note! Be in time, because the reception closes at 18.'''

== OWASP Goes! CERT-FI, Thursday, June 12th 2008 ==

'''Location: Viestintävirasto, Itämerenkatu 3 A, 00180 Helsinki and One Pint Pub Santakatu 2, 00180 Helsinki'''

'''Time: 16.00 - 20.00'''

'''Schedule'''

'''16.00 Welcome and recent activities. Antti Laulajainen '''

'''16.10 Introduction of CERT-FI. Juhani Eronen, Information Security Adviser, CERT-FI'''

'''16.30 Vulnerability coordination. Juhani Eronen'''
* CERT-FI as a vulnerability coordinator
* Coordination examples

'''18.00 Possibility to continue the evening at the One Pint Pub'''
* If someone fancies a (self-financed) beer

'''Viestintävirasto asks those who wish to participate to the meeting to register in advance. For registrations please contact CERT-FI Unit Secretary Virpi Hienonen (virpi.hienonen(at)ficora.fi). The deadline is June 6, 2008.'''

== OWASP Helsinki Chapter meeting/Get Together #6 Tuesday, May 13th 2008 ==

Thank you for attending.

You can download the presentation here''' https://www.owasp.org/images/7/70/OWASP_HelsinkiChapter_130508.pdf

Coverage of the event in local news (Finnish only) http://mikropc.net/uutiset/index.jsp?categoryId=atk&day=20080514#w2008051411524012715

'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki and Ravintola Kaisla, Vilhonkatu 4, 00100 Helsinki'''

'''Time: 16.00 - 20.00'''

Welcome to spring meeting 2008.

'''Schedule'''

'''16.00 - 16.10 OWASP update. Antti Laulajainen'''

'''16.10-17.00 Notes From The field, OWASP tools and usage experiences, Jarkko Holappa & Antti Laulajainen'''

'''17.30 - 20.00 Drinks at Ravintola Kaisla (Bring Your Own Wallet)'''

Hope to see as many of you as possible!

== OWASP Helsinki Chapter meeting #5 Tuesday, March 11th 2008 ==
'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki.'''

'''Time: 18.30 - 20.30'''

Welcome to first meeting of 2008. OWASP Helsinki resumes activities after winter break.

We are pleased to have as a speaker Technology Manager of Nokia Product Security, Alexandr Seleznyov. His topic will be current state of application security.

'''Schedule'''

'''18.30 - 18.40 OWASP update. Antti Laulajainen'''

'''18.40 - 20.30 Current State of Application Security. Alexandr Seleznyov'''

Hope to see as many of you as possible!

== OWASP Helsinki & RWSUG Seminar Tuesday, January 29th 2008 ==
'''Location: IBM, Laajalahdentie 23, 00330 Helsinki.'''
'''Time: 11.15 - 19.00'''

OWASP Helsinki and Rational and Websphere User Group Finland RWSUG are aiming to co-operate to raise application security awareness. OWASP Helsinki will have a presentation in RWSUG agility seminar. More information from http://www.rwsug.fi/default.asp?path=1,39,385

'''You can download the presentation here''' https://www.owasp.org/images/c/cd/RWSUG5_Agile_Security_Management.pdf

See program below. Most of it is Finnish only
*11.15 Ilmoittautuminen alkaa
*11.15-12.00 Buffet-lounas
*12.00-12.10 Tilaisuuden avaus Jussi Jutila, Puheenjohtaja, RWSUG ry

KEYNOTE

*12.10-13.30 Scaling Agile Software Development: Strategies for Applying Agile in Complex Situations Scott W. Ambler, Practice Leader Agile Development, IBM Canada
*13.30-13.45 Kahvitauko
*13.45-15.30 SOA liiketoiminnan näkökulmasta ja SOA toteutuksen näkökulmasta kansainvälisessa hankkeessa Kari Laine, IT Architect, IF ja Jarmo Laine, Senior Software Architect,Primasoft
*15.30-15.45 Tauko
*15.45-16.30 Ketterä tietoturvan hallinta ohjelmistotuotannossa Reijo Savola, VTT
*16.30-17.15 Jazz Update IBM
*17.15-19.00 Iltapalaa ja verkostoitumista IBM Forumissa
 

== OWASP Helsinki Introduction to ISACA Finland Thursday January 24th 2008 ==
OWASP Helsinki participated in ISACA Finland meeting to raise application security awareness among system auditors and inspectors.
 A presentation was held that introduced basic web techniques, some security issues, OWASP in general, OWASP projects and OWASP Helsinki chapter.
 
'''You can download the presentation here''': https://www.owasp.org/images/e/e4/OWASP_ISACA_20080124.pdf (Finnish Only)
 

== OWASP Helsinki meeting #4 Fall 2007 with Mark Curphey, Tuesday, October 2 2007 ==
'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki.'''

Thank you for all participants and Mark from great presentation.

Coverage of the meeting in the local news (in Finnish):
http://mikropc.net/uutiset/index.jsp?categoryId=atk&day=20071003#w2007100315112711629

We are delighted to have Mark Curphey - the OWASP founder and new head of Microsoft's ACE (Application Consulting & Engineering) team in Europe - to visit Finland and discuss web app security with us. Hopefully as many as of you possible can participate!

'''18:30 Welcome and recent Helsinki chapter activities. Antti Laulajainen'''

'''18:40 Naked Software Security. Mark Curphey'''
*Commentary on how to build secure software
*Thoughts on the industry

'''WELCOME!'''

== OWASP Helsinki meeting #3 Summer 2007: "SOA, Web Services & XML Security", Tuesday, June 5th 2007 ==

Date: June 5th

Location: Smilehouse, Itälahdenkatu 22A (Stonesoft building), Lauttasaari.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/tietoturva_docview.jsp?f_id=1186167

'''19:00 Welcome & quick recap of recent OWASP activity and the Spring conference. Mikko Saario.'''

'''19:15 Gunnar Peterson, CTO Arctec Group and project lead for the OWASP "XML Security Gateway Evaluation Criteria".'''

Gunnar will be visiting Finland to provide training via Tietoturva ry on this subject. Topics to be covered:
* XML Security Gateways
* Message level threats and security countermeasures in Web services
* OWASP XML Security Gateway Evaluation Criteria Project

'''20:15 "Real-life usage of OWASP tools". Alexandr Seleznyov, Nokia Product Security.'''

(There is a chance Alex cannot make it. In that case we will discuss SOA stuff in more detail or just head off to bar earlier.)

'''20:45 Enter Bar 52...'''
--> Enjoy (sponsored) beverages.

== OWASP Helsinki meeting #2 Winter 2007, Web Application Firewalls, Thursday, February 22 2007 ==

Thank you for the 29 participants, the speakers and the host - Nixu - for making this event happen!

'''Location: Nixu, Mäkelänkatu 91, 00601 Helsinki.'''

What are Web Application Firewalls (WAF), how do they work, what do they do and what don't they do. Discussion and sharing of experiences of various technologies and products.

'''18.30 Welcome. Mikko Saario, Chapter Leader.'''

Today's topic and agenda in short.

'''18.35 "Web Application Firewalls Technical Analysis". Joakim Sandström, CTO nSense.'''

http://www.owasp.org/images/6/6a/Owasp_waf_joakim.pdf

- Technology

- Blacklisting & Whitelisting

- mod_security features

- Do's and Don'ts

'''19.30 "The Core Rule Sets". Ofer Shezaf, CTO Breach Security.'''

http://www.owasp.org/images/f/f4/The_Core_Rule_Set_-_Ofer.pdf

- WAF deployment and protection strategies

- Detection of generic web layer attacks

- Virtual patching

== OWASP Helsinki meeting #1, Tuesday, Dec 12 2006 at Ernst & Young ==

The Helsinki chapter had the first meeting at Ernst & Young office in Elielinaukio 5 B. The agenda and the presentations for the meeting are below. We had a good turnout: 22 people were present i.e. all seats were taken - we were very happy to see all these people to be interested in application security issues.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/doc.do?f_id=1083463

'''18:30 Welcome. What is OWASP and why OWASP Helsinki?'''

Mikko Saario made a short presentation about OWASP and the objective for the local Helsinki chapter.

'''19:00 Analyzing Threats (Olli Wiren; olli [at] juurihoito.org)'''

Olli Wiren discussed application related threats and corresponding security issues.

http://www.owasp.org/images/7/7c/Owasp-olli.pdf

'''19:45 Open discussion regarding OWASP Helsinki; what is expected or wished; how to go ahead and so forth.'''

There was a lively discussion regarding what type of activities should be arranged in the future. More details will follow...

Helsinki

2008-10-01T11:10:52Z

Msaario: /* OWASP Helsinki Meeting, Tuesday November 11th 2008 */

{{Chapter Template|chaptername=Helsinki|extra=The chapter leader is [mailto:antti@owasp.org Antti Laulajainen]
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-helsinki|emailarchives=http://lists.owasp.org/pipermail/owasp-helsinki}}

== Local News ==

'''Welcome to the OWASP Helsinki Chapter'''

The plan is to meet at least three to four times a year, each lasting 1,5-3 hours (more active "hands" means more meetings). This chapter is based in the capital area and therefore the meetings will be in or around Helsinki.

If you wish to present at one of the meetings or have any other inquiries, please contact the chapter leader.

== Current Activities ==

Currently OWASP Helsinki is working on the following tasks:
*[[Top 10 2007 Finnish]] aim to translate OWASP Top 10 list in Finnish

== OWASP Helsinki Meeting, Tuesday November 11th 2008 ==

'''Location: Nokia Ruoholahti, Itämerenkatu 11 - 13, 00180 Helsinki'''

'''Time: 18.30 - 20.30'''

'''Schedule'''
'''TBA'''

== OWASP Helsinki Web Hacking Workshop, Tuesday September 10th 2008 ==

'''Location: Teleware / KPMG, Laajalahdentie 23, 6. floor, reception at the ground floor, 00330 Helsinki'''

'''Time: 18.00 - 20.00'''

'''Schedule'''

'''18.00 Welcome and recent activities. Antti Laulajainen '''

'''18.05 Web Hacking Workshop, Anssi Porttikivi, Senior ICT Advisor KPMG/Teleware'''

*KPMG Oy IT Security Advisory marketing presentation 15 min
*Web hacking exercises and demonstrations in a laboratory class (using WebGoat and WebScarab tools)

'''Snacks available. Send your reservations to Anssi's mail address, anssi.porttikivi@kpmg.fi. Room for 20 participants.'''

'''Note! Be in time, because the reception closes at 18.'''

== OWASP Goes! CERT-FI, Thursday, June 12th 2008 ==

'''Location: Viestintävirasto, Itämerenkatu 3 A, 00180 Helsinki and One Pint Pub Santakatu 2, 00180 Helsinki'''

'''Time: 16.00 - 20.00'''

'''Schedule'''

'''16.00 Welcome and recent activities. Antti Laulajainen '''

'''16.10 Introduction of CERT-FI. Juhani Eronen, Information Security Adviser, CERT-FI'''

'''16.30 Vulnerability coordination. Juhani Eronen'''
* CERT-FI as a vulnerability coordinator
* Coordination examples

'''18.00 Possibility to continue the evening at the One Pint Pub'''
* If someone fancies a (self-financed) beer

'''Viestintävirasto asks those who wish to participate to the meeting to register in advance. For registrations please contact CERT-FI Unit Secretary Virpi Hienonen (virpi.hienonen(at)ficora.fi). The deadline is June 6, 2008.'''

== OWASP Helsinki Chapter meeting/Get Together #6 Tuesday, May 13th 2008 ==

Thank you for attending.

You can download the presentation here''' https://www.owasp.org/images/7/70/OWASP_HelsinkiChapter_130508.pdf

Coverage of the event in local news (Finnish only) http://mikropc.net/uutiset/index.jsp?categoryId=atk&day=20080514#w2008051411524012715

'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki and Ravintola Kaisla, Vilhonkatu 4, 00100 Helsinki'''

'''Time: 16.00 - 20.00'''

Welcome to spring meeting 2008.

'''Schedule'''

'''16.00 - 16.10 OWASP update. Antti Laulajainen'''

'''16.10-17.00 Notes From The field, OWASP tools and usage experiences, Jarkko Holappa & Antti Laulajainen'''

'''17.30 - 20.00 Drinks at Ravintola Kaisla (Bring Your Own Wallet)'''

Hope to see as many of you as possible!

== OWASP Helsinki Chapter meeting #5 Tuesday, March 11th 2008 ==
'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki.'''

'''Time: 18.30 - 20.30'''

Welcome to first meeting of 2008. OWASP Helsinki resumes activities after winter break.

We are pleased to have as a speaker Technology Manager of Nokia Product Security, Alexandr Seleznyov. His topic will be current state of application security.

'''Schedule'''

'''18.30 - 18.40 OWASP update. Antti Laulajainen'''

'''18.40 - 20.30 Current State of Application Security. Alexandr Seleznyov'''

Hope to see as many of you as possible!

== OWASP Helsinki & RWSUG Seminar Tuesday, January 29th 2008 ==
'''Location: IBM, Laajalahdentie 23, 00330 Helsinki.'''
'''Time: 11.15 - 19.00'''

OWASP Helsinki and Rational and Websphere User Group Finland RWSUG are aiming to co-operate to raise application security awareness. OWASP Helsinki will have a presentation in RWSUG agility seminar. More information from http://www.rwsug.fi/default.asp?path=1,39,385

'''You can download the presentation here''' https://www.owasp.org/images/c/cd/RWSUG5_Agile_Security_Management.pdf

See program below. Most of it is Finnish only
*11.15 Ilmoittautuminen alkaa
*11.15-12.00 Buffet-lounas
*12.00-12.10 Tilaisuuden avaus Jussi Jutila, Puheenjohtaja, RWSUG ry

KEYNOTE

*12.10-13.30 Scaling Agile Software Development: Strategies for Applying Agile in Complex Situations Scott W. Ambler, Practice Leader Agile Development, IBM Canada
*13.30-13.45 Kahvitauko
*13.45-15.30 SOA liiketoiminnan näkökulmasta ja SOA toteutuksen näkökulmasta kansainvälisessa hankkeessa Kari Laine, IT Architect, IF ja Jarmo Laine, Senior Software Architect,Primasoft
*15.30-15.45 Tauko
*15.45-16.30 Ketterä tietoturvan hallinta ohjelmistotuotannossa Reijo Savola, VTT
*16.30-17.15 Jazz Update IBM
*17.15-19.00 Iltapalaa ja verkostoitumista IBM Forumissa
 

== OWASP Helsinki Introduction to ISACA Finland Thursday January 24th 2008 ==
OWASP Helsinki participated in ISACA Finland meeting to raise application security awareness among system auditors and inspectors.
 A presentation was held that introduced basic web techniques, some security issues, OWASP in general, OWASP projects and OWASP Helsinki chapter.
 
'''You can download the presentation here''': https://www.owasp.org/images/e/e4/OWASP_ISACA_20080124.pdf (Finnish Only)
 

== OWASP Helsinki meeting #4 Fall 2007 with Mark Curphey, Tuesday, October 2 2007 ==
'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki.'''

Thank you for all participants and Mark from great presentation.

Coverage of the meeting in the local news (in Finnish):
http://mikropc.net/uutiset/index.jsp?categoryId=atk&day=20071003#w2007100315112711629

We are delighted to have Mark Curphey - the OWASP founder and new head of Microsoft's ACE (Application Consulting & Engineering) team in Europe - to visit Finland and discuss web app security with us. Hopefully as many as of you possible can participate!

'''18:30 Welcome and recent Helsinki chapter activities. Antti Laulajainen'''

'''18:40 Naked Software Security. Mark Curphey'''
*Commentary on how to build secure software
*Thoughts on the industry

'''WELCOME!'''

== OWASP Helsinki meeting #3 Summer 2007: "SOA, Web Services & XML Security", Tuesday, June 5th 2007 ==

Date: June 5th

Location: Smilehouse, Itälahdenkatu 22A (Stonesoft building), Lauttasaari.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/tietoturva_docview.jsp?f_id=1186167

'''19:00 Welcome & quick recap of recent OWASP activity and the Spring conference. Mikko Saario.'''

'''19:15 Gunnar Peterson, CTO Arctec Group and project lead for the OWASP "XML Security Gateway Evaluation Criteria".'''

Gunnar will be visiting Finland to provide training via Tietoturva ry on this subject. Topics to be covered:
* XML Security Gateways
* Message level threats and security countermeasures in Web services
* OWASP XML Security Gateway Evaluation Criteria Project

'''20:15 "Real-life usage of OWASP tools". Alexandr Seleznyov, Nokia Product Security.'''

(There is a chance Alex cannot make it. In that case we will discuss SOA stuff in more detail or just head off to bar earlier.)

'''20:45 Enter Bar 52...'''
--> Enjoy (sponsored) beverages.

== OWASP Helsinki meeting #2 Winter 2007, Web Application Firewalls, Thursday, February 22 2007 ==

Thank you for the 29 participants, the speakers and the host - Nixu - for making this event happen!

'''Location: Nixu, Mäkelänkatu 91, 00601 Helsinki.'''

What are Web Application Firewalls (WAF), how do they work, what do they do and what don't they do. Discussion and sharing of experiences of various technologies and products.

'''18.30 Welcome. Mikko Saario, Chapter Leader.'''

Today's topic and agenda in short.

'''18.35 "Web Application Firewalls Technical Analysis". Joakim Sandström, CTO nSense.'''

http://www.owasp.org/images/6/6a/Owasp_waf_joakim.pdf

- Technology

- Blacklisting & Whitelisting

- mod_security features

- Do's and Don'ts

'''19.30 "The Core Rule Sets". Ofer Shezaf, CTO Breach Security.'''

http://www.owasp.org/images/f/f4/The_Core_Rule_Set_-_Ofer.pdf

- WAF deployment and protection strategies

- Detection of generic web layer attacks

- Virtual patching

== OWASP Helsinki meeting #1, Tuesday, Dec 12 2006 at Ernst & Young ==

The Helsinki chapter had the first meeting at Ernst & Young office in Elielinaukio 5 B. The agenda and the presentations for the meeting are below. We had a good turnout: 22 people were present i.e. all seats were taken - we were very happy to see all these people to be interested in application security issues.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/doc.do?f_id=1083463

'''18:30 Welcome. What is OWASP and why OWASP Helsinki?'''

Mikko Saario made a short presentation about OWASP and the objective for the local Helsinki chapter.

'''19:00 Analyzing Threats (Olli Wiren; olli [at] juurihoito.org)'''

Olli Wiren discussed application related threats and corresponding security issues.

http://www.owasp.org/images/7/7c/Owasp-olli.pdf

'''19:45 Open discussion regarding OWASP Helsinki; what is expected or wished; how to go ahead and so forth.'''

There was a lively discussion regarding what type of activities should be arranged in the future. More details will follow...

Helsinki

2008-09-26T12:47:18Z

Msaario: /* OWASP Helsinki Meeting, Tuesday November 11th 2008 */

{{Chapter Template|chaptername=Helsinki|extra=The chapter leader is [mailto:antti@owasp.org Antti Laulajainen]
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-helsinki|emailarchives=http://lists.owasp.org/pipermail/owasp-helsinki}}

== Local News ==

'''Welcome to the OWASP Helsinki Chapter'''

The plan is to meet at least three to four times a year, each lasting 1,5-3 hours (more active "hands" means more meetings). This chapter is based in the capital area and therefore the meetings will be in or around Helsinki.

If you wish to present at one of the meetings or have any other inquiries, please contact the chapter leader.

== Current Activities ==

Currently OWASP Helsinki is working on the following tasks:
*[[Top 10 2007 Finnish]] aim to translate OWASP Top 10 list in Finnish

== OWASP Helsinki Meeting, Tuesday November 11th 2008 ==

'''Location: Nokia Ruoholahti'''

'''Time: 18.30 - 20.30'''

'''Schedule'''
'''TBA'''

== OWASP Helsinki Web Hacking Workshop, Tuesday September 10th 2008 ==

'''Location: Teleware / KPMG, Laajalahdentie 23, 6. floor, reception at the ground floor, 00330 Helsinki'''

'''Time: 18.00 - 20.00'''

'''Schedule'''

'''18.00 Welcome and recent activities. Antti Laulajainen '''

'''18.05 Web Hacking Workshop, Anssi Porttikivi, Senior ICT Advisor KPMG/Teleware'''

*KPMG Oy IT Security Advisory marketing presentation 15 min
*Web hacking exercises and demonstrations in a laboratory class (using WebGoat and WebScarab tools)

'''Snacks available. Send your reservations to Anssi's mail address, anssi.porttikivi@kpmg.fi. Room for 20 participants.'''

'''Note! Be in time, because the reception closes at 18.'''

== OWASP Goes! CERT-FI, Thursday, June 12th 2008 ==

'''Location: Viestintävirasto, Itämerenkatu 3 A, 00180 Helsinki and One Pint Pub Santakatu 2, 00180 Helsinki'''

'''Time: 16.00 - 20.00'''

'''Schedule'''

'''16.00 Welcome and recent activities. Antti Laulajainen '''

'''16.10 Introduction of CERT-FI. Juhani Eronen, Information Security Adviser, CERT-FI'''

'''16.30 Vulnerability coordination. Juhani Eronen'''
* CERT-FI as a vulnerability coordinator
* Coordination examples

'''18.00 Possibility to continue the evening at the One Pint Pub'''
* If someone fancies a (self-financed) beer

'''Viestintävirasto asks those who wish to participate to the meeting to register in advance. For registrations please contact CERT-FI Unit Secretary Virpi Hienonen (virpi.hienonen(at)ficora.fi). The deadline is June 6, 2008.'''

== OWASP Helsinki Chapter meeting/Get Together #6 Tuesday, May 13th 2008 ==

Thank you for attending.

You can download the presentation here''' https://www.owasp.org/images/7/70/OWASP_HelsinkiChapter_130508.pdf

Coverage of the event in local news (Finnish only) http://mikropc.net/uutiset/index.jsp?categoryId=atk&day=20080514#w2008051411524012715

'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki and Ravintola Kaisla, Vilhonkatu 4, 00100 Helsinki'''

'''Time: 16.00 - 20.00'''

Welcome to spring meeting 2008.

'''Schedule'''

'''16.00 - 16.10 OWASP update. Antti Laulajainen'''

'''16.10-17.00 Notes From The field, OWASP tools and usage experiences, Jarkko Holappa & Antti Laulajainen'''

'''17.30 - 20.00 Drinks at Ravintola Kaisla (Bring Your Own Wallet)'''

Hope to see as many of you as possible!

== OWASP Helsinki Chapter meeting #5 Tuesday, March 11th 2008 ==
'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki.'''

'''Time: 18.30 - 20.30'''

Welcome to first meeting of 2008. OWASP Helsinki resumes activities after winter break.

We are pleased to have as a speaker Technology Manager of Nokia Product Security, Alexandr Seleznyov. His topic will be current state of application security.

'''Schedule'''

'''18.30 - 18.40 OWASP update. Antti Laulajainen'''

'''18.40 - 20.30 Current State of Application Security. Alexandr Seleznyov'''

Hope to see as many of you as possible!

== OWASP Helsinki & RWSUG Seminar Tuesday, January 29th 2008 ==
'''Location: IBM, Laajalahdentie 23, 00330 Helsinki.'''
'''Time: 11.15 - 19.00'''

OWASP Helsinki and Rational and Websphere User Group Finland RWSUG are aiming to co-operate to raise application security awareness. OWASP Helsinki will have a presentation in RWSUG agility seminar. More information from http://www.rwsug.fi/default.asp?path=1,39,385

'''You can download the presentation here''' https://www.owasp.org/images/c/cd/RWSUG5_Agile_Security_Management.pdf

See program below. Most of it is Finnish only
*11.15 Ilmoittautuminen alkaa
*11.15-12.00 Buffet-lounas
*12.00-12.10 Tilaisuuden avaus Jussi Jutila, Puheenjohtaja, RWSUG ry

KEYNOTE

*12.10-13.30 Scaling Agile Software Development: Strategies for Applying Agile in Complex Situations Scott W. Ambler, Practice Leader Agile Development, IBM Canada
*13.30-13.45 Kahvitauko
*13.45-15.30 SOA liiketoiminnan näkökulmasta ja SOA toteutuksen näkökulmasta kansainvälisessa hankkeessa Kari Laine, IT Architect, IF ja Jarmo Laine, Senior Software Architect,Primasoft
*15.30-15.45 Tauko
*15.45-16.30 Ketterä tietoturvan hallinta ohjelmistotuotannossa Reijo Savola, VTT
*16.30-17.15 Jazz Update IBM
*17.15-19.00 Iltapalaa ja verkostoitumista IBM Forumissa
 

== OWASP Helsinki Introduction to ISACA Finland Thursday January 24th 2008 ==
OWASP Helsinki participated in ISACA Finland meeting to raise application security awareness among system auditors and inspectors.
 A presentation was held that introduced basic web techniques, some security issues, OWASP in general, OWASP projects and OWASP Helsinki chapter.
 
'''You can download the presentation here''': https://www.owasp.org/images/e/e4/OWASP_ISACA_20080124.pdf (Finnish Only)
 

== OWASP Helsinki meeting #4 Fall 2007 with Mark Curphey, Tuesday, October 2 2007 ==
'''Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki.'''

Thank you for all participants and Mark from great presentation.

Coverage of the meeting in the local news (in Finnish):
http://mikropc.net/uutiset/index.jsp?categoryId=atk&day=20071003#w2007100315112711629

We are delighted to have Mark Curphey - the OWASP founder and new head of Microsoft's ACE (Application Consulting & Engineering) team in Europe - to visit Finland and discuss web app security with us. Hopefully as many as of you possible can participate!

'''18:30 Welcome and recent Helsinki chapter activities. Antti Laulajainen'''

'''18:40 Naked Software Security. Mark Curphey'''
*Commentary on how to build secure software
*Thoughts on the industry

'''WELCOME!'''

== OWASP Helsinki meeting #3 Summer 2007: "SOA, Web Services & XML Security", Tuesday, June 5th 2007 ==

Date: June 5th

Location: Smilehouse, Itälahdenkatu 22A (Stonesoft building), Lauttasaari.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/tietoturva_docview.jsp?f_id=1186167

'''19:00 Welcome & quick recap of recent OWASP activity and the Spring conference. Mikko Saario.'''

'''19:15 Gunnar Peterson, CTO Arctec Group and project lead for the OWASP "XML Security Gateway Evaluation Criteria".'''

Gunnar will be visiting Finland to provide training via Tietoturva ry on this subject. Topics to be covered:
* XML Security Gateways
* Message level threats and security countermeasures in Web services
* OWASP XML Security Gateway Evaluation Criteria Project

'''20:15 "Real-life usage of OWASP tools". Alexandr Seleznyov, Nokia Product Security.'''

(There is a chance Alex cannot make it. In that case we will discuss SOA stuff in more detail or just head off to bar earlier.)

'''20:45 Enter Bar 52...'''
--> Enjoy (sponsored) beverages.

== OWASP Helsinki meeting #2 Winter 2007, Web Application Firewalls, Thursday, February 22 2007 ==

Thank you for the 29 participants, the speakers and the host - Nixu - for making this event happen!

'''Location: Nixu, Mäkelänkatu 91, 00601 Helsinki.'''

What are Web Application Firewalls (WAF), how do they work, what do they do and what don't they do. Discussion and sharing of experiences of various technologies and products.

'''18.30 Welcome. Mikko Saario, Chapter Leader.'''

Today's topic and agenda in short.

'''18.35 "Web Application Firewalls Technical Analysis". Joakim Sandström, CTO nSense.'''

http://www.owasp.org/images/6/6a/Owasp_waf_joakim.pdf

- Technology

- Blacklisting & Whitelisting

- mod_security features

- Do's and Don'ts

'''19.30 "The Core Rule Sets". Ofer Shezaf, CTO Breach Security.'''

http://www.owasp.org/images/f/f4/The_Core_Rule_Set_-_Ofer.pdf

- WAF deployment and protection strategies

- Detection of generic web layer attacks

- Virtual patching

== OWASP Helsinki meeting #1, Tuesday, Dec 12 2006 at Ernst & Young ==

The Helsinki chapter had the first meeting at Ernst & Young office in Elielinaukio 5 B. The agenda and the presentations for the meeting are below. We had a good turnout: 22 people were present i.e. all seats were taken - we were very happy to see all these people to be interested in application security issues.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/doc.do?f_id=1083463

'''18:30 Welcome. What is OWASP and why OWASP Helsinki?'''

Mikko Saario made a short presentation about OWASP and the objective for the local Helsinki chapter.

'''19:00 Analyzing Threats (Olli Wiren; olli [at] juurihoito.org)'''

Olli Wiren discussed application related threats and corresponding security issues.

http://www.owasp.org/images/7/7c/Owasp-olli.pdf

'''19:45 Open discussion regarding OWASP Helsinki; what is expected or wished; how to go ahead and so forth.'''

There was a lively discussion regarding what type of activities should be arranged in the future. More details will follow...

OWASP Community

2007-09-29T05:37:06Z

Msaario: /* Events */

This page is for people to post OWASP related events, such as chapter meetings, OWASP conferences, get-togethers, and OWASP sponsored events.

Events from previous years are archived here:
* '''[[OWASP Community 2006]]'''

This page is monitored, and items posted here will be copied to the OWASP [[Main Page]]. Please post new items in chronological order using the following format:

'''Mon ## (##:00h) - [[Article]]'''



==Events==
'''Oct 2 (1830h) - [[Helsinki|Helsinki chapter meeting]]'''

'''Sept 27 (1800h) - [[New York|NY/NJ Metro chapter meeting]]'''

'''Sept 27 (13:00h) - [[Taiwan|Taiwan chapter meeting]]'''

'''Sept 13 (18:00h) - [[Netherlands|Netherlands chapter meeting]]'''

'''Sept 10 (18:00h) - [[Rochester|Rochester chapter meeting]]'''

'''Sept 7 (15:00h) [[Germany|German chapter meeting]]''' - Restart of the German Chapter

'''Sept (12:00h) - [[Belgium|Belgium OWASP Day Event]] '''

'''Sept 6 (18:00h) - [[Kansas_City|Kansas City Chapter meeting]]'''

'''Sept 5 (18:00h) - [[Chicago|Chicago Chapter Meeting]]'''

'''Sept 5 (17:00h) - [[Israel|Israeli chapter meeting]]'''

'''July 25 (18:00h) - [[San Jose|San Jose Chapter Meeting]]'''

'''July 24 (17:00h) - [[Switzerland|Switzerland chapter meeting]]'''

'''July 14 (11:00h) - [[Turkey|Turkey chapter meeting - 1st Web Security Days]]'''

'''July 6 (17:00h) - [[Spain|Spain chapter meeting]]'''

'''June 26 (11:30hr) - [[Austin|Austin chapter meeting]]''' - Running Web Application Scans

'''June 22 (18:00h) - [[Belgium|Belgium chapter meeting]]'''

'''June 21 (19:00h) - [[Denver]]''' - Anti-DNS Pinning Attacks / Calculating Return on Security Investment (ROSI)

'''June 19 (18:00h) - [[Minneapolis St Paul|Minneapolis St Paul chapter meeting]]'''

'''June 15 (17:00hr) - [[Spain|Spain chapter meeting]]'''

'''June 13 (18:30hr) - [[Kansas City|Kansas City chapter meeting]]'''

'''June 12 (18:00hr) - [[New York|NY/NJ Metro chapter meeting]]'''

'''Jun 5 (19:00h) - [[Helsinki|Helsinki chapter meeting]]'''

'''Jun 5 (18:00h) - [[Melbourne|Melbourne chapter meeting]]'''

'''Jun 5 (17:30h) - [[Houston | Houston Chapter Meeting]]'''

'''May 29 (9:00h) - [[http://www.owasp.org/index.php/Italy#May_29th.2C_2007_-_Seminar:_.22Software_Security.22 Italy@Firenze Tecnologia]]'''

'''May 29 (11:30h) - [[Austin | Austin Chapter Meeting]]''' - Bullet Proof UI - A programmer's guide to the complete idiot".

'''May 29 (18:00h) - [[Ottawa | Ottawa Chapter Meeting]]'''

'''May 22 (18:30h) - [[New Zealand|1st New Zealand chapter Meeting]]'''

'''May 21 (14:00h) - [[Israel|2nd OWASP Israel mini conference]]'''

'''May 15 (18:00h) - [[Rochester|Rochester chapter meeting]]'''

'''May 10 (18:00h) - [[Belgium|Belgium chapter meeting]]'''

'''May 9 (18:00h) - [[Toronto|Toronto chapter meeting]]'''

'''May 8 (18:00h) - [[Virginia (Northern Virginia)|Washington DC (N. VA) chapter meeting]]'''

'''May 6 (11:00h) - [[Turkey|Turkey chapter meeting]]'''

'''May 2 (18:30h) - [[Boston|Boston chapter meeting]]'''

'''May 1 (18:00h) - [[Melbourne|Melbourne chapter meeting]]'''

'''Apr 26 (11:00h) - [[San Antonio|San Antonio chapter meeting]]'''

'''Apr 26 (17:00h) - [[Switzerland|Switzerland chapter meeting and "Swiss Security Dinner"]]'''

'''Apr 24 (18:00h) - [[Minneapolis St Paul|Minneapolis St Paul chapter meeting]]'''

'''Apr 20 (19:00h) - [[Hong Kong|Hong Kong chapter meeting - Objectives for 2007]]'''

'''Apr 19 (18:00h) - [[Virginia (Northern Virginia)|Washington DC (N. VA) chapter meeting]]'''

'''Apr 18 (17:00h) - [[San Francisco City Chapter Meeting]]'''

'''Apr 17 (18:00h) - [[New Jersey|NY/NJ Metro chapter meeting]]'''

'''Apr 17 (18:00h) - [[Rochester|Rochester chapter meeting]]'''

'''Apr 12 (18:00h) - [[Netherlands|Netherlands chapter meeting]]'''

'''Apr 12 (18:00h) - [[San Jose|San Jose chapter meeting]]'''

'''Apr 11 (18:00h) - [[Toronto|Toronto chapter meeting]]'''

'''Apr 4 (18:30h) - [[Boston|Boston chapter meeting]]'''

'''Apr 3 (18:00h) - [[Melbourne|Melbourne chapter meeting]]'''

'''Mar 30 - [[http://www.owasp.org/index.php/Italy#March_30th.2C_2007_-_Master_in_Security_-_University_of_Rome_.22La_Sapienza.22| Italy@Master in Security at "La Sapienza"]]'''

'''Mar 28 (18:00h) - [[Washington DC|Washington DC (MD) chapter meeting]]'''

'''Mar 28 (11:30h) - [[San Antonio|San Antonio chapter meeting]]'''

; '''Mar 27-30 - [http://www.blackhat.com Black Hat Euro]'''
: OWASP members receive a Euro 100 Briefings discount by inserting BH7EUASSOC in the box marked “Coupon Codes”

'''Mar 22 (18:00h) - [[London|London chapter meeting]]'''

'''Mar 21-22 - [[Belgium#OWASP_Top_10_2007_Update_.28Infosecurity_Belgium.2C_21_.26_.2622_Mar_2007.29|Belgium@InfoSecurity]]'''

'''Mar 20 (18:00h) - [[Rochester|Rochester chapter meeting]]'''

'''Mar 14 (18:00h) - [[Toronto|Toronto chapter meeting]]'''

'''Mar 14 (18:00h) - [[Chicago|Chicago chapter meeting]]'''

'''Mar 13 (18:00h) - [[Virginia (Northern Virginia)|Washington DC (N. VA) chapter meeting]]'''

'''Mar 8 (18:00h) - [[Ottawa|Ottawa Chapter Meeting]] '''

'''Mar 7 (18:30h) - [[Boston|Boston chapter meeting]]'''

'''Mar 7 (18:30h) - [[Kansas City|Kansas City chapter meeting]]'''

'''Mar 6 (18:30h) - [[Philadelphia|Philadelphia chapter meeting]]'''

'''Mar 6 (18:30h) - [[San Francisco|San Francisco and San Jose chapter meeting]]'''

'''Mar 6 (18:00h) - [[Melbourne|Melbourne chapter meeting]]'''

'''Mar 5 (11:00h) - [[New Jersey|New Jersey chapter meeting]]'''

'''Mar 1 (11:30h) - [http://www.eusecwest.com/agenda.html EUSecWest 07: Testing Guide]'''

; '''Feb 26-Mar 1 - [http://www.blackhat.com Black Hat DC]'''
: OWASP members receive a $100 Briefings discount by inserting BH7DCASSOC in the box marked “Coupon Codes”

'''Feb 28 (18:00h) - [[Seattle|Seattle chapter meeting]]'''

'''Feb 27 (18:00h) - [[Edmonton|Edmonton chapter meeting]]'''

'''Feb 22 (18:30h) - [[Helsinki|Helsinki chapter meeting]]'''

'''Feb 22 (18:00h) - [[London|London chapter meeting]]'''

'''Feb 21 (18:30h) - [[Denver|Denver chapter meeting]]'''

'''Feb 19 (18:00h) - [[Rochester|Rochester chapter meeting]]'''

'''Feb 15 (18:00h) - [[Washington DC|Washington DC (MD) chapter meeting]]'''

'''Feb 15 (18:00h) - [[Virginia (Northern Virginia)|Washington DC (N. VA) chapter meeting]]'''

'''Feb 14 (18:00h) - [[Toronto|Toronto chapter meeting]]'''

'''Feb 13 (18:00h) - [[Ireland|Ireland chapter meeting]]'''

'''Feb 12 (18:30h) - [[Switzerland|Switzerland chapter meeting]]'''

'''Feb 7 (18:30h) - [[Boston|Boston chapter meeting]]'''

'''Feb 6-7 - [[Italy#February_6th-8th.2C_2007_-_InfoSecurity|Italy@InfoSecurity]]'''

'''Feb 6 (18:00h) - [[Melbourne|Melbourne chapter meeting]]'''

'''Feb 2 (14:00h) - [[Chennai|Chennai chapter meeting]]'''

'''Jan 31 (15:00h) - [[Mumbai|Mumbai chapter meeting]]'''

'''Jan 30 (11:30h) - [[Austin|Austin chapter meeting]]'''

'''Jan 25 (18:00h) - [[San Francisco| San Francisco chapter meeting]]'''

'''Jan 25 (14:30h) - [[Italy#October_25th.2C_2007_-_Isaca_Rome|Italy@ISACA Rome]]'''

'''Jan 24 (17:30h) - [[Israel#6th_OWASP_IL_meeting:_Wednesday.2C_January_24th_2007|6th OWASP Israel chapter meeting]]'''

'''Jan 23 (18:00h) - [[Belgium|Belgium chapter meeting]]'''

'''Jan 22 (18:00h) - [[Rochester|Rochester chapter meeting]]'''

'''Jan 17 (18:30h) - [[Denver|Denver chapter meeting]]'''

'''Jan 16 (17:45h) - [[Edmonton|Edmonton chapter meeting]]'''

'''Jan 11 (18:00h) - [[Netherlands|Netherlands chapter meeting]]'''

'''Jan 11 (18:30h) - [[Phoenix|Phoenix chapter meeting]]'''

'''Jan 11 (18:00h) - [[Virginia (Northern Virginia)|Washington DC (N. VA) chapter meeting]]'''

'''Jan 10 (18:00h) - [[Toronto|Toronto chapter meeting]]'''

'''Jan 8 (18:00h) - [[Seattle|Seattle chapter meeting]]'''

'''Jan 3 (18:30h) - [[Boston|Boston chapter meeting]]'''

'''May 1 - [[Melbourne | Melbourne chapter meeting]]'''

'''May 2 - [[Boston]]'''

'''May 6 - [[Turkey]]'''

'''May 8 - [[Virginia (Northern Virginia)|Washington DC (VA)]]'''

'''May 9 - [[Toronto]]'''

'''May 10 - [[Belgium]]'''

'''May 15 - [[Rochester]]'''

'''May 21 - [[Israel]]'''

'''May 22 - [[New Zealand]]'''

'''May 29 - [[Italy]]'''

'''June 5 - [[Houston]]'''

'''June 5 - [[Melbourne]]'''

'''June 5 - [[Helsinki]]'''

'''June 12 - [[New Jersey]]'''

'''June 15 - [[Spain]]'''

'''July 14 - [[Turkey]]'''

Helsinki

2007-09-20T23:43:34Z

Msaario: /* OWASP Helsinki meeting #4 Fall 2007 with Mark Curphey, Tuesday, October 2 2007 */

{{Chapter Template|chaptername=Helsinki|extra=The chapter leader is [mailto:Mikko.Saario@nokia.com Mikko Saario]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-helsinki|emailarchives=http://lists.owasp.org/pipermail/owasp-helsinki}}

== Local News ==

'''Welcome to the OWASP Helsinki Chapter'''

The plan is to meet at least three to four times a year, each lasting 1,5-3 hours (more active "hands" means more meetings). This chapter is based in the capital area and therefore the meetings will be in or around Helsinki.

If you wish to present at one of the meetings or have any other inquiries, please contact the chapter leader.

== OWASP Helsinki meeting #4 Fall 2007 with Mark Curphey, Tuesday, October 2 2007 ==

We are delighted to have Mark Curphey - the OWASP founder and new head of Microsoft's ACE (Application Consulting & Engineering) team in Europe - to visit Finland and discuss web app security with us. Hopefully as many as of you possible can participate!

'''18:30, Ixonos, Hitsaajankatu 20, 00810 Helsinki.'''

'''WELCOME!'''

== OWASP Helsinki meeting #3 Summer 2007: "SOA, Web Services & XML Security", Tuesday, June 5th 2007 ==

Date: June 5th

Location: Smilehouse, Itälahdenkatu 22A (Stonesoft building), Lauttasaari.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/tietoturva_docview.jsp?f_id=1186167

'''19:00 Welcome & quick recap of recent OWASP activity and the Spring conference. Mikko Saario.'''

'''19:15 Gunnar Peterson, CTO Arctec Group and project lead for the OWASP "XML Security Gateway Evaluation Criteria".'''

Gunnar will be visiting Finland to provide training via Tietoturva ry on this subject. Topics to be covered:
* XML Security Gateways
* Message level threats and security countermeasures in Web services
* OWASP XML Security Gateway Evaluation Criteria Project

'''20:15 "Real-life usage of OWASP tools". Alexandr Seleznyov, Nokia Product Security.'''

(There is a chance Alex cannot make it. In that case we will discuss SOA stuff in more detail or just head off to bar earlier.)

'''20:45 Enter Bar 52...'''
--> Enjoy (sponsored) beverages.

== OWASP Helsinki meeting #2 Winter 2007, Web Application Firewalls, Thursday, February 22 2007 ==

Thank you for the 29 participants, the speakers and the host - Nixu - for making this event happen!

'''Location: Nixu, Mäkelänkatu 91, 00601 Helsinki.'''

What are Web Application Firewalls (WAF), how do they work, what do they do and what don't they do. Discussion and sharing of experiences of various technologies and products.

'''18.30 Welcome. Mikko Saario, Chapter Leader.'''

Today's topic and agenda in short.

'''18.35 "Web Application Firewalls Technical Analysis". Joakim Sandström, CTO nSense.'''

http://www.owasp.org/images/6/6a/Owasp_waf_joakim.pdf

- Technology

- Blacklisting & Whitelisting

- mod_security features

- Do's and Don'ts

'''19.30 "The Core Rule Sets". Ofer Shezaf, CTO Breach Security.'''

http://www.owasp.org/images/f/f4/The_Core_Rule_Set_-_Ofer.pdf

- WAF deployment and protection strategies

- Detection of generic web layer attacks

- Virtual patching

== OWASP Helsinki meeting #1, Tuesday, Dec 12 2006 at Ernst & Young ==

The Helsinki chapter had the first meeting at Ernst & Young office in Elielinaukio 5 B. The agenda and the presentations for the meeting are below. We had a good turnout: 22 people were present i.e. all seats were taken - we were very happy to see all these people to be interested in application security issues.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/doc.do?f_id=1083463

'''18:30 Welcome. What is OWASP and why OWASP Helsinki?'''

Mikko Saario made a short presentation about OWASP and the objective for the local Helsinki chapter.

'''19:00 Analyzing Threats (Olli Wiren; olli [at] juurihoito.org)'''

Olli Wiren discussed application related threats and corresponding security issues.

http://www.owasp.org/images/7/7c/Owasp-olli.pdf

'''19:45 Open discussion regarding OWASP Helsinki; what is expected or wished; how to go ahead and so forth.'''

There was a lively discussion regarding what type of activities should be arranged in the future. More details will follow...

Helsinki

2007-09-20T23:43:05Z

Msaario: /* OWASP Helsinki meeting #4 Fall 2007 with Mark Curphey, Tuesday, October 2 2007 */

{{Chapter Template|chaptername=Helsinki|extra=The chapter leader is [mailto:Mikko.Saario@nokia.com Mikko Saario]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-helsinki|emailarchives=http://lists.owasp.org/pipermail/owasp-helsinki}}

== Local News ==

'''Welcome to the OWASP Helsinki Chapter'''

The plan is to meet at least three to four times a year, each lasting 1,5-3 hours (more active "hands" means more meetings). This chapter is based in the capital area and therefore the meetings will be in or around Helsinki.

If you wish to present at one of the meetings or have any other inquiries, please contact the chapter leader.

== OWASP Helsinki meeting #4 Fall 2007 with Mark Curphey, Tuesday, October 2 2007 ==

We are delighted to have Mark Curphey - the OWASP founder and new head of Microsoft's ACE (Application Consulting & Engineering) team in Europe - to visit Finland and discuss web app security with us. Hopefully as many as of you possible can participate!

'''Time: 18:30, Ixonos, Hitsaajankatu 20, 00810 Helsinki.'''

''' '''

'''WELCOME!'''

''' '''

== OWASP Helsinki meeting #3 Summer 2007: "SOA, Web Services & XML Security", Tuesday, June 5th 2007 ==

Date: June 5th

Location: Smilehouse, Itälahdenkatu 22A (Stonesoft building), Lauttasaari.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/tietoturva_docview.jsp?f_id=1186167

'''19:00 Welcome & quick recap of recent OWASP activity and the Spring conference. Mikko Saario.'''

'''19:15 Gunnar Peterson, CTO Arctec Group and project lead for the OWASP "XML Security Gateway Evaluation Criteria".'''

Gunnar will be visiting Finland to provide training via Tietoturva ry on this subject. Topics to be covered:
* XML Security Gateways
* Message level threats and security countermeasures in Web services
* OWASP XML Security Gateway Evaluation Criteria Project

'''20:15 "Real-life usage of OWASP tools". Alexandr Seleznyov, Nokia Product Security.'''

(There is a chance Alex cannot make it. In that case we will discuss SOA stuff in more detail or just head off to bar earlier.)

'''20:45 Enter Bar 52...'''
--> Enjoy (sponsored) beverages.

== OWASP Helsinki meeting #2 Winter 2007, Web Application Firewalls, Thursday, February 22 2007 ==

Thank you for the 29 participants, the speakers and the host - Nixu - for making this event happen!

'''Location: Nixu, Mäkelänkatu 91, 00601 Helsinki.'''

What are Web Application Firewalls (WAF), how do they work, what do they do and what don't they do. Discussion and sharing of experiences of various technologies and products.

'''18.30 Welcome. Mikko Saario, Chapter Leader.'''

Today's topic and agenda in short.

'''18.35 "Web Application Firewalls Technical Analysis". Joakim Sandström, CTO nSense.'''

http://www.owasp.org/images/6/6a/Owasp_waf_joakim.pdf

- Technology

- Blacklisting & Whitelisting

- mod_security features

- Do's and Don'ts

'''19.30 "The Core Rule Sets". Ofer Shezaf, CTO Breach Security.'''

http://www.owasp.org/images/f/f4/The_Core_Rule_Set_-_Ofer.pdf

- WAF deployment and protection strategies

- Detection of generic web layer attacks

- Virtual patching

== OWASP Helsinki meeting #1, Tuesday, Dec 12 2006 at Ernst & Young ==

The Helsinki chapter had the first meeting at Ernst & Young office in Elielinaukio 5 B. The agenda and the presentations for the meeting are below. We had a good turnout: 22 people were present i.e. all seats were taken - we were very happy to see all these people to be interested in application security issues.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/doc.do?f_id=1083463

'''18:30 Welcome. What is OWASP and why OWASP Helsinki?'''

Mikko Saario made a short presentation about OWASP and the objective for the local Helsinki chapter.

'''19:00 Analyzing Threats (Olli Wiren; olli [at] juurihoito.org)'''

Olli Wiren discussed application related threats and corresponding security issues.

http://www.owasp.org/images/7/7c/Owasp-olli.pdf

'''19:45 Open discussion regarding OWASP Helsinki; what is expected or wished; how to go ahead and so forth.'''

There was a lively discussion regarding what type of activities should be arranged in the future. More details will follow...

Helsinki

2007-09-20T23:42:38Z

Msaario: /* OWASP Helsinki meeting #4 Fall 2007 with Mark Curphey, Tuesday, October 2 2007 */

{{Chapter Template|chaptername=Helsinki|extra=The chapter leader is [mailto:Mikko.Saario@nokia.com Mikko Saario]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-helsinki|emailarchives=http://lists.owasp.org/pipermail/owasp-helsinki}}

== Local News ==

'''Welcome to the OWASP Helsinki Chapter'''

The plan is to meet at least three to four times a year, each lasting 1,5-3 hours (more active "hands" means more meetings). This chapter is based in the capital area and therefore the meetings will be in or around Helsinki.

If you wish to present at one of the meetings or have any other inquiries, please contact the chapter leader.

== OWASP Helsinki meeting #4 Fall 2007 with Mark Curphey, Tuesday, October 2 2007 ==

We are delighted to have Mark Curphey - the OWASP founder and new head of Microsoft's ACE (Application Consulting & Engineering) team in Europe - to visit Finland and discuss web app security with us. Hopefully as many as of you possible can participate!

'''Time: 18:30 at Ixonos premises Hitsaajankatu 20, 00810 Helsinki.'''

''' '''

'''WELCOME!'''

''' '''

== OWASP Helsinki meeting #3 Summer 2007: "SOA, Web Services & XML Security", Tuesday, June 5th 2007 ==

Date: June 5th

Location: Smilehouse, Itälahdenkatu 22A (Stonesoft building), Lauttasaari.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/tietoturva_docview.jsp?f_id=1186167

'''19:00 Welcome & quick recap of recent OWASP activity and the Spring conference. Mikko Saario.'''

'''19:15 Gunnar Peterson, CTO Arctec Group and project lead for the OWASP "XML Security Gateway Evaluation Criteria".'''

Gunnar will be visiting Finland to provide training via Tietoturva ry on this subject. Topics to be covered:
* XML Security Gateways
* Message level threats and security countermeasures in Web services
* OWASP XML Security Gateway Evaluation Criteria Project

'''20:15 "Real-life usage of OWASP tools". Alexandr Seleznyov, Nokia Product Security.'''

(There is a chance Alex cannot make it. In that case we will discuss SOA stuff in more detail or just head off to bar earlier.)

'''20:45 Enter Bar 52...'''
--> Enjoy (sponsored) beverages.

== OWASP Helsinki meeting #2 Winter 2007, Web Application Firewalls, Thursday, February 22 2007 ==

Thank you for the 29 participants, the speakers and the host - Nixu - for making this event happen!

'''Location: Nixu, Mäkelänkatu 91, 00601 Helsinki.'''

What are Web Application Firewalls (WAF), how do they work, what do they do and what don't they do. Discussion and sharing of experiences of various technologies and products.

'''18.30 Welcome. Mikko Saario, Chapter Leader.'''

Today's topic and agenda in short.

'''18.35 "Web Application Firewalls Technical Analysis". Joakim Sandström, CTO nSense.'''

http://www.owasp.org/images/6/6a/Owasp_waf_joakim.pdf

- Technology

- Blacklisting & Whitelisting

- mod_security features

- Do's and Don'ts

'''19.30 "The Core Rule Sets". Ofer Shezaf, CTO Breach Security.'''

http://www.owasp.org/images/f/f4/The_Core_Rule_Set_-_Ofer.pdf

- WAF deployment and protection strategies

- Detection of generic web layer attacks

- Virtual patching

== OWASP Helsinki meeting #1, Tuesday, Dec 12 2006 at Ernst & Young ==

The Helsinki chapter had the first meeting at Ernst & Young office in Elielinaukio 5 B. The agenda and the presentations for the meeting are below. We had a good turnout: 22 people were present i.e. all seats were taken - we were very happy to see all these people to be interested in application security issues.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/doc.do?f_id=1083463

'''18:30 Welcome. What is OWASP and why OWASP Helsinki?'''

Mikko Saario made a short presentation about OWASP and the objective for the local Helsinki chapter.

'''19:00 Analyzing Threats (Olli Wiren; olli [at] juurihoito.org)'''

Olli Wiren discussed application related threats and corresponding security issues.

http://www.owasp.org/images/7/7c/Owasp-olli.pdf

'''19:45 Open discussion regarding OWASP Helsinki; what is expected or wished; how to go ahead and so forth.'''

There was a lively discussion regarding what type of activities should be arranged in the future. More details will follow...

Helsinki

2007-09-20T23:20:57Z

Msaario: /* OWASP Helsinki meeting #4 Fall 2007 with Mark Curphey, Tuesday, October 2 2007 */

{{Chapter Template|chaptername=Helsinki|extra=The chapter leader is [mailto:Mikko.Saario@nokia.com Mikko Saario]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-helsinki|emailarchives=http://lists.owasp.org/pipermail/owasp-helsinki}}

== Local News ==

'''Welcome to the OWASP Helsinki Chapter'''

The plan is to meet at least three to four times a year, each lasting 1,5-3 hours (more active "hands" means more meetings). This chapter is based in the capital area and therefore the meetings will be in or around Helsinki.

If you wish to present at one of the meetings or have any other inquiries, please contact the chapter leader.

== OWASP Helsinki meeting #4 Fall 2007 with Mark Curphey, Tuesday, October 2 2007 ==

We are delighted to have Mark Curphey - the OWASP founder and new head of Microsoft's ACE (Application Consulting & Engineering) team in Europe - to visit Finland and discuss web app security with us. Hopefully as many as of you possible can participate!

'''Time: 18.30 at Ixonos premises Hitsaajankatu 20, 00810 Helsinki.'''

''' '''

'''WELCOME!'''

''' '''

== OWASP Helsinki meeting #3 Summer 2007: "SOA, Web Services & XML Security", Tuesday, June 5th 2007 ==

Date: June 5th

Location: Smilehouse, Itälahdenkatu 22A (Stonesoft building), Lauttasaari.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/tietoturva_docview.jsp?f_id=1186167

'''19:00 Welcome & quick recap of recent OWASP activity and the Spring conference. Mikko Saario.'''

'''19:15 Gunnar Peterson, CTO Arctec Group and project lead for the OWASP "XML Security Gateway Evaluation Criteria".'''

Gunnar will be visiting Finland to provide training via Tietoturva ry on this subject. Topics to be covered:
* XML Security Gateways
* Message level threats and security countermeasures in Web services
* OWASP XML Security Gateway Evaluation Criteria Project

'''20:15 "Real-life usage of OWASP tools". Alexandr Seleznyov, Nokia Product Security.'''

(There is a chance Alex cannot make it. In that case we will discuss SOA stuff in more detail or just head off to bar earlier.)

'''20:45 Enter Bar 52...'''
--> Enjoy (sponsored) beverages.

== OWASP Helsinki meeting #2 Winter 2007, Web Application Firewalls, Thursday, February 22 2007 ==

Thank you for the 29 participants, the speakers and the host - Nixu - for making this event happen!

'''Location: Nixu, Mäkelänkatu 91, 00601 Helsinki.'''

What are Web Application Firewalls (WAF), how do they work, what do they do and what don't they do. Discussion and sharing of experiences of various technologies and products.

'''18.30 Welcome. Mikko Saario, Chapter Leader.'''

Today's topic and agenda in short.

'''18.35 "Web Application Firewalls Technical Analysis". Joakim Sandström, CTO nSense.'''

http://www.owasp.org/images/6/6a/Owasp_waf_joakim.pdf

- Technology

- Blacklisting & Whitelisting

- mod_security features

- Do's and Don'ts

'''19.30 "The Core Rule Sets". Ofer Shezaf, CTO Breach Security.'''

http://www.owasp.org/images/f/f4/The_Core_Rule_Set_-_Ofer.pdf

- WAF deployment and protection strategies

- Detection of generic web layer attacks

- Virtual patching

== OWASP Helsinki meeting #1, Tuesday, Dec 12 2006 at Ernst & Young ==

The Helsinki chapter had the first meeting at Ernst & Young office in Elielinaukio 5 B. The agenda and the presentations for the meeting are below. We had a good turnout: 22 people were present i.e. all seats were taken - we were very happy to see all these people to be interested in application security issues.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/doc.do?f_id=1083463

'''18:30 Welcome. What is OWASP and why OWASP Helsinki?'''

Mikko Saario made a short presentation about OWASP and the objective for the local Helsinki chapter.

'''19:00 Analyzing Threats (Olli Wiren; olli [at] juurihoito.org)'''

Olli Wiren discussed application related threats and corresponding security issues.

http://www.owasp.org/images/7/7c/Owasp-olli.pdf

'''19:45 Open discussion regarding OWASP Helsinki; what is expected or wished; how to go ahead and so forth.'''

There was a lively discussion regarding what type of activities should be arranged in the future. More details will follow...

Helsinki

2007-09-20T20:55:27Z

Msaario: /* OWASP Helsinki meeting #4 Fall 2007 with Mark Curphey, Tuesday, Oct 2 2007 */

{{Chapter Template|chaptername=Helsinki|extra=The chapter leader is [mailto:Mikko.Saario@nokia.com Mikko Saario]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-helsinki|emailarchives=http://lists.owasp.org/pipermail/owasp-helsinki}}

== Local News ==

'''Welcome to the OWASP Helsinki Chapter'''

The plan is to meet at least three to four times a year, each lasting 1,5-3 hours (more active "hands" means more meetings). This chapter is based in the capital area and therefore the meetings will be in or around Helsinki.

If you wish to present at one of the meetings or have any other inquiries, please contact the chapter leader.

== OWASP Helsinki meeting #4 Fall 2007 with Mark Curphey, Tuesday, October 2 2007 ==

We are delighted to have Mark Curphey - the OWASP founder and new head of Microsoft's ACE (Application Consulting & Engineering) team in Europe - to visit Finland and discuss web app security with us. Hopefully as many as of you possible can participate!

'''Time: 18.30 at Ixonos premises Hitsaajankatu 20, 008100 Helsinki.'''

'''WELCOME!'''

== OWASP Helsinki meeting #3 Summer 2007: "SOA, Web Services & XML Security", Tuesday, June 5th 2007 ==

Date: June 5th

Location: Smilehouse, Itälahdenkatu 22A (Stonesoft building), Lauttasaari.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/tietoturva_docview.jsp?f_id=1186167

'''19:00 Welcome & quick recap of recent OWASP activity and the Spring conference. Mikko Saario.'''

'''19:15 Gunnar Peterson, CTO Arctec Group and project lead for the OWASP "XML Security Gateway Evaluation Criteria".'''

Gunnar will be visiting Finland to provide training via Tietoturva ry on this subject. Topics to be covered:
* XML Security Gateways
* Message level threats and security countermeasures in Web services
* OWASP XML Security Gateway Evaluation Criteria Project

'''20:15 "Real-life usage of OWASP tools". Alexandr Seleznyov, Nokia Product Security.'''

(There is a chance Alex cannot make it. In that case we will discuss SOA stuff in more detail or just head off to bar earlier.)

'''20:45 Enter Bar 52...'''
--> Enjoy (sponsored) beverages.

== OWASP Helsinki meeting #2 Winter 2007, Web Application Firewalls, Thursday, February 22 2007 ==

Thank you for the 29 participants, the speakers and the host - Nixu - for making this event happen!

'''Location: Nixu, Mäkelänkatu 91, 00601 Helsinki.'''

What are Web Application Firewalls (WAF), how do they work, what do they do and what don't they do. Discussion and sharing of experiences of various technologies and products.

'''18.30 Welcome. Mikko Saario, Chapter Leader.'''

Today's topic and agenda in short.

'''18.35 "Web Application Firewalls Technical Analysis". Joakim Sandström, CTO nSense.'''

http://www.owasp.org/images/6/6a/Owasp_waf_joakim.pdf

- Technology

- Blacklisting & Whitelisting

- mod_security features

- Do's and Don'ts

'''19.30 "The Core Rule Sets". Ofer Shezaf, CTO Breach Security.'''

http://www.owasp.org/images/f/f4/The_Core_Rule_Set_-_Ofer.pdf

- WAF deployment and protection strategies

- Detection of generic web layer attacks

- Virtual patching

== OWASP Helsinki meeting #1, Tuesday, Dec 12 2006 at Ernst & Young ==

The Helsinki chapter had the first meeting at Ernst & Young office in Elielinaukio 5 B. The agenda and the presentations for the meeting are below. We had a good turnout: 22 people were present i.e. all seats were taken - we were very happy to see all these people to be interested in application security issues.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/doc.do?f_id=1083463

'''18:30 Welcome. What is OWASP and why OWASP Helsinki?'''

Mikko Saario made a short presentation about OWASP and the objective for the local Helsinki chapter.

'''19:00 Analyzing Threats (Olli Wiren; olli [at] juurihoito.org)'''

Olli Wiren discussed application related threats and corresponding security issues.

http://www.owasp.org/images/7/7c/Owasp-olli.pdf

'''19:45 Open discussion regarding OWASP Helsinki; what is expected or wished; how to go ahead and so forth.'''

There was a lively discussion regarding what type of activities should be arranged in the future. More details will follow...

Helsinki

2007-09-20T20:55:11Z

Msaario: /* OWASP Helsinki meeting #4 with Mark Curphey, Tuesday, Oct 2 2007 */

{{Chapter Template|chaptername=Helsinki|extra=The chapter leader is [mailto:Mikko.Saario@nokia.com Mikko Saario]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-helsinki|emailarchives=http://lists.owasp.org/pipermail/owasp-helsinki}}

== Local News ==

'''Welcome to the OWASP Helsinki Chapter'''

The plan is to meet at least three to four times a year, each lasting 1,5-3 hours (more active "hands" means more meetings). This chapter is based in the capital area and therefore the meetings will be in or around Helsinki.

If you wish to present at one of the meetings or have any other inquiries, please contact the chapter leader.

== OWASP Helsinki meeting #4 Fall 2007 with Mark Curphey, Tuesday, Oct 2 2007 ==

We are delighted to have Mark Curphey - the OWASP founder and new head of Microsoft's ACE (Application Consulting & Engineering) team in Europe - to visit Finland and discuss web app security with us. Hopefully as many as of you possible can participate!

'''Time: 18.30 at Ixonos premises Hitsaajankatu 20, 008100 Helsinki.'''

'''WELCOME!'''

== OWASP Helsinki meeting #3 Summer 2007: "SOA, Web Services & XML Security", Tuesday, June 5th 2007 ==

Date: June 5th

Location: Smilehouse, Itälahdenkatu 22A (Stonesoft building), Lauttasaari.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/tietoturva_docview.jsp?f_id=1186167

'''19:00 Welcome & quick recap of recent OWASP activity and the Spring conference. Mikko Saario.'''

'''19:15 Gunnar Peterson, CTO Arctec Group and project lead for the OWASP "XML Security Gateway Evaluation Criteria".'''

Gunnar will be visiting Finland to provide training via Tietoturva ry on this subject. Topics to be covered:
* XML Security Gateways
* Message level threats and security countermeasures in Web services
* OWASP XML Security Gateway Evaluation Criteria Project

'''20:15 "Real-life usage of OWASP tools". Alexandr Seleznyov, Nokia Product Security.'''

(There is a chance Alex cannot make it. In that case we will discuss SOA stuff in more detail or just head off to bar earlier.)

'''20:45 Enter Bar 52...'''
--> Enjoy (sponsored) beverages.

== OWASP Helsinki meeting #2 Winter 2007, Web Application Firewalls, Thursday, February 22 2007 ==

Thank you for the 29 participants, the speakers and the host - Nixu - for making this event happen!

'''Location: Nixu, Mäkelänkatu 91, 00601 Helsinki.'''

What are Web Application Firewalls (WAF), how do they work, what do they do and what don't they do. Discussion and sharing of experiences of various technologies and products.

'''18.30 Welcome. Mikko Saario, Chapter Leader.'''

Today's topic and agenda in short.

'''18.35 "Web Application Firewalls Technical Analysis". Joakim Sandström, CTO nSense.'''

http://www.owasp.org/images/6/6a/Owasp_waf_joakim.pdf

- Technology

- Blacklisting & Whitelisting

- mod_security features

- Do's and Don'ts

'''19.30 "The Core Rule Sets". Ofer Shezaf, CTO Breach Security.'''

http://www.owasp.org/images/f/f4/The_Core_Rule_Set_-_Ofer.pdf

- WAF deployment and protection strategies

- Detection of generic web layer attacks

- Virtual patching

== OWASP Helsinki meeting #1, Tuesday, Dec 12 2006 at Ernst & Young ==

The Helsinki chapter had the first meeting at Ernst & Young office in Elielinaukio 5 B. The agenda and the presentations for the meeting are below. We had a good turnout: 22 people were present i.e. all seats were taken - we were very happy to see all these people to be interested in application security issues.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/doc.do?f_id=1083463

'''18:30 Welcome. What is OWASP and why OWASP Helsinki?'''

Mikko Saario made a short presentation about OWASP and the objective for the local Helsinki chapter.

'''19:00 Analyzing Threats (Olli Wiren; olli [at] juurihoito.org)'''

Olli Wiren discussed application related threats and corresponding security issues.

http://www.owasp.org/images/7/7c/Owasp-olli.pdf

'''19:45 Open discussion regarding OWASP Helsinki; what is expected or wished; how to go ahead and so forth.'''

There was a lively discussion regarding what type of activities should be arranged in the future. More details will follow...

Helsinki

2007-09-20T20:54:35Z

Msaario: /* OWASP Helsinki meeting #4 with Mark Curphey, Tuesday, Oct 2 2007 */

{{Chapter Template|chaptername=Helsinki|extra=The chapter leader is [mailto:Mikko.Saario@nokia.com Mikko Saario]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-helsinki|emailarchives=http://lists.owasp.org/pipermail/owasp-helsinki}}

== Local News ==

'''Welcome to the OWASP Helsinki Chapter'''

The plan is to meet at least three to four times a year, each lasting 1,5-3 hours (more active "hands" means more meetings). This chapter is based in the capital area and therefore the meetings will be in or around Helsinki.

If you wish to present at one of the meetings or have any other inquiries, please contact the chapter leader.

== OWASP Helsinki meeting #4 with Mark Curphey, Tuesday, Oct 2 2007 ==

We are delighted to have Mark Curphey - the OWASP founder and new head of Microsoft's ACE (Application Consulting & Engineering) team in Europe - to visit Finland and discuss web app security with us. Hopefully as many as of you possible can participate!

'''Time: 18.30 at Ixonos premises Hitsaajankatu 20, 008100 Helsinki.'''

'''WELCOME!'''

== OWASP Helsinki meeting #3 Summer 2007: "SOA, Web Services & XML Security", Tuesday, June 5th 2007 ==

Date: June 5th

Location: Smilehouse, Itälahdenkatu 22A (Stonesoft building), Lauttasaari.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/tietoturva_docview.jsp?f_id=1186167

'''19:00 Welcome & quick recap of recent OWASP activity and the Spring conference. Mikko Saario.'''

'''19:15 Gunnar Peterson, CTO Arctec Group and project lead for the OWASP "XML Security Gateway Evaluation Criteria".'''

Gunnar will be visiting Finland to provide training via Tietoturva ry on this subject. Topics to be covered:
* XML Security Gateways
* Message level threats and security countermeasures in Web services
* OWASP XML Security Gateway Evaluation Criteria Project

'''20:15 "Real-life usage of OWASP tools". Alexandr Seleznyov, Nokia Product Security.'''

(There is a chance Alex cannot make it. In that case we will discuss SOA stuff in more detail or just head off to bar earlier.)

'''20:45 Enter Bar 52...'''
--> Enjoy (sponsored) beverages.

== OWASP Helsinki meeting #2 Winter 2007, Web Application Firewalls, Thursday, February 22 2007 ==

Thank you for the 29 participants, the speakers and the host - Nixu - for making this event happen!

'''Location: Nixu, Mäkelänkatu 91, 00601 Helsinki.'''

What are Web Application Firewalls (WAF), how do they work, what do they do and what don't they do. Discussion and sharing of experiences of various technologies and products.

'''18.30 Welcome. Mikko Saario, Chapter Leader.'''

Today's topic and agenda in short.

'''18.35 "Web Application Firewalls Technical Analysis". Joakim Sandström, CTO nSense.'''

http://www.owasp.org/images/6/6a/Owasp_waf_joakim.pdf

- Technology

- Blacklisting & Whitelisting

- mod_security features

- Do's and Don'ts

'''19.30 "The Core Rule Sets". Ofer Shezaf, CTO Breach Security.'''

http://www.owasp.org/images/f/f4/The_Core_Rule_Set_-_Ofer.pdf

- WAF deployment and protection strategies

- Detection of generic web layer attacks

- Virtual patching

== OWASP Helsinki meeting #1, Tuesday, Dec 12 2006 at Ernst & Young ==

The Helsinki chapter had the first meeting at Ernst & Young office in Elielinaukio 5 B. The agenda and the presentations for the meeting are below. We had a good turnout: 22 people were present i.e. all seats were taken - we were very happy to see all these people to be interested in application security issues.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/doc.do?f_id=1083463

'''18:30 Welcome. What is OWASP and why OWASP Helsinki?'''

Mikko Saario made a short presentation about OWASP and the objective for the local Helsinki chapter.

'''19:00 Analyzing Threats (Olli Wiren; olli [at] juurihoito.org)'''

Olli Wiren discussed application related threats and corresponding security issues.

http://www.owasp.org/images/7/7c/Owasp-olli.pdf

'''19:45 Open discussion regarding OWASP Helsinki; what is expected or wished; how to go ahead and so forth.'''

There was a lively discussion regarding what type of activities should be arranged in the future. More details will follow...

Helsinki

2007-09-20T20:52:31Z

Msaario: /* OWASP Helsinki meeting #4 with Mark Curphey, Tuesday, Oct 2 2007 */

{{Chapter Template|chaptername=Helsinki|extra=The chapter leader is [mailto:Mikko.Saario@nokia.com Mikko Saario]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-helsinki|emailarchives=http://lists.owasp.org/pipermail/owasp-helsinki}}

== Local News ==

'''Welcome to the OWASP Helsinki Chapter'''

The plan is to meet at least three to four times a year, each lasting 1,5-3 hours (more active "hands" means more meetings). This chapter is based in the capital area and therefore the meetings will be in or around Helsinki.

If you wish to present at one of the meetings or have any other inquiries, please contact the chapter leader.

== OWASP Helsinki meeting #4 with Mark Curphey, Tuesday, Oct 2 2007 ==

We are delighted to have Mark Curphey - the OWASP founder and new head of Microsoft's ACE team in Europe - to visit Finland and have a presentation on a web app security topic in the meeting. Hopefully as many as of you possible can participate!

'''Time: 18.30 at Ixonos premises Hitsaajankatu 20, 008100 Helsinki.'''

'''WELCOME!'''

== OWASP Helsinki meeting #3 Summer 2007: "SOA, Web Services & XML Security", Tuesday, June 5th 2007 ==

Date: June 5th

Location: Smilehouse, Itälahdenkatu 22A (Stonesoft building), Lauttasaari.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/tietoturva_docview.jsp?f_id=1186167

'''19:00 Welcome & quick recap of recent OWASP activity and the Spring conference. Mikko Saario.'''

'''19:15 Gunnar Peterson, CTO Arctec Group and project lead for the OWASP "XML Security Gateway Evaluation Criteria".'''

Gunnar will be visiting Finland to provide training via Tietoturva ry on this subject. Topics to be covered:
* XML Security Gateways
* Message level threats and security countermeasures in Web services
* OWASP XML Security Gateway Evaluation Criteria Project

'''20:15 "Real-life usage of OWASP tools". Alexandr Seleznyov, Nokia Product Security.'''

(There is a chance Alex cannot make it. In that case we will discuss SOA stuff in more detail or just head off to bar earlier.)

'''20:45 Enter Bar 52...'''
--> Enjoy (sponsored) beverages.

== OWASP Helsinki meeting #2 Winter 2007, Web Application Firewalls, Thursday, February 22 2007 ==

Thank you for the 29 participants, the speakers and the host - Nixu - for making this event happen!

'''Location: Nixu, Mäkelänkatu 91, 00601 Helsinki.'''

What are Web Application Firewalls (WAF), how do they work, what do they do and what don't they do. Discussion and sharing of experiences of various technologies and products.

'''18.30 Welcome. Mikko Saario, Chapter Leader.'''

Today's topic and agenda in short.

'''18.35 "Web Application Firewalls Technical Analysis". Joakim Sandström, CTO nSense.'''

http://www.owasp.org/images/6/6a/Owasp_waf_joakim.pdf

- Technology

- Blacklisting & Whitelisting

- mod_security features

- Do's and Don'ts

'''19.30 "The Core Rule Sets". Ofer Shezaf, CTO Breach Security.'''

http://www.owasp.org/images/f/f4/The_Core_Rule_Set_-_Ofer.pdf

- WAF deployment and protection strategies

- Detection of generic web layer attacks

- Virtual patching

== OWASP Helsinki meeting #1, Tuesday, Dec 12 2006 at Ernst & Young ==

The Helsinki chapter had the first meeting at Ernst & Young office in Elielinaukio 5 B. The agenda and the presentations for the meeting are below. We had a good turnout: 22 people were present i.e. all seats were taken - we were very happy to see all these people to be interested in application security issues.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/doc.do?f_id=1083463

'''18:30 Welcome. What is OWASP and why OWASP Helsinki?'''

Mikko Saario made a short presentation about OWASP and the objective for the local Helsinki chapter.

'''19:00 Analyzing Threats (Olli Wiren; olli [at] juurihoito.org)'''

Olli Wiren discussed application related threats and corresponding security issues.

http://www.owasp.org/images/7/7c/Owasp-olli.pdf

'''19:45 Open discussion regarding OWASP Helsinki; what is expected or wished; how to go ahead and so forth.'''

There was a lively discussion regarding what type of activities should be arranged in the future. More details will follow...

Helsinki

2007-09-20T20:51:36Z

Msaario: /* OWASP Helsinki meeting #4 Fall 2007, TBD */

{{Chapter Template|chaptername=Helsinki|extra=The chapter leader is [mailto:Mikko.Saario@nokia.com Mikko Saario]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-helsinki|emailarchives=http://lists.owasp.org/pipermail/owasp-helsinki}}

== Local News ==

'''Welcome to the OWASP Helsinki Chapter'''

The plan is to meet at least three to four times a year, each lasting 1,5-3 hours (more active "hands" means more meetings). This chapter is based in the capital area and therefore the meetings will be in or around Helsinki.

If you wish to present at one of the meetings or have any other inquiries, please contact the chapter leader.

== OWASP Helsinki meeting #4 with Mark Curphey, Tuesday, Oct 2 2007 ==

We are delighted to have Mark Curphey - the OWASP founder and new head of Microsoft's ACE team in Europe - to visit Finland and have a presentation on a web app security topic in the meeting. Hopefully as many as of you possible can participate!

Time: 18.30 at Ixonos premises Hitsaajankatu 20, 008100 Helsinki.

WELCOME!

== OWASP Helsinki meeting #3 Summer 2007: "SOA, Web Services & XML Security", Tuesday, June 5th 2007 ==

Date: June 5th

Location: Smilehouse, Itälahdenkatu 22A (Stonesoft building), Lauttasaari.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/tietoturva_docview.jsp?f_id=1186167

'''19:00 Welcome & quick recap of recent OWASP activity and the Spring conference. Mikko Saario.'''

'''19:15 Gunnar Peterson, CTO Arctec Group and project lead for the OWASP "XML Security Gateway Evaluation Criteria".'''

Gunnar will be visiting Finland to provide training via Tietoturva ry on this subject. Topics to be covered:
* XML Security Gateways
* Message level threats and security countermeasures in Web services
* OWASP XML Security Gateway Evaluation Criteria Project

'''20:15 "Real-life usage of OWASP tools". Alexandr Seleznyov, Nokia Product Security.'''

(There is a chance Alex cannot make it. In that case we will discuss SOA stuff in more detail or just head off to bar earlier.)

'''20:45 Enter Bar 52...'''
--> Enjoy (sponsored) beverages.

== OWASP Helsinki meeting #2 Winter 2007, Web Application Firewalls, Thursday, February 22 2007 ==

Thank you for the 29 participants, the speakers and the host - Nixu - for making this event happen!

'''Location: Nixu, Mäkelänkatu 91, 00601 Helsinki.'''

What are Web Application Firewalls (WAF), how do they work, what do they do and what don't they do. Discussion and sharing of experiences of various technologies and products.

'''18.30 Welcome. Mikko Saario, Chapter Leader.'''

Today's topic and agenda in short.

'''18.35 "Web Application Firewalls Technical Analysis". Joakim Sandström, CTO nSense.'''

http://www.owasp.org/images/6/6a/Owasp_waf_joakim.pdf

- Technology

- Blacklisting & Whitelisting

- mod_security features

- Do's and Don'ts

'''19.30 "The Core Rule Sets". Ofer Shezaf, CTO Breach Security.'''

http://www.owasp.org/images/f/f4/The_Core_Rule_Set_-_Ofer.pdf

- WAF deployment and protection strategies

- Detection of generic web layer attacks

- Virtual patching

== OWASP Helsinki meeting #1, Tuesday, Dec 12 2006 at Ernst & Young ==

The Helsinki chapter had the first meeting at Ernst & Young office in Elielinaukio 5 B. The agenda and the presentations for the meeting are below. We had a good turnout: 22 people were present i.e. all seats were taken - we were very happy to see all these people to be interested in application security issues.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/doc.do?f_id=1083463

'''18:30 Welcome. What is OWASP and why OWASP Helsinki?'''

Mikko Saario made a short presentation about OWASP and the objective for the local Helsinki chapter.

'''19:00 Analyzing Threats (Olli Wiren; olli [at] juurihoito.org)'''

Olli Wiren discussed application related threats and corresponding security issues.

http://www.owasp.org/images/7/7c/Owasp-olli.pdf

'''19:45 Open discussion regarding OWASP Helsinki; what is expected or wished; how to go ahead and so forth.'''

There was a lively discussion regarding what type of activities should be arranged in the future. More details will follow...

Helsinki

2007-07-31T10:52:30Z

Msaario: /* OWASP Helsinki meeting #4 Fall 2007, Mini-conference, TBD */

{{Chapter Template|chaptername=Helsinki|extra=The chapter leader is [mailto:Mikko.Saario@nokia.com Mikko Saario]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-helsinki|emailarchives=http://lists.owasp.org/pipermail/owasp-helsinki}}

== Local News ==

'''Welcome to the OWASP Helsinki Chapter'''

The plan is to meet at least three to four times a year, each lasting 1,5-3 hours (more active "hands" means more meetings). This chapter is based in the capital area and therefore the meetings will be in or around Helsinki.

If you wish to present at one of the meetings or have any other inquiries, please contact the chapter leader.

== OWASP Helsinki meeting #4 Fall 2007, TBD ==

Due to the chapter leader change process taking place (old one i.e. me leaving the country), all current plans are shelved for the moment. Once there is a new leader onboard, planning for the next event will resume.

Stay tuned...

== OWASP Helsinki meeting #3 Summer 2007: "SOA, Web Services & XML Security", Tuesday, June 5th 2007 ==

Date: June 5th

Location: Smilehouse, Itälahdenkatu 22A (Stonesoft building), Lauttasaari.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/tietoturva_docview.jsp?f_id=1186167

'''19:00 Welcome & quick recap of recent OWASP activity and the Spring conference. Mikko Saario.'''

'''19:15 Gunnar Peterson, CTO Arctec Group and project lead for the OWASP "XML Security Gateway Evaluation Criteria".'''

Gunnar will be visiting Finland to provide training via Tietoturva ry on this subject. Topics to be covered:
* XML Security Gateways
* Message level threats and security countermeasures in Web services
* OWASP XML Security Gateway Evaluation Criteria Project

'''20:15 "Real-life usage of OWASP tools". Alexandr Seleznyov, Nokia Product Security.'''

(There is a chance Alex cannot make it. In that case we will discuss SOA stuff in more detail or just head off to bar earlier.)

'''20:45 Enter Bar 52...'''
--> Enjoy (sponsored) beverages.

== OWASP Helsinki meeting #2 Winter 2007, Web Application Firewalls, Thursday, February 22 2007 ==

Thank you for the 29 participants, the speakers and the host - Nixu - for making this event happen!

'''Location: Nixu, Mäkelänkatu 91, 00601 Helsinki.'''

What are Web Application Firewalls (WAF), how do they work, what do they do and what don't they do. Discussion and sharing of experiences of various technologies and products.

'''18.30 Welcome. Mikko Saario, Chapter Leader.'''

Today's topic and agenda in short.

'''18.35 "Web Application Firewalls Technical Analysis". Joakim Sandström, CTO nSense.'''

http://www.owasp.org/images/6/6a/Owasp_waf_joakim.pdf

- Technology

- Blacklisting & Whitelisting

- mod_security features

- Do's and Don'ts

'''19.30 "The Core Rule Sets". Ofer Shezaf, CTO Breach Security.'''

http://www.owasp.org/images/f/f4/The_Core_Rule_Set_-_Ofer.pdf

- WAF deployment and protection strategies

- Detection of generic web layer attacks

- Virtual patching

== OWASP Helsinki meeting #1, Tuesday, Dec 12 2006 at Ernst & Young ==

The Helsinki chapter had the first meeting at Ernst & Young office in Elielinaukio 5 B. The agenda and the presentations for the meeting are below. We had a good turnout: 22 people were present i.e. all seats were taken - we were very happy to see all these people to be interested in application security issues.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/doc.do?f_id=1083463

'''18:30 Welcome. What is OWASP and why OWASP Helsinki?'''

Mikko Saario made a short presentation about OWASP and the objective for the local Helsinki chapter.

'''19:00 Analyzing Threats (Olli Wiren; olli [at] juurihoito.org)'''

Olli Wiren discussed application related threats and corresponding security issues.

http://www.owasp.org/images/7/7c/Owasp-olli.pdf

'''19:45 Open discussion regarding OWASP Helsinki; what is expected or wished; how to go ahead and so forth.'''

There was a lively discussion regarding what type of activities should be arranged in the future. More details will follow...

OWASP on the Move

2007-06-11T10:44:34Z

Msaario: /* Current demand */

This new program allows local chapter or application security conferences to have OWASP presenters on site.

This page will allow 3 parties to find each other:

* OWASP speakers to entertain OWASP presentations and that want to see the world
* Local chapters or application security events that want to attract an OWASP speaker
* OWASP sponsors that want to support spreading the OWASP message

== Current demand ==
Add your demand here:
* [[Helsinki]] is looking for OWASP speakers on the SDLC topic for a mini-conference. Expected timing is late August, early Sept. Sponsors and potential speakers are requested to contact Mikko.

== Current offerings ==
If you want to (re)do an OWASP related presentation, propose them here with your availability boundaries (timing/geographical)
* you?

== OWASP on the Move Events ==
We already have one example in [[Belgium]] were Ivan Ristic and Dinis Cruz will come to the next chapter meeting (sponsored by F5 Networks locally).

Helsinki

2007-06-08T11:29:35Z

Msaario: /* OWASP Helsinki meeting #3 Summer 2007: "SOA, Web Services & XML Security", Tuesday, June 5th 2007 */

{{Chapter Template|chaptername=Helsinki|extra=The chapter leader is [mailto:Mikko.Saario@nokia.com Mikko Saario]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-helsinki|emailarchives=http://lists.owasp.org/pipermail/owasp-helsinki}}

== Local News ==

'''Welcome to the OWASP Helsinki Chapter'''

The plan is to meet at least three to four times a year, each lasting 1,5-3 hours (more active "hands" means more meetings). This chapter is based in the capital area and therefore the meetings will be in or around Helsinki.

If you wish to present at one of the meetings or have any other inquiries, please contact the chapter leader.

== OWASP Helsinki meeting #4 Fall 2007, Mini-conference, TBD ==

This will take place after the Summer holiday period, maybe September. More information to follow.

Planning is underway for a mini-conference, but as always, plans do change and this site will be updated with the latest information as soon as it becomes available!

Stay tuned...

== OWASP Helsinki meeting #3 Summer 2007: "SOA, Web Services & XML Security", Tuesday, June 5th 2007 ==

Date: June 5th

Location: Smilehouse, Itälahdenkatu 22A (Stonesoft building), Lauttasaari.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/tietoturva_docview.jsp?f_id=1186167

'''19:00 Welcome & quick recap of recent OWASP activity and the Spring conference. Mikko Saario.'''

'''19:15 Gunnar Peterson, CTO Arctec Group and project lead for the OWASP "XML Security Gateway Evaluation Criteria".'''

Gunnar will be visiting Finland to provide training via Tietoturva ry on this subject. Topics to be covered:
* XML Security Gateways
* Message level threats and security countermeasures in Web services
* OWASP XML Security Gateway Evaluation Criteria Project

'''20:15 "Real-life usage of OWASP tools". Alexandr Seleznyov, Nokia Product Security.'''

(There is a chance Alex cannot make it. In that case we will discuss SOA stuff in more detail or just head off to bar earlier.)

'''20:45 Enter Bar 52...'''
--> Enjoy (sponsored) beverages.

== OWASP Helsinki meeting #2 Winter 2007, Web Application Firewalls, Thursday, February 22 2007 ==

Thank you for the 29 participants, the speakers and the host - Nixu - for making this event happen!

'''Location: Nixu, Mäkelänkatu 91, 00601 Helsinki.'''

What are Web Application Firewalls (WAF), how do they work, what do they do and what don't they do. Discussion and sharing of experiences of various technologies and products.

'''18.30 Welcome. Mikko Saario, Chapter Leader.'''

Today's topic and agenda in short.

'''18.35 "Web Application Firewalls Technical Analysis". Joakim Sandström, CTO nSense.'''

http://www.owasp.org/images/6/6a/Owasp_waf_joakim.pdf

- Technology

- Blacklisting & Whitelisting

- mod_security features

- Do's and Don'ts

'''19.30 "The Core Rule Sets". Ofer Shezaf, CTO Breach Security.'''

http://www.owasp.org/images/f/f4/The_Core_Rule_Set_-_Ofer.pdf

- WAF deployment and protection strategies

- Detection of generic web layer attacks

- Virtual patching

== OWASP Helsinki meeting #1, Tuesday, Dec 12 2006 at Ernst & Young ==

The Helsinki chapter had the first meeting at Ernst & Young office in Elielinaukio 5 B. The agenda and the presentations for the meeting are below. We had a good turnout: 22 people were present i.e. all seats were taken - we were very happy to see all these people to be interested in application security issues.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/doc.do?f_id=1083463

'''18:30 Welcome. What is OWASP and why OWASP Helsinki?'''

Mikko Saario made a short presentation about OWASP and the objective for the local Helsinki chapter.

'''19:00 Analyzing Threats (Olli Wiren; olli [at] juurihoito.org)'''

Olli Wiren discussed application related threats and corresponding security issues.

http://www.owasp.org/images/7/7c/Owasp-olli.pdf

'''19:45 Open discussion regarding OWASP Helsinki; what is expected or wished; how to go ahead and so forth.'''

There was a lively discussion regarding what type of activities should be arranged in the future. More details will follow...

Helsinki

2007-06-08T11:29:18Z

Msaario: /* OWASP Helsinki meeting #3 Summer 2007: "SOA, Web Services & XML Security", Tuesday, June 5th 2007 */

{{Chapter Template|chaptername=Helsinki|extra=The chapter leader is [mailto:Mikko.Saario@nokia.com Mikko Saario]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-helsinki|emailarchives=http://lists.owasp.org/pipermail/owasp-helsinki}}

== Local News ==

'''Welcome to the OWASP Helsinki Chapter'''

The plan is to meet at least three to four times a year, each lasting 1,5-3 hours (more active "hands" means more meetings). This chapter is based in the capital area and therefore the meetings will be in or around Helsinki.

If you wish to present at one of the meetings or have any other inquiries, please contact the chapter leader.

== OWASP Helsinki meeting #4 Fall 2007, Mini-conference, TBD ==

This will take place after the Summer holiday period, maybe September. More information to follow.

Planning is underway for a mini-conference, but as always, plans do change and this site will be updated with the latest information as soon as it becomes available!

Stay tuned...

== OWASP Helsinki meeting #3 Summer 2007: "SOA, Web Services & XML Security", Tuesday, June 5th 2007 ==

Date: June 5th

Location: Smilehouse, Itälahdenkatu 22A (Stonesoft building), Lauttasaari.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/tietoturva_docview.jsp?f_id=1186167

'''19:00 Welcome & quick recap of recent OWASP activity and the Spring conference. Mikko Saario.'''

'''19:15 Gunnar Peterson, CTO Arctec Group and project lead for the OWASP "XML Security Gateway Evaluation Criteria".'''

Gunnar will be visiting Finland to provide training via Tietoturva ry on this subject. Topics to be covered:
* XML Security Gateways
* Message level threats and security countermeasures in Web services
* OWASP XML Security Gateway Evaluation Criteria Project

'''20:15 "Real-life usage of OWASP tools". Alexandr Seleznyov, Nokia Product Security.'''

(There is a chance Alex cannot make it. In that case we will discuss SOA stuff in more detail or just head off to bar earlier.)

'''20:45 Enter Bar 52...'''
--> Enjoy (sponsored) beverages.

== OWASP Helsinki meeting #2 Winter 2007, Web Application Firewalls, Thursday, February 22 2007 ==

Thank you for the 29 participants, the speakers and the host - Nixu - for making this event happen!

'''Location: Nixu, Mäkelänkatu 91, 00601 Helsinki.'''

What are Web Application Firewalls (WAF), how do they work, what do they do and what don't they do. Discussion and sharing of experiences of various technologies and products.

'''18.30 Welcome. Mikko Saario, Chapter Leader.'''

Today's topic and agenda in short.

'''18.35 "Web Application Firewalls Technical Analysis". Joakim Sandström, CTO nSense.'''

http://www.owasp.org/images/6/6a/Owasp_waf_joakim.pdf

- Technology

- Blacklisting & Whitelisting

- mod_security features

- Do's and Don'ts

'''19.30 "The Core Rule Sets". Ofer Shezaf, CTO Breach Security.'''

http://www.owasp.org/images/f/f4/The_Core_Rule_Set_-_Ofer.pdf

- WAF deployment and protection strategies

- Detection of generic web layer attacks

- Virtual patching

== OWASP Helsinki meeting #1, Tuesday, Dec 12 2006 at Ernst & Young ==

The Helsinki chapter had the first meeting at Ernst & Young office in Elielinaukio 5 B. The agenda and the presentations for the meeting are below. We had a good turnout: 22 people were present i.e. all seats were taken - we were very happy to see all these people to be interested in application security issues.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/doc.do?f_id=1083463

'''18:30 Welcome. What is OWASP and why OWASP Helsinki?'''

Mikko Saario made a short presentation about OWASP and the objective for the local Helsinki chapter.

'''19:00 Analyzing Threats (Olli Wiren; olli [at] juurihoito.org)'''

Olli Wiren discussed application related threats and corresponding security issues.

http://www.owasp.org/images/7/7c/Owasp-olli.pdf

'''19:45 Open discussion regarding OWASP Helsinki; what is expected or wished; how to go ahead and so forth.'''

There was a lively discussion regarding what type of activities should be arranged in the future. More details will follow...

Helsinki

2007-06-08T11:26:44Z

Msaario: /* OWASP Helsinki meeting #1, Tuesday, Dec 12 2006 at Ernst & Young */

{{Chapter Template|chaptername=Helsinki|extra=The chapter leader is [mailto:Mikko.Saario@nokia.com Mikko Saario]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-helsinki|emailarchives=http://lists.owasp.org/pipermail/owasp-helsinki}}

== Local News ==

'''Welcome to the OWASP Helsinki Chapter'''

The plan is to meet at least three to four times a year, each lasting 1,5-3 hours (more active "hands" means more meetings). This chapter is based in the capital area and therefore the meetings will be in or around Helsinki.

If you wish to present at one of the meetings or have any other inquiries, please contact the chapter leader.

== OWASP Helsinki meeting #4 Fall 2007, Mini-conference, TBD ==

This will take place after the Summer holiday period, maybe September. More information to follow.

Planning is underway for a mini-conference, but as always, plans do change and this site will be updated with the latest information as soon as it becomes available!

Stay tuned...

== OWASP Helsinki meeting #3 Summer 2007: "SOA, Web Services & XML Security", Tuesday, June 5th 2007 ==

Date: June 5th

Location: Smilehouse, Itälahdenkatu 22A (Stonesoft building), Lauttasaari.

SPACE IS LIMITED TO 30 PEOPLE, SO PLEASE DO REGISTER BEFOREHAND (i.e. send an email to chapter leader).

'''19:00 Welcome & quick recap of recent OWASP activity and the Spring conference. Mikko Saario.'''

'''19:15 Gunnar Peterson, CTO Arctec Group and project lead for the OWASP "XML Security Gateway Evaluation Criteria".'''

Gunnar will be visiting Finland to provide training via Tietoturva ry on this subject. Topics to be covered:
* XML Security Gateways
* Message level threats and security countermeasures in Web services
* OWASP XML Security Gateway Evaluation Criteria Project

'''20:15 "Real-life usage of OWASP tools". Alexandr Seleznyov, Nokia Product Security.'''

(There is a chance Alex cannot make it. In that case we will discuss SOA stuff in more detail or just head off to bar earlier.)

'''20:45 Enter Bar 52...'''
--> Enjoy (sponsored) beverages.

== OWASP Helsinki meeting #2 Winter 2007, Web Application Firewalls, Thursday, February 22 2007 ==

Thank you for the 29 participants, the speakers and the host - Nixu - for making this event happen!

'''Location: Nixu, Mäkelänkatu 91, 00601 Helsinki.'''

What are Web Application Firewalls (WAF), how do they work, what do they do and what don't they do. Discussion and sharing of experiences of various technologies and products.

'''18.30 Welcome. Mikko Saario, Chapter Leader.'''

Today's topic and agenda in short.

'''18.35 "Web Application Firewalls Technical Analysis". Joakim Sandström, CTO nSense.'''

http://www.owasp.org/images/6/6a/Owasp_waf_joakim.pdf

- Technology

- Blacklisting & Whitelisting

- mod_security features

- Do's and Don'ts

'''19.30 "The Core Rule Sets". Ofer Shezaf, CTO Breach Security.'''

http://www.owasp.org/images/f/f4/The_Core_Rule_Set_-_Ofer.pdf

- WAF deployment and protection strategies

- Detection of generic web layer attacks

- Virtual patching

== OWASP Helsinki meeting #1, Tuesday, Dec 12 2006 at Ernst & Young ==

The Helsinki chapter had the first meeting at Ernst & Young office in Elielinaukio 5 B. The agenda and the presentations for the meeting are below. We had a good turnout: 22 people were present i.e. all seats were taken - we were very happy to see all these people to be interested in application security issues.

Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/doc.do?f_id=1083463

'''18:30 Welcome. What is OWASP and why OWASP Helsinki?'''

Mikko Saario made a short presentation about OWASP and the objective for the local Helsinki chapter.

'''19:00 Analyzing Threats (Olli Wiren; olli [at] juurihoito.org)'''

Olli Wiren discussed application related threats and corresponding security issues.

http://www.owasp.org/images/7/7c/Owasp-olli.pdf

'''19:45 Open discussion regarding OWASP Helsinki; what is expected or wished; how to go ahead and so forth.'''

There was a lively discussion regarding what type of activities should be arranged in the future. More details will follow...

Helsinki

2007-06-08T07:11:23Z

Msaario: /* OWASP Helsinki meeting #4 Fall 2007, e.g. security & SDLC, TBD */

{{Chapter Template|chaptername=Helsinki|extra=The chapter leader is [mailto:Mikko.Saario@nokia.com Mikko Saario]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-helsinki|emailarchives=http://lists.owasp.org/pipermail/owasp-helsinki}}

== Local News ==

'''Welcome to the OWASP Helsinki Chapter'''

The plan is to meet at least three to four times a year, each lasting 1,5-3 hours (more active "hands" means more meetings). This chapter is based in the capital area and therefore the meetings will be in or around Helsinki.

If you wish to present at one of the meetings or have any other inquiries, please contact the chapter leader.

== OWASP Helsinki meeting #4 Fall 2007, Mini-conference, TBD ==

This will take place after the Summer holiday period, maybe September. More information to follow.

Planning is underway for a mini-conference, but as always, plans do change and this site will be updated with the latest information as soon as it becomes available!

Stay tuned...

== OWASP Helsinki meeting #3 Summer 2007: "SOA, Web Services & XML Security", Tuesday, June 5th 2007 ==

Date: June 5th

Location: Smilehouse, Itälahdenkatu 22A (Stonesoft building), Lauttasaari.

SPACE IS LIMITED TO 30 PEOPLE, SO PLEASE DO REGISTER BEFOREHAND (i.e. send an email to chapter leader).

'''19:00 Welcome & quick recap of recent OWASP activity and the Spring conference. Mikko Saario.'''

'''19:15 Gunnar Peterson, CTO Arctec Group and project lead for the OWASP "XML Security Gateway Evaluation Criteria".'''

Gunnar will be visiting Finland to provide training via Tietoturva ry on this subject. Topics to be covered:
* XML Security Gateways
* Message level threats and security countermeasures in Web services
* OWASP XML Security Gateway Evaluation Criteria Project

'''20:15 "Real-life usage of OWASP tools". Alexandr Seleznyov, Nokia Product Security.'''

(There is a chance Alex cannot make it. In that case we will discuss SOA stuff in more detail or just head off to bar earlier.)

'''20:45 Enter Bar 52...'''
--> Enjoy (sponsored) beverages.

== OWASP Helsinki meeting #2 Winter 2007, Web Application Firewalls, Thursday, February 22 2007 ==

Thank you for the 29 participants, the speakers and the host - Nixu - for making this event happen!

'''Location: Nixu, Mäkelänkatu 91, 00601 Helsinki.'''

What are Web Application Firewalls (WAF), how do they work, what do they do and what don't they do. Discussion and sharing of experiences of various technologies and products.

'''18.30 Welcome. Mikko Saario, Chapter Leader.'''

Today's topic and agenda in short.

'''18.35 "Web Application Firewalls Technical Analysis". Joakim Sandström, CTO nSense.'''

http://www.owasp.org/images/6/6a/Owasp_waf_joakim.pdf

- Technology

- Blacklisting & Whitelisting

- mod_security features

- Do's and Don'ts

'''19.30 "The Core Rule Sets". Ofer Shezaf, CTO Breach Security.'''

http://www.owasp.org/images/f/f4/The_Core_Rule_Set_-_Ofer.pdf

- WAF deployment and protection strategies

- Detection of generic web layer attacks

- Virtual patching

== OWASP Helsinki meeting #1, Tuesday, Dec 12 2006 at Ernst & Young ==

The Helsinki chapter had the first meeting at Ernst & Young office in Elielinaukio 5 B. The agenda and the presentations for the meeting are below. We had a good turnout: 22 people were present i.e. all seats were taken - we were very happy to see all these people to be interested in application security issues.

'''18:30 Welcome. What is OWASP and why OWASP Helsinki?'''

Mikko Saario made a short presentation about OWASP and the objective for the local Helsinki chapter.

'''19:00 Analyzing Threats (Olli Wiren; olli [at] juurihoito.org)'''

Olli Wiren discussed application related threats and corresponding security issues.

http://www.owasp.org/images/7/7c/Owasp-olli.pdf

'''19:45 Open discussion regarding OWASP Helsinki; what is expected or wished; how to go ahead and so forth.'''

There was a lively discussion regarding what type of activities should be arranged in the future. More details will follow...

Helsinki

2007-05-30T14:00:01Z

Msaario: /* OWASP Helsinki meeting #3 Summer 2007: "SOA, Web Services & XML Security", Tuesday, June 5th 2007 */

{{Chapter Template|chaptername=Helsinki|extra=The chapter leader is [mailto:Mikko.Saario@nokia.com Mikko Saario]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-helsinki|emailarchives=http://lists.owasp.org/pipermail/owasp-helsinki}}

== Local News ==

'''Welcome to the OWASP Helsinki Chapter'''

The plan is to meet at least three to four times a year, each lasting 1,5-3 hours (more active "hands" means more meetings). This chapter is based in the capital area and therefore the meetings will be in or around Helsinki.

If you wish to present at one of the meetings or have any other inquiries, please contact the chapter leader.

== OWASP Helsinki meeting #4 Fall 2007, e.g. security & SDLC, TBD ==

This will take place after the Summer holiday period, maybe September. More information to follow.

Discussion regarding security in systems development: How to define requirements, design, etc. Stay tuned.

== OWASP Helsinki meeting #3 Summer 2007: "SOA, Web Services & XML Security", Tuesday, June 5th 2007 ==

Date: June 5th

Location: Smilehouse, Itälahdenkatu 22A (Stonesoft building), Lauttasaari.

SPACE IS LIMITED TO 30 PEOPLE, SO PLEASE DO REGISTER BEFOREHAND (i.e. send an email to chapter leader).

'''19:00 Welcome & quick recap of recent OWASP activity and the Spring conference. Mikko Saario.'''

'''19:15 Gunnar Peterson, CTO Arctec Group and project lead for the OWASP "XML Security Gateway Evaluation Criteria".'''

Gunnar will be visiting Finland to provide training via Tietoturva ry on this subject. Topics to be covered:
* XML Security Gateways
* Message level threats and security countermeasures in Web services
* OWASP XML Security Gateway Evaluation Criteria Project

'''20:15 "Real-life usage of OWASP tools". Alexandr Seleznyov, Nokia Product Security.'''

(There is a chance Alex cannot make it. In that case we will discuss SOA stuff in more detail or just head off to bar earlier.)

'''20:45 Enter Bar 52...'''
--> Enjoy (sponsored) beverages.

== OWASP Helsinki meeting #2 Winter 2007, Web Application Firewalls, Thursday, February 22 2007 ==

Thank you for the 29 participants, the speakers and the host - Nixu - for making this event happen!

'''Location: Nixu, Mäkelänkatu 91, 00601 Helsinki.'''

What are Web Application Firewalls (WAF), how do they work, what do they do and what don't they do. Discussion and sharing of experiences of various technologies and products.

'''18.30 Welcome. Mikko Saario, Chapter Leader.'''

Today's topic and agenda in short.

'''18.35 "Web Application Firewalls Technical Analysis". Joakim Sandström, CTO nSense.'''

http://www.owasp.org/images/6/6a/Owasp_waf_joakim.pdf

- Technology

- Blacklisting & Whitelisting

- mod_security features

- Do's and Don'ts

'''19.30 "The Core Rule Sets". Ofer Shezaf, CTO Breach Security.'''

http://www.owasp.org/images/f/f4/The_Core_Rule_Set_-_Ofer.pdf

- WAF deployment and protection strategies

- Detection of generic web layer attacks

- Virtual patching

== OWASP Helsinki meeting #1, Tuesday, Dec 12 2006 at Ernst & Young ==

The Helsinki chapter had the first meeting at Ernst & Young office in Elielinaukio 5 B. The agenda and the presentations for the meeting are below. We had a good turnout: 22 people were present i.e. all seats were taken - we were very happy to see all these people to be interested in application security issues.

'''18:30 Welcome. What is OWASP and why OWASP Helsinki?'''

Mikko Saario made a short presentation about OWASP and the objective for the local Helsinki chapter.

'''19:00 Analyzing Threats (Olli Wiren; olli [at] juurihoito.org)'''

Olli Wiren discussed application related threats and corresponding security issues.

http://www.owasp.org/images/7/7c/Owasp-olli.pdf

'''19:45 Open discussion regarding OWASP Helsinki; what is expected or wished; how to go ahead and so forth.'''

There was a lively discussion regarding what type of activities should be arranged in the future. More details will follow...

Helsinki

2007-05-30T13:58:15Z

Msaario: /* OWASP Helsinki meeting #3 Summer 2007: "SOA, Web Services & XML Security", Tuesday, June 5th 2007 */

{{Chapter Template|chaptername=Helsinki|extra=The chapter leader is [mailto:Mikko.Saario@nokia.com Mikko Saario]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-helsinki|emailarchives=http://lists.owasp.org/pipermail/owasp-helsinki}}

== Local News ==

'''Welcome to the OWASP Helsinki Chapter'''

The plan is to meet at least three to four times a year, each lasting 1,5-3 hours (more active "hands" means more meetings). This chapter is based in the capital area and therefore the meetings will be in or around Helsinki.

If you wish to present at one of the meetings or have any other inquiries, please contact the chapter leader.

== OWASP Helsinki meeting #4 Fall 2007, e.g. security & SDLC, TBD ==

This will take place after the Summer holiday period, maybe September. More information to follow.

Discussion regarding security in systems development: How to define requirements, design, etc. Stay tuned.

== OWASP Helsinki meeting #3 Summer 2007: "SOA, Web Services & XML Security", Tuesday, June 5th 2007 ==

Date: June 5th

Location: Smilehouse, Itälahdenkatu 22A (Stonesoft building), Lauttasaari.

SPACE IS LIMITED TO 30 PEOPLE, SO PLEASE DO REGISTER BEFOREHAND (i.e. send an email to chapter leader).

'''19:00 Welcome & quick recap of recent OWASP activity and the Spring conference. Mikko Saario.'''

'''19:15 Gunnar Peterson, CTO Arctec Group and project lead for the OWASP "XML Security Gateway Evaluation Criteria".'''

Gunnar will be visiting Finland to provide training via Tietoturva ry on this subject. Topics to be covered:
* XML Security Gateways
* Message level threats and security countermeasures in Web services
* OWASP Xml Security Gateway Evaluation Criteria Project

'''20:15 "Real-life usage of OWASP tools". Alexandr Seleznyov, Nokia Product Security.'''

(There is a chance Alex cannot make it. In that case we will discuss SOA stuff in more detail or just head off to bar earlier.)

'''20:45 Enter Bar 52...'''
--> Enjoy (sponsored) beverages.

== OWASP Helsinki meeting #2 Winter 2007, Web Application Firewalls, Thursday, February 22 2007 ==

Thank you for the 29 participants, the speakers and the host - Nixu - for making this event happen!

'''Location: Nixu, Mäkelänkatu 91, 00601 Helsinki.'''

What are Web Application Firewalls (WAF), how do they work, what do they do and what don't they do. Discussion and sharing of experiences of various technologies and products.

'''18.30 Welcome. Mikko Saario, Chapter Leader.'''

Today's topic and agenda in short.

'''18.35 "Web Application Firewalls Technical Analysis". Joakim Sandström, CTO nSense.'''

http://www.owasp.org/images/6/6a/Owasp_waf_joakim.pdf

- Technology

- Blacklisting & Whitelisting

- mod_security features

- Do's and Don'ts

'''19.30 "The Core Rule Sets". Ofer Shezaf, CTO Breach Security.'''

http://www.owasp.org/images/f/f4/The_Core_Rule_Set_-_Ofer.pdf

- WAF deployment and protection strategies

- Detection of generic web layer attacks

- Virtual patching

== OWASP Helsinki meeting #1, Tuesday, Dec 12 2006 at Ernst & Young ==

The Helsinki chapter had the first meeting at Ernst & Young office in Elielinaukio 5 B. The agenda and the presentations for the meeting are below. We had a good turnout: 22 people were present i.e. all seats were taken - we were very happy to see all these people to be interested in application security issues.

'''18:30 Welcome. What is OWASP and why OWASP Helsinki?'''

Mikko Saario made a short presentation about OWASP and the objective for the local Helsinki chapter.

'''19:00 Analyzing Threats (Olli Wiren; olli [at] juurihoito.org)'''

Olli Wiren discussed application related threats and corresponding security issues.

http://www.owasp.org/images/7/7c/Owasp-olli.pdf

'''19:45 Open discussion regarding OWASP Helsinki; what is expected or wished; how to go ahead and so forth.'''

There was a lively discussion regarding what type of activities should be arranged in the future. More details will follow...

Helsinki

2007-05-30T13:56:13Z

Msaario: /* OWASP Helsinki meeting #3 Summer 2007: "SOA, Web Services & XML Security", Tuesday, June 5th 2007 */

{{Chapter Template|chaptername=Helsinki|extra=The chapter leader is [mailto:Mikko.Saario@nokia.com Mikko Saario]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-helsinki|emailarchives=http://lists.owasp.org/pipermail/owasp-helsinki}}

== Local News ==

'''Welcome to the OWASP Helsinki Chapter'''

The plan is to meet at least three to four times a year, each lasting 1,5-3 hours (more active "hands" means more meetings). This chapter is based in the capital area and therefore the meetings will be in or around Helsinki.

If you wish to present at one of the meetings or have any other inquiries, please contact the chapter leader.

== OWASP Helsinki meeting #4 Fall 2007, e.g. security & SDLC, TBD ==

This will take place after the Summer holiday period, maybe September. More information to follow.

Discussion regarding security in systems development: How to define requirements, design, etc. Stay tuned.

== OWASP Helsinki meeting #3 Summer 2007: "SOA, Web Services & XML Security", Tuesday, June 5th 2007 ==

Date: June 5th

Location: Smilehouse, Itälahdenkatu 22A (Stonesoft building), Lauttasaari.

SPACE IS LIMITED TO 30 PEOPLE, SO PLEASE DO REGISTER BEFOREHAND (i.e. send an email to chapter leader).

19:00 Welcome & quick recap of recent OWASP activity and the Spring conference. Mikko Saario.

19:15 Gunnar Peterson, CTO Arctec Group and project lead for the OWASP "XML Security Gateway Evaluation Criteria".

Gunnar will be visiting Finland to provide training via Tietoturva ry on this subject. Topics to be covered:
* XML Security Gateways
* Message level threats and security countermeasures in Web services
* OWASP Xml Security Gateway Evaluation Criteria Project

20:15 "Real-life usage of OWASP tools". Alexandr Seleznyov, Nokia Product Security.
(There is a chance Alex cannot make it. In that case we will discuss SOA stuff in more detail or just head off to bar earlier.)

20:45 Enter Bar 52...
--> Enjoy (sponsored) beverages.

== OWASP Helsinki meeting #2 Winter 2007, Web Application Firewalls, Thursday, February 22 2007 ==

Thank you for the 29 participants, the speakers and the host - Nixu - for making this event happen!

'''Location: Nixu, Mäkelänkatu 91, 00601 Helsinki.'''

What are Web Application Firewalls (WAF), how do they work, what do they do and what don't they do. Discussion and sharing of experiences of various technologies and products.

'''18.30 Welcome. Mikko Saario, Chapter Leader.'''

Today's topic and agenda in short.

'''18.35 "Web Application Firewalls Technical Analysis". Joakim Sandström, CTO nSense.'''

http://www.owasp.org/images/6/6a/Owasp_waf_joakim.pdf

- Technology

- Blacklisting & Whitelisting

- mod_security features

- Do's and Don'ts

'''19.30 "The Core Rule Sets". Ofer Shezaf, CTO Breach Security.'''

http://www.owasp.org/images/f/f4/The_Core_Rule_Set_-_Ofer.pdf

- WAF deployment and protection strategies

- Detection of generic web layer attacks

- Virtual patching

== OWASP Helsinki meeting #1, Tuesday, Dec 12 2006 at Ernst & Young ==

The Helsinki chapter had the first meeting at Ernst & Young office in Elielinaukio 5 B. The agenda and the presentations for the meeting are below. We had a good turnout: 22 people were present i.e. all seats were taken - we were very happy to see all these people to be interested in application security issues.

'''18:30 Welcome. What is OWASP and why OWASP Helsinki?'''

Mikko Saario made a short presentation about OWASP and the objective for the local Helsinki chapter.

'''19:00 Analyzing Threats (Olli Wiren; olli [at] juurihoito.org)'''

Olli Wiren discussed application related threats and corresponding security issues.

http://www.owasp.org/images/7/7c/Owasp-olli.pdf

'''19:45 Open discussion regarding OWASP Helsinki; what is expected or wished; how to go ahead and so forth.'''

There was a lively discussion regarding what type of activities should be arranged in the future. More details will follow...

Helsinki

2007-05-30T13:55:37Z

Msaario: /* OWASP Helsinki meeting #3 Summer 2007: "SOA, Web Services & XML Security", Tuesday, June 5th 2007 */

{{Chapter Template|chaptername=Helsinki|extra=The chapter leader is [mailto:Mikko.Saario@nokia.com Mikko Saario]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-helsinki|emailarchives=http://lists.owasp.org/pipermail/owasp-helsinki}}

== Local News ==

'''Welcome to the OWASP Helsinki Chapter'''

The plan is to meet at least three to four times a year, each lasting 1,5-3 hours (more active "hands" means more meetings). This chapter is based in the capital area and therefore the meetings will be in or around Helsinki.

If you wish to present at one of the meetings or have any other inquiries, please contact the chapter leader.

== OWASP Helsinki meeting #4 Fall 2007, e.g. security & SDLC, TBD ==

This will take place after the Summer holiday period, maybe September. More information to follow.

Discussion regarding security in systems development: How to define requirements, design, etc. Stay tuned.

== OWASP Helsinki meeting #3 Summer 2007: "SOA, Web Services & XML Security", Tuesday, June 5th 2007 ==

Date: June 5th

Location: Smilehouse, Itälahdenkatu 22A (Stonesoft building), Lauttasaari.

SPACE IS LIMITED TO 30 PEOPLE, SO PLEASE DO REGISTER BEFOREHAND (i.e. send an email to chapter leader).

19:00 Welcome & quick recap of recent OWASP activity and the Spring conference. Mikko Saario.

19:15 Gunnar Peterson, CTO Arctec Group and project lead for the OWASP "XML Security Gateway Evaluation Criteria".

Gunnar will be visiting Finland to provide training via Tietoturva ry on this subject. Topics to be covered:
* XML Security Gateways
* Message level threats and security countermeasures in Web services
* OWASP Xml Security Gateway Evaluation Criteria Project

20:15 "Real-life usage of OWASP tools". Alexandr Seleznyov, Nokia Product Security.
(There is a chance Alex cannot make it. In that case we will discuss SOA stuff in more detail or just head off to bar earlier.)

20:45 Enter Bar 52...
--> Enjoy (sponsored) beverages.

== OWASP Helsinki meeting #2 Winter 2007, Web Application Firewalls, Thursday, February 22 2007 ==

Thank you for the 29 participants, the speakers and the host - Nixu - for making this event happen!

'''Location: Nixu, Mäkelänkatu 91, 00601 Helsinki.'''

What are Web Application Firewalls (WAF), how do they work, what do they do and what don't they do. Discussion and sharing of experiences of various technologies and products.

'''18.30 Welcome. Mikko Saario, Chapter Leader.'''

Today's topic and agenda in short.

'''18.35 "Web Application Firewalls Technical Analysis". Joakim Sandström, CTO nSense.'''

http://www.owasp.org/images/6/6a/Owasp_waf_joakim.pdf

- Technology

- Blacklisting & Whitelisting

- mod_security features

- Do's and Don'ts

'''19.30 "The Core Rule Sets". Ofer Shezaf, CTO Breach Security.'''

http://www.owasp.org/images/f/f4/The_Core_Rule_Set_-_Ofer.pdf

- WAF deployment and protection strategies

- Detection of generic web layer attacks

- Virtual patching

== OWASP Helsinki meeting #1, Tuesday, Dec 12 2006 at Ernst & Young ==

The Helsinki chapter had the first meeting at Ernst & Young office in Elielinaukio 5 B. The agenda and the presentations for the meeting are below. We had a good turnout: 22 people were present i.e. all seats were taken - we were very happy to see all these people to be interested in application security issues.

'''18:30 Welcome. What is OWASP and why OWASP Helsinki?'''

Mikko Saario made a short presentation about OWASP and the objective for the local Helsinki chapter.

'''19:00 Analyzing Threats (Olli Wiren; olli [at] juurihoito.org)'''

Olli Wiren discussed application related threats and corresponding security issues.

http://www.owasp.org/images/7/7c/Owasp-olli.pdf

'''19:45 Open discussion regarding OWASP Helsinki; what is expected or wished; how to go ahead and so forth.'''

There was a lively discussion regarding what type of activities should be arranged in the future. More details will follow...

Helsinki

2007-05-30T13:53:51Z

Msaario: /* OWASP Helsinki meeting #3 Summer 2007: "SOA, Web Services & XML Security", Tuesday, June 5th 2007 */

{{Chapter Template|chaptername=Helsinki|extra=The chapter leader is [mailto:Mikko.Saario@nokia.com Mikko Saario]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-helsinki|emailarchives=http://lists.owasp.org/pipermail/owasp-helsinki}}

== Local News ==

'''Welcome to the OWASP Helsinki Chapter'''

The plan is to meet at least three to four times a year, each lasting 1,5-3 hours (more active "hands" means more meetings). This chapter is based in the capital area and therefore the meetings will be in or around Helsinki.

If you wish to present at one of the meetings or have any other inquiries, please contact the chapter leader.

== OWASP Helsinki meeting #4 Fall 2007, e.g. security & SDLC, TBD ==

This will take place after the Summer holiday period, maybe September. More information to follow.

Discussion regarding security in systems development: How to define requirements, design, etc. Stay tuned.

== OWASP Helsinki meeting #3 Summer 2007: "SOA, Web Services & XML Security", Tuesday, June 5th 2007 ==

Date: June 5th

Location: Smilehouse, Itälahdenkatu 22A (Stonesoft building), Lauttasaari.

SPACE IS LIMITED TO 30 PEOPLE, SO PLEASE DO REGISTER BEFOREHAND (i.e. send an email to chapter leader).

19:00 Welcome & quick recap of recent OWASP activity and the Spring conference. Mikko Saario.

19:15 Gunnar Peterson, CTO Arctec Group and project lead for the OWASP "XML Security Gateway Evaluation Criteria". Gunnar will be visiting Finland to provide training via Tietoturva ry on this subject.
Topics to be covered:
* XML Security Gateways
* Message level threats and security countermeasures in Web services
* OWASP Xml Security Gateway Evaluation Criteria Project

20:15 "Real-life usage of OWASP tools". Alexandr Seleznyov, Nokia Product Security.
(There is a chance Alex cannot make it. In that case we will discuss SOA stuff in more detail or just head off to bar earlier.)

20:45 Enter Bar 52...
--> Enjoy (sponsored) beverages.

== OWASP Helsinki meeting #2 Winter 2007, Web Application Firewalls, Thursday, February 22 2007 ==

Thank you for the 29 participants, the speakers and the host - Nixu - for making this event happen!

'''Location: Nixu, Mäkelänkatu 91, 00601 Helsinki.'''

What are Web Application Firewalls (WAF), how do they work, what do they do and what don't they do. Discussion and sharing of experiences of various technologies and products.

'''18.30 Welcome. Mikko Saario, Chapter Leader.'''

Today's topic and agenda in short.

'''18.35 "Web Application Firewalls Technical Analysis". Joakim Sandström, CTO nSense.'''

http://www.owasp.org/images/6/6a/Owasp_waf_joakim.pdf

- Technology

- Blacklisting & Whitelisting

- mod_security features

- Do's and Don'ts

'''19.30 "The Core Rule Sets". Ofer Shezaf, CTO Breach Security.'''

http://www.owasp.org/images/f/f4/The_Core_Rule_Set_-_Ofer.pdf

- WAF deployment and protection strategies

- Detection of generic web layer attacks

- Virtual patching

== OWASP Helsinki meeting #1, Tuesday, Dec 12 2006 at Ernst & Young ==

The Helsinki chapter had the first meeting at Ernst & Young office in Elielinaukio 5 B. The agenda and the presentations for the meeting are below. We had a good turnout: 22 people were present i.e. all seats were taken - we were very happy to see all these people to be interested in application security issues.

'''18:30 Welcome. What is OWASP and why OWASP Helsinki?'''

Mikko Saario made a short presentation about OWASP and the objective for the local Helsinki chapter.

'''19:00 Analyzing Threats (Olli Wiren; olli [at] juurihoito.org)'''

Olli Wiren discussed application related threats and corresponding security issues.

http://www.owasp.org/images/7/7c/Owasp-olli.pdf

'''19:45 Open discussion regarding OWASP Helsinki; what is expected or wished; how to go ahead and so forth.'''

There was a lively discussion regarding what type of activities should be arranged in the future. More details will follow...

Helsinki

2007-05-18T11:44:43Z

Msaario: /* OWASP Helsinki meeting #3 Summer 2007: "SOA, Web Services & XML Security", Tuesday, June 5th 2007 */

{{Chapter Template|chaptername=Helsinki|extra=The chapter leader is [mailto:Mikko.Saario@nokia.com Mikko Saario]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-helsinki|emailarchives=http://lists.owasp.org/pipermail/owasp-helsinki}}

== Local News ==

'''Welcome to the OWASP Helsinki Chapter'''

The plan is to meet at least three to four times a year, each lasting 1,5-3 hours (more active "hands" means more meetings). This chapter is based in the capital area and therefore the meetings will be in or around Helsinki.

If you wish to present at one of the meetings or have any other inquiries, please contact the chapter leader.

== OWASP Helsinki meeting #4 Fall 2007, e.g. security & SDLC, TBD ==

This will take place after the Summer holiday period, maybe September. More information to follow.

Discussion regarding security in systems development: How to define requirements, design, etc. Stay tuned.

== OWASP Helsinki meeting #3 Summer 2007: "SOA, Web Services & XML Security", Tuesday, June 5th 2007 ==

Date: June 5th

Venue: Smilehouse, Itälahdenkatu 22A (Stonesoft building), Lauttasaari

SPACE IS LIMITED TO 30 PEOPLE, SO PLEASE DO REGISTER BEFOREHAND (i.e. send an email to chapter leader).

19:00 Welcome

19:05 Gunnar Peterson, CTO Arctec Group and project lead for the OWASP "XML Security Gateway Evaluation Criteria". He will discuss SOA/WS/XML security in detailed level and provide an update of his OWASP XML GW project. Gunnar will be visiting Finland to provide training via Tietoturva ry on this subject.

19:40 "Real-life usage of OWASP tools". Alexandr Seleznyov, Nokia Product Security.

20:15 3rd presentation still open...!

20:45 Enter Bar 52...
--> Enjoy (sponsored) beverages.

== OWASP Helsinki meeting #2 Winter 2007, Web Application Firewalls, Thursday, February 22 2007 ==

Thank you for the 29 participants, the speakers and the host - Nixu - for making this event happen!

'''Location: Nixu, Mäkelänkatu 91, 00601 Helsinki.'''

What are Web Application Firewalls (WAF), how do they work, what do they do and what don't they do. Discussion and sharing of experiences of various technologies and products.

'''18.30 Welcome. Mikko Saario, Chapter Leader.'''

Today's topic and agenda in short.

'''18.35 "Web Application Firewalls Technical Analysis". Joakim Sandström, CTO nSense.'''

http://www.owasp.org/images/6/6a/Owasp_waf_joakim.pdf

- Technology

- Blacklisting & Whitelisting

- mod_security features

- Do's and Don'ts

'''19.30 "The Core Rule Sets". Ofer Shezaf, CTO Breach Security.'''

http://www.owasp.org/images/f/f4/The_Core_Rule_Set_-_Ofer.pdf

- WAF deployment and protection strategies

- Detection of generic web layer attacks

- Virtual patching

== OWASP Helsinki meeting #1, Tuesday, Dec 12 2006 at Ernst & Young ==

The Helsinki chapter had the first meeting at Ernst & Young office in Elielinaukio 5 B. The agenda and the presentations for the meeting are below. We had a good turnout: 22 people were present i.e. all seats were taken - we were very happy to see all these people to be interested in application security issues.

'''18:30 Welcome. What is OWASP and why OWASP Helsinki?'''

Mikko Saario made a short presentation about OWASP and the objective for the local Helsinki chapter.

'''19:00 Analyzing Threats (Olli Wiren; olli [at] juurihoito.org)'''

Olli Wiren discussed application related threats and corresponding security issues.

http://www.owasp.org/images/7/7c/Owasp-olli.pdf

'''19:45 Open discussion regarding OWASP Helsinki; what is expected or wished; how to go ahead and so forth.'''

There was a lively discussion regarding what type of activities should be arranged in the future. More details will follow...

Helsinki

2007-05-09T18:26:09Z

Msaario: /* OWASP Helsinki meeting #3 Summer 2007: "SOA, Web Services & XML Security", Tuesday, June 5th 2007 */

{{Chapter Template|chaptername=Helsinki|extra=The chapter leader is [mailto:Mikko.Saario@nokia.com Mikko Saario]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-helsinki|emailarchives=http://lists.owasp.org/pipermail/owasp-helsinki}}

== Local News ==

'''Welcome to the OWASP Helsinki Chapter'''

The plan is to meet at least three to four times a year, each lasting 1,5-3 hours (more active "hands" means more meetings). This chapter is based in the capital area and therefore the meetings will be in or around Helsinki.

If you wish to present at one of the meetings or have any other inquiries, please contact the chapter leader.

== OWASP Helsinki meeting #4 Fall 2007, e.g. security & SDLC, TBD ==

This will take place after the Summer holiday period, maybe September. More information to follow.

Discussion regarding security in systems development: How to define requirements, design, etc. Stay tuned.

== OWASP Helsinki meeting #3 Summer 2007: "SOA, Web Services & XML Security", Tuesday, June 5th 2007 ==

Date: June 5th

Venue: Smilehouse, Itälahdenkatu 22A (Stonesoft building), Lauttasaari

SPACE IS LIMITED TO 30 PEOPLE, SO PLEASE DO REGISTER BEFOREHAND (i.e. send an email to chapter leader).

19:00 Welcome

19:05 Gunnar Peterson, CTO Arctec Group and project lead for the OWASP "XML Security Gateway Evaluation Criteria". Topic to be announced. Gunnar will be visiting Finland to provide training via Tietoturva ry on this subject.

19:40 2nd presentation. Presenter and topic being planned.

20:15 3rd presentation. Presenter and topic being planned.

20:45 Enter Bar 52...
--> Enjoy (sponsored) beverages.

== OWASP Helsinki meeting #2 Winter 2007, Web Application Firewalls, Thursday, February 22 2007 ==

Thank you for the 29 participants, the speakers and the host - Nixu - for making this event happen!

'''Location: Nixu, Mäkelänkatu 91, 00601 Helsinki.'''

What are Web Application Firewalls (WAF), how do they work, what do they do and what don't they do. Discussion and sharing of experiences of various technologies and products.

'''18.30 Welcome. Mikko Saario, Chapter Leader.'''

Today's topic and agenda in short.

'''18.35 "Web Application Firewalls Technical Analysis". Joakim Sandström, CTO nSense.'''

http://www.owasp.org/images/6/6a/Owasp_waf_joakim.pdf

- Technology

- Blacklisting & Whitelisting

- mod_security features

- Do's and Don'ts

'''19.30 "The Core Rule Sets". Ofer Shezaf, CTO Breach Security.'''

http://www.owasp.org/images/f/f4/The_Core_Rule_Set_-_Ofer.pdf

- WAF deployment and protection strategies

- Detection of generic web layer attacks

- Virtual patching

== OWASP Helsinki meeting #1, Tuesday, Dec 12 2006 at Ernst & Young ==

The Helsinki chapter had the first meeting at Ernst & Young office in Elielinaukio 5 B. The agenda and the presentations for the meeting are below. We had a good turnout: 22 people were present i.e. all seats were taken - we were very happy to see all these people to be interested in application security issues.

'''18:30 Welcome. What is OWASP and why OWASP Helsinki?'''

Mikko Saario made a short presentation about OWASP and the objective for the local Helsinki chapter.

'''19:00 Analyzing Threats (Olli Wiren; olli [at] juurihoito.org)'''

Olli Wiren discussed application related threats and corresponding security issues.

http://www.owasp.org/images/7/7c/Owasp-olli.pdf

'''19:45 Open discussion regarding OWASP Helsinki; what is expected or wished; how to go ahead and so forth.'''

There was a lively discussion regarding what type of activities should be arranged in the future. More details will follow...