https://wiki.owasp.org/api.php?action=feedcontributions&feedformat=atom&user=OwaspleedsOWASP - User contributions [en]2026-05-06T13:01:09ZUser contributionsMediaWiki 1.27.2https://wiki.owasp.org/index.php?title=User:Martin_Law&diff=211892User:Martin Law2016-03-28T12:50:26Z<p>Owaspleeds: </p>
<hr />
<div>Leeds Chapter Leader<br />
<br />
A seasoned security professional with over 25 years of in depth experience. Specialising in [http://info.agilityis.uk penetration testing], [http://www.hackingthehuman.org/ social engineering], secure design and development, and a strong background in ISMS (27k). <br />
<br />
[http://uk.linkedin.com/in/martinlaw Martin Law] owns and runs [http://www.agilityis.uk AgilityIS] (Agility IS Ltd) who provide information security assurance services to a broad range of clients.<br />
<br />
Martin has a very strong technical background, having started as a developer of UNIX systems some 30 years ago. Writing TCP/IP and SCSI device drivers, firmware, embedded systems, and later focusing on real time operating systems including OS-9, VRTX and VxWorks. Secure coding was essential with software being used for very sensitive applications including fly-by-wireless aircraft, critical industrial control systems, navigation, railway signalling, and defence projects. <br />
<br />
''Note that Martin withdrew from [http://www.first-defence.net/ First Defence Information Security] in June 2015 and has had no involvement with the business since.''</div>Owaspleedshttps://wiki.owasp.org/index.php?title=User:Martin_Law&diff=211891User:Martin Law2016-03-28T12:46:52Z<p>Owaspleeds: </p>
<hr />
<div>Leeds Chapter Leader<br />
<br />
A seasoned security professional with over 25 years of in depth experience. Specialising in [http://info.agilityis.uk penetration testing], [http://www.hackingthehuman.org/ social engineering], secure design and development, and a strong background in ISMS (27k). <br />
<br />
[http://uk.linkedin.com/in/martinlaw Martin Law] owns and runs [http://www.agilityis.uk AgilityIS] (Agility IS Ltd) who information security assurance services to a broad range of clients.<br />
<br />
Martin has a very strong technical background, having started as a developer of UNIX systems some 30 years ago. Writing TCP/IP and SCSI device drivers, firmware, embedded systems, and later focusing on real time operating systems including OS-9, VRTX and VxWorks. Secure coding was essential with software being used for very sensitive applications including fly-by-wireless aircraft, critical industrial control systems, navigation, railway signalling, and defence projects. <br />
<br />
''Note that Martin withdrew from [http://www.first-defence.net/ First Defence Information Security] in June 2015 and has had no involvement with the business since.''</div>Owaspleedshttps://wiki.owasp.org/index.php?title=Leeds_UK_chapter_leaders&diff=211873Leeds UK chapter leaders2016-03-27T21:30:39Z<p>Owaspleeds: </p>
<hr />
<div>== Chapter Board/Leaders ==<br />
<br />
'''Martin Law''' Director - [http://www.agilityis.uk Agility IS Ltd]<br />
<br />
A seasoned security professional with over 25 years security expertise, providing consultancy services to a broad spectrum of clients across all industry sectors.<br />
<br />
Maintaining a considerable depth of technical experience with a career originating in UNIX and TCP/IP some 30 years ago as a developer in open, distributed systems and networking.<br />
<br />
'''Mike Woodhead''' Senior Security Consultant<br />
<br />
Mike has over 10 years experience in the security industry, both as an e-commerce developer and penetration tester. While he has a well rounded skill set, he prefers the challenge associated with web application testing. <br />
He currently holds the Crest Certified Web Application Tester certification.<br />
<br />
'''Neal Lewis''' Neal Lewis & Associates Ltd.<br />
<br />
Neal has twelve years of experience in the information security industry, now director of Neal Lewis & Associates Ltd. Providing infosec consultancy, secure network infrastructure and communications solutions.<br />
<br />
We can all be contacted through [mailto:owaspleeds@gmail.com owaspleeds@gmail.com]<br />
<br />
Please remember, there is no limit on the number of chapter leaders. If you feel you can contribute to the success of the chapter then please volunteer.</div>Owaspleedshttps://wiki.owasp.org/index.php?title=Leeds_UK_chapter_leaders&diff=211872Leeds UK chapter leaders2016-03-27T21:22:52Z<p>Owaspleeds: </p>
<hr />
<div>== Chapter Board/Leaders ==<br />
<br />
'''Martin Law''' Director - Agility IS Ltd<br />
<br />
A seasoned security professional with over 25 years security expertise, providing consultancy services to a broad spectrum of clients across all industry sectors.<br />
<br />
Maintaining a considerable depth of technical experience with a career originating in UNIX and TCP/IP some 30 years ago as a developer in open, distributed systems and networking.<br />
<br />
'''Mike Woodhead''' Senior Security Consultant<br />
<br />
Mike has over 10 years experience in the security industry, both as an e-commerce developer and penetration tester. While he has a well rounded skill set, he prefers the challenge associated with web application testing. <br />
He currently holds the Crest Certified Web Application Tester certification.<br />
<br />
'''Neal Lewis''' Neal Lewis & Associates Ltd.<br />
<br />
Neal has twelve years of experience in the information security industry, now director of Neal Lewis & Associates Ltd. Providing infosec consultancy, secure network infrastructure and communications solutions.<br />
<br />
We can all be contacted through [mailto:owaspleeds@gmail.com owaspleeds@gmail.com]<br />
<br />
Please remember, there is no limit on the number of chapter leaders. If you feel you can contribute to the success of the chapter then please volunteer.</div>Owaspleedshttps://wiki.owasp.org/index.php?title=Leeds_UK_chapter_leaders&diff=211869Leeds UK chapter leaders2016-03-27T21:13:46Z<p>Owaspleeds: </p>
<hr />
<div>== Chapter Board/Leaders ==<br />
<br />
'''Martin Law''' Director - Agility IS Ltd<br />
<br />
A seasoned security professional with over 25 years security expertise, providing consultancy services to a broad spectrum of clients across all industry sectors.<br />
<br />
Maintaining a considerable depth of technical experience with a career originating in UNIX and TCP/IP some 30 years ago as a developer in open, distributed systems and networking.<br />
<br />
'''Mike Woodhead''' Senior Security Consultant - Activity Information Management LTD<br />
<br />
Mike has over 10 years experience in the security industry, both as an e-commerce developer and penetration tester. While he has a well rounded skill set, he prefers the challenge associated with web application testing. <br />
He currently holds the Crest Certified Web Application Tester certification.<br />
<br />
'''Neal Lewis''' Neal Lewis & Associates Ltd.<br />
<br />
Neal has twelve years of experience in the information security industry, now director of Neal Lewis & Associates Ltd. Providing infosec consultancy, secure network infrastructure and communications solutions.<br />
<br />
We can all be contacted through [mailto:owaspleeds@gmail.com owaspleeds@gmail.com]<br />
<br />
Please remember, there is no limit on the number of chapter leaders. If you feel you can contribute to the success of the chapter then please volunteer.</div>Owaspleedshttps://wiki.owasp.org/index.php?title=Leeds_UK&diff=211868Leeds UK2016-03-27T21:07:11Z<p>Owaspleeds: </p>
<hr />
<div>{{Inactive Chapter}}<br />
<br />
{{Chapter Template|chaptername=Leeds UK|extra=<br />
<br />
The Leeds chapter has been quiet for a while but we are looking for enthusiatic new members to make this one of the best OWASP chapters once again. We are hoping to accumulate a good proportion of subject matter experts who will in turn be able to provide guidance and presentations for the benefit of all chapter members. So please join the mailing list and contribute. <br />
<br />
Details of your chapter Board members can be found here [[Leeds_UK_chapter_leaders]] <br />
<br />
The chapter email address is [mailto:owaspleeds@gmail.com owaspleeds@gmail.com]<br />
<br />
<br />
<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Leeds_UK|emailarchives=http://lists.owasp.org/pipermail/owasp-Leeds_UK}}<br />
<br />
<paypal>Leeds_UK</paypal><br />
<br />
== Sponsorship ==<br />
<br />
If your company would like to sponsor the Leeds chapter, or an individual meeting, please get in touch. <br />
<br />
<br />
= Planned Meetings =<br />
<br />
Summer 2016<br />
<br />
<br />
== Last Meeting ==<br />
'''UKSG and OWASP meetings are free to attend and are open to all those interested in web application and information security.<br />
<br />
This is our first combined meeting of the NUKSG and OWASP Leeds groups. We hope that this will encourage new friendships and new interest between the two groups. You can subscribe to both groups to be notified of future events via their websites.<br />
'''<br />
Buffet food and a drink on arrival are kindly provided by our sponsors DVV Solutions and Activity IM (http://www.activityim.com). Please bring your ticket! Further drinks are available for purchase at the venue.<br />
<br />
Please book your place quickly as we expect a big turnout!<br />
<br />
'''6.00pm - Networking Drinks'''<br />
<br />
We will be arriving from 6pm with an opportunity to chat over a beer before we formally start at 6.20pm in the conservatory room.<br />
<br />
'''6.20pm - Introduction'''<br />
<br />
About OWASP and NUKSG, who we are and what we do. How you can get involved and how you can support NUKSG and the work of OWASP. We'll also have a brief update on the NUKSG team entry to White Hat Rally's 2013 pirates and smugglers themed rally - Pieces of V8 - places are available on the team and corporate sponsors needed.<br />
<br />
'''6.30pm - Food!'''<br />
<br />
'''6.45pm - Arron "Finux" Finnon - What is OSNIF?'''<br />
<br />
"Yeah great, I know its not a silver bullet! NIPS/NIDS have issues, and that's putting it lightly. I've talked about their limitations for a while, and i get either "that's awesome" or "they've been done to death". The truth is, we achieved nothing in fixing the problem. We can moan about how rubbish they are, we can pretend it's not our problem, or we can start to address the situation.<br />
<br />
For too long we've moaned, we've made comments and done little to make them better. Vendors are making money off products we all know could be doing a better job. Here's a crazy idea, let's talk about the issues, why they suck, and this time actually do something! What is to be lost by trying something new? Let's accept they fail and instead, turn that frown upside down. This talk isn't an answer, it's a beginning. Looking at some of the common and uncommon issues faced in trying to make NIDS/NIPS better, and why we fail at finding solutions. I don't have all the answers, however I intend to answer one simple question; What is OSNIF?"<br />
<br />
Arron "Finux" Finnon is a Research Consultant at Activity Information Management Limited.<br />
<br />
'''7.45pm - Break'''<br />
<br />
'''8.00pm - Campbell Murray - API's, creating and abusing'''<br />
<br />
This talk looks at the rise of the API and its increasing prevalence in web services. As APIs' are more commonly understood their use is growing, but as with all technology, the more people doing it, the more opportunities for getting it wrong. We will take a rapid look into creating, abusing and fixing the Application Programming Interface.<br />
<br />
'''8.55pm - Closing remarks'''<br />
<br />
'''9.00pm - Retire to bar'''<br />
<br />
<br />
<br />
== Past Events ==<br />
<br />
'''2012 Dates'''<br />
<br />
[[Leeds_UK/Feb_2012]]<br />
<br />
[[Leeds_UK/June_2012]]<br />
<br />
'''2011 Dates'''<br />
<br />
[[Leeds_UK/October_2011_Leeds]]<br />
<br />
[[June_2011]]<br />
<br />
'''2010 Dates'''<br />
<br />
[[8th_December_Leeds]]<br />
<br />
[[15th_September_Leeds]]<br />
<br />
[[16th_june_Leeds]]<br />
<br />
[[17th March - Leeds]]<br />
<br />
'''2009 Dates'''<br />
<br />
[[14th October 2009 - Leeds]]<br />
<br />
<br />
[[Category:United Kingdom]]<br />
[[Category:Europe]]</div>Owaspleedshttps://wiki.owasp.org/index.php?title=Leeds_UK&diff=211867Leeds UK2016-03-27T21:06:15Z<p>Owaspleeds: </p>
<hr />
<div>{{Inactive Chapter}}<br />
<br />
{{Chapter Template|chaptername=Leeds UK|extra=<br />
<br />
The Leeds chapter has been quiet for a while but we are looking for enthusiatic new members to make this one of the best OWASP chapters once again. We are hoping to accumulate a good proportion of subject matter experts who will in turn be able to provide guidance and presentations for the benefit of all chapter members. So please join the mailing list and contribute. <br />
<br />
Details of your chapter Board members can be found here [[Leeds_UK_chapter_leaders]] <br />
<br />
The chapter email address is [mailto:owaspleeds@gmail.com owaspleeds@gmail.com]<br />
<br />
<br />
<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Leeds_UK|emailarchives=http://lists.owasp.org/pipermail/owasp-Leeds_UK}}<br />
<br />
<paypal>Leeds_UK</paypal><br />
<br />
== Sponsorship ==<br />
<br />
If your company would like to sponsor the Leeds chapter, or an individual meeting, please get in touch. <br />
<br />
= Planned Meetings =<br />
<br />
Summer 2016<br />
<br />
<br />
== Last Meeting ==<br />
'''UKSG and OWASP meetings are free to attend and are open to all those interested in web application and information security.<br />
<br />
This is our first combined meeting of the NUKSG and OWASP Leeds groups. We hope that this will encourage new friendships and new interest between the two groups. You can subscribe to both groups to be notified of future events via their websites.<br />
'''<br />
Buffet food and a drink on arrival are kindly provided by our sponsors DVV Solutions and Activity IM (http://www.activityim.com). Please bring your ticket! Further drinks are available for purchase at the venue.<br />
<br />
Please book your place quickly as we expect a big turnout!<br />
<br />
'''6.00pm - Networking Drinks'''<br />
<br />
We will be arriving from 6pm with an opportunity to chat over a beer before we formally start at 6.20pm in the conservatory room.<br />
<br />
'''6.20pm - Introduction'''<br />
<br />
About OWASP and NUKSG, who we are and what we do. How you can get involved and how you can support NUKSG and the work of OWASP. We'll also have a brief update on the NUKSG team entry to White Hat Rally's 2013 pirates and smugglers themed rally - Pieces of V8 - places are available on the team and corporate sponsors needed.<br />
<br />
'''6.30pm - Food!'''<br />
<br />
'''6.45pm - Arron "Finux" Finnon - What is OSNIF?'''<br />
<br />
"Yeah great, I know its not a silver bullet! NIPS/NIDS have issues, and that's putting it lightly. I've talked about their limitations for a while, and i get either "that's awesome" or "they've been done to death". The truth is, we achieved nothing in fixing the problem. We can moan about how rubbish they are, we can pretend it's not our problem, or we can start to address the situation.<br />
<br />
For too long we've moaned, we've made comments and done little to make them better. Vendors are making money off products we all know could be doing a better job. Here's a crazy idea, let's talk about the issues, why they suck, and this time actually do something! What is to be lost by trying something new? Let's accept they fail and instead, turn that frown upside down. This talk isn't an answer, it's a beginning. Looking at some of the common and uncommon issues faced in trying to make NIDS/NIPS better, and why we fail at finding solutions. I don't have all the answers, however I intend to answer one simple question; What is OSNIF?"<br />
<br />
Arron "Finux" Finnon is a Research Consultant at Activity Information Management Limited.<br />
<br />
'''7.45pm - Break'''<br />
<br />
'''8.00pm - Campbell Murray - API's, creating and abusing'''<br />
<br />
This talk looks at the rise of the API and its increasing prevalence in web services. As APIs' are more commonly understood their use is growing, but as with all technology, the more people doing it, the more opportunities for getting it wrong. We will take a rapid look into creating, abusing and fixing the Application Programming Interface.<br />
<br />
'''8.55pm - Closing remarks'''<br />
<br />
'''9.00pm - Retire to bar'''<br />
<br />
<br />
<br />
== Past Events ==<br />
<br />
'''2012 Dates'''<br />
<br />
[[Leeds_UK/Feb_2012]]<br />
<br />
[[Leeds_UK/June_2012]]<br />
<br />
'''2011 Dates'''<br />
<br />
[[Leeds_UK/October_2011_Leeds]]<br />
<br />
[[June_2011]]<br />
<br />
'''2010 Dates'''<br />
<br />
[[8th_December_Leeds]]<br />
<br />
[[15th_September_Leeds]]<br />
<br />
[[16th_june_Leeds]]<br />
<br />
[[17th March - Leeds]]<br />
<br />
'''2009 Dates'''<br />
<br />
[[14th October 2009 - Leeds]]<br />
<br />
<br />
[[Category:United Kingdom]]<br />
[[Category:Europe]]</div>Owaspleedshttps://wiki.owasp.org/index.php?title=Leeds_UK&diff=211866Leeds UK2016-03-27T21:02:50Z<p>Owaspleeds: </p>
<hr />
<div>{{Inactive Chapter}}<br />
<br />
{{Chapter Template|chaptername=Leeds UK|extra=<br />
<br />
The Leeds chapter has been quiet for a while but we are looking for enthusiatic new members to make this one of the best OWASP chapters once again. We are hoping to accumulate a good proportion of subject matter experts who will in turn be able to provide guidance and presentations for the benefit of all chapter members. So please join the mailing list and contribute. <br />
<br />
Details of your chapter Board members can be found here [[Leeds_UK_chapter_leaders]] <br />
<br />
The chapter email address is [mailto:owaspleeds@gmail.com owaspleeds@gmail.com]<br />
<br />
<br />
<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Leeds_UK|emailarchives=http://lists.owasp.org/pipermail/owasp-Leeds_UK}}<br />
<br />
<paypal>Leeds_UK</paypal><br />
<br />
== Sponsorship ==<br />
<br />
If your company would like to sponsor the Leeds chapter, or an individual meeting, please get in touch. <br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
= Planned Meetings =<br />
<br />
Nov 2012<br />
<br />
Jan 2013<br />
<br />
April 2013<br />
<br />
July 2013<br />
<br />
October 2013<br />
<br />
== Next Meeting ==<br />
'''UKSG and OWASP meetings are free to attend and are open to all those interested in web application and information security.<br />
<br />
This is our first combined meeting of the NUKSG and OWASP Leeds groups. We hope that this will encourage new friendships and new interest between the two groups. You can subscribe to both groups to be notified of future events via their websites.<br />
'''<br />
Buffet food and a drink on arrival are kindly provided by our sponsors DVV Solutions and Activity IM (http://www.activityim.com). Please bring your ticket! Further drinks are available for purchase at the venue.<br />
<br />
Please book your place quickly as we expect a big turnout!<br />
<br />
'''6.00pm - Networking Drinks'''<br />
<br />
We will be arriving from 6pm with an opportunity to chat over a beer before we formally start at 6.20pm in the conservatory room.<br />
<br />
'''6.20pm - Introduction'''<br />
<br />
About OWASP and NUKSG, who we are and what we do. How you can get involved and how you can support NUKSG and the work of OWASP. We'll also have a brief update on the NUKSG team entry to White Hat Rally's 2013 pirates and smugglers themed rally - Pieces of V8 - places are available on the team and corporate sponsors needed.<br />
<br />
'''6.30pm - Food!'''<br />
<br />
'''6.45pm - Arron "Finux" Finnon - What is OSNIF?'''<br />
<br />
"Yeah great, I know its not a silver bullet! NIPS/NIDS have issues, and that's putting it lightly. I've talked about their limitations for a while, and i get either "that's awesome" or "they've been done to death". The truth is, we achieved nothing in fixing the problem. We can moan about how rubbish they are, we can pretend it's not our problem, or we can start to address the situation.<br />
<br />
For too long we've moaned, we've made comments and done little to make them better. Vendors are making money off products we all know could be doing a better job. Here's a crazy idea, let's talk about the issues, why they suck, and this time actually do something! What is to be lost by trying something new? Let's accept they fail and instead, turn that frown upside down. This talk isn't an answer, it's a beginning. Looking at some of the common and uncommon issues faced in trying to make NIDS/NIPS better, and why we fail at finding solutions. I don't have all the answers, however I intend to answer one simple question; What is OSNIF?"<br />
<br />
Arron "Finux" Finnon is a Research Consultant at Activity Information Management Limited.<br />
<br />
'''7.45pm - Break'''<br />
<br />
'''8.00pm - Campbell Murray - API's, creating and abusing'''<br />
<br />
This talk looks at the rise of the API and its increasing prevalence in web services. As APIs' are more commonly understood their use is growing, but as with all technology, the more people doing it, the more opportunities for getting it wrong. We will take a rapid look into creating, abusing and fixing the Application Programming Interface.<br />
<br />
'''8.55pm - Closing remarks'''<br />
<br />
'''9.00pm - Retire to bar'''<br />
<br />
<br />
<br />
== Past Events ==<br />
<br />
'''2012 Dates'''<br />
<br />
[[Leeds_UK/Feb_2012]]<br />
<br />
[[Leeds_UK/June_2012]]<br />
<br />
'''2011 Dates'''<br />
<br />
[[Leeds_UK/October_2011_Leeds]]<br />
<br />
[[June_2011]]<br />
<br />
'''2010 Dates'''<br />
<br />
[[8th_December_Leeds]]<br />
<br />
[[15th_September_Leeds]]<br />
<br />
[[16th_june_Leeds]]<br />
<br />
[[17th March - Leeds]]<br />
<br />
'''2009 Dates'''<br />
<br />
[[14th October 2009 - Leeds]]<br />
<br />
<br />
[[Category:United Kingdom]]<br />
[[Category:Europe]]</div>Owaspleedshttps://wiki.owasp.org/index.php?title=East_Midlands&diff=135519East Midlands2012-09-09T17:10:28Z<p>Owaspleeds: </p>
<hr />
<div>{{Chapter Template|chaptername=East Midlands, UK|extra=The chapter leaders are [mailto:mark.goodwin@owasp.org Mark Goodwin], [mailto:jamie.shaw@owasp.org Jamie Shaw] and [mailto:drew.masters@owasp.org Drew Masters].|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-east-midlands|emailarchives=http://lists.owasp.org/pipermail/owasp-east-midlands}}<br />
<br />
== Local News ==<br />
<br />
Everyone is welcome to join us at our chapter meetings.<br />
<br />
If you would like to talk at future meetings then please get in touch via the mailing list or one of the chapter leaders.<br />
<br />
= Next Meeting =<br />
<br />
'''Date:''' Wednesday, 12th September 2012<br />
<br />
'''Location:''' Loxley House, Station Street, Nottingham. (http://loxley-house.com/location/)<br />
<br />
'''Registration:''' Via [http://www.eventbrite.co.uk/event/4108179676 Eventbrite]<br />
<br />
<br />
'''Talk: An Introduction to the OWASP Top Ten'''<br />
<br />
'''Speaker:''' [[User:Simon Bennetts|Simon Bennetts]] - Security Automation Engineer at Mozilla<br />
<br />
<br />
'''Talk: API Security'''<br />
<br />
'''Speaker:''' [[User:Jason Alexander|Jason Alexander]] - Security Architect at KPMG Advisory <br />
<br />
<br />
'''If you would like to talk at the next meeting please get in contact with one of the chapter leaders.'''<br />
<br />
'''Everyone is welcome to join us at our chapter meetings.'''<br />
<br />
= Upcoming Events =<br />
<br />
'''Date:''' TBC<br />
<br />
'''Location:''' TBC<br />
<br />
<br />
'''If you would like to talk at the next meeting please get in contact with one of the chapter leaders.'''<br />
<br />
'''Everyone is welcome to join us at our chapter meetings.'''<br />
<br />
= Past Events =<br />
<br />
'''2012 Dates'''<br />
<br />
'''Date:''' April 25th<br />
<br />
'''Location:''' HEAP Lecture Theatre, University of Derby (Kedleston Road Site), DE22 1GB <br />
<br />
'''Talk by''' [[User:Jamie Shaw|Jamie Shaw]]: Introduction to OWASP and the East Midlands Chapter<br />
<br />
'''Talk by''' [[User:Mark Goodwin|Mark Goodwin]]: Mending the Broken Web<br />
<br />
= Chapter Leaders =<br />
<br />
The chapter leaders are:<br />
<br />
* [[User:Mark Goodwin|Mark Goodwin]]<br />
* [[User:Jamie Shaw|Jamie Shaw]]<br />
* [[User:Drew Masters|Drew Masters]]<br />
<br />
__NOTOC__ <headertabs /><br />
<br />
[[Category:OWASP Chapter]]<br />
[[Category:United Kingdom]]</div>Owaspleedshttps://wiki.owasp.org/index.php?title=Leeds_UK&diff=130989Leeds UK2012-06-05T17:26:14Z<p>Owaspleeds: /* Next Meeting */</p>
<hr />
<div>{{Chapter Template|chaptername=Leeds UK|extra=<br />
<br />
This is a new chapter and we are looking for enthusiatic new members to make this one of the best OWASP chapters. We are hoping to accumalate a good proportion of subject matter experts who will in turn be able to provide guidance and presentations for the benefit of all chapter members. So please join the mailing list and contribute. <br />
<br />
Details of your chapter Board members can be found here [[Leeds_UK_chapter_leaders]] <br />
<br />
The chapter email address is [mailto:owaspleeds@gmail.com owaspleeds@gmail.com]<br />
<br />
<br />
<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Leeds_UK|emailarchives=http://lists.owasp.org/pipermail/owasp-Leeds_UK}}<br />
<br />
<paypal>Leeds_UK</paypal><br />
<br />
<br />
== Planned Meetings ==<br />
<br />
September 2012<br />
<br />
December 2012<br />
<br />
== Next Meeting ==<br />
'''Date:''' Wednesday 13th June Leeds<br />
<br />
'''Location''' This chapter meeting is being kindly hosted by [PWC http://www.pwc.co.uk/governance-risk-compliance/issues/sustainable-information-security.jhtml]. Please ensure you RSVP with a REAL name so that we can supply the information to PWC building security. Please register on eventbrite here: http://www.eventbrite.com/event/3688111240<br />
<br />
https://maps.google.com/maps?f=q&hl=en&q=LS1+4JP&ll=53.796576,-1.556271&spn=0.012218,0.042915<br />
<br />
<br />
'''Schedule: 18:15 for 18:30 start'''<br />
<br />
'''18:30-18:45'''<br />
<br />
OWASP Chapter introduction. OWASP values and membership. Chapter information.<br />
<br />
OWASP Leeds board member<br />
<br />
'''18:45-19:45'''<br />
<br />
Jason Alexander - Security Architect KPMG, OWASP board member<br />
<br />
Utilising OWASP resources to build security into the SDLC - In this presentaion Jason will show how the free and open resources of OWASP (Open Web Application Security Project) can be utilised to initially measure the current status and maturity of security within your software development life cycle and then drive improvements at every stage. From setting security requirements and implementing standards to developer training, software testing and all importantly measuring results.<br />
<br />
'''19:45-20:45'''<br />
<br />
Jason Steer - has worked in IT security for 15 years and works as a solution architect for Silver Tail across Europe<br />
<br />
Silver Tail - will discuss and walk through some real world attacks being seen by our customers web applications from banking, ecommerce, travel etc to show various business logic abuse cases of website functionality. Attacks are on the rise however most businesses are not aware of the extent of attacks on an hourly basis.<br />
<br />
<br />
'''20:45-close'''<br />
<br />
== Past Events ==<br />
<br />
'''2012 Dates'''<br />
<br />
[[Leeds_UK/Feb_2012]]<br />
<br />
'''2011 Dates'''<br />
<br />
[[Leeds_UK/October_2011_Leeds]]<br />
<br />
[[June_2011]]<br />
<br />
'''2010 Dates'''<br />
<br />
[[8th_December_Leeds]]<br />
<br />
[[15th_September_Leeds]]<br />
<br />
[[16th_june_Leeds]]<br />
<br />
[[17th March - Leeds]]<br />
<br />
'''2009 Dates'''<br />
<br />
[[14th October 2009 - Leeds]]<br />
<br />
<br />
[[Category:United Kingdom]]<br />
[[Category:Europe]]</div>Owaspleedshttps://wiki.owasp.org/index.php?title=Leeds_UK&diff=130974Leeds UK2012-06-05T16:34:11Z<p>Owaspleeds: /* Next Meeting */</p>
<hr />
<div>{{Chapter Template|chaptername=Leeds UK|extra=<br />
<br />
This is a new chapter and we are looking for enthusiatic new members to make this one of the best OWASP chapters. We are hoping to accumalate a good proportion of subject matter experts who will in turn be able to provide guidance and presentations for the benefit of all chapter members. So please join the mailing list and contribute. <br />
<br />
Details of your chapter Board members can be found here [[Leeds_UK_chapter_leaders]] <br />
<br />
The chapter email address is [mailto:owaspleeds@gmail.com owaspleeds@gmail.com]<br />
<br />
<br />
<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Leeds_UK|emailarchives=http://lists.owasp.org/pipermail/owasp-Leeds_UK}}<br />
<br />
<paypal>Leeds_UK</paypal><br />
<br />
<br />
== Planned Meetings ==<br />
<br />
September 2012<br />
<br />
December 2012<br />
<br />
== Next Meeting ==<br />
'''Date:''' Wednesday 13th June Leeds<br />
<br />
'''Location''' This chapter meeting is being kindly hosted by [PWC http://www.pwc.co.uk/governance-risk-compliance/issues/sustainable-information-security.jhtml]. Please ensure you RSVP with a REAL name so that we can supply the information to PWC building security.<br />
<br />
https://maps.google.com/maps?f=q&hl=en&q=LS1+4JP&ll=53.796576,-1.556271&spn=0.012218,0.042915<br />
<br />
<br />
'''Schedule: 18:15 for 18:30 start'''<br />
<br />
'''18:30-18:45'''<br />
<br />
OWASP Chapter introduction. OWASP values and membership. Chapter information.<br />
<br />
OWASP Leeds board member<br />
<br />
'''18:45-19:45'''<br />
<br />
Jason Alexander - Security Architect KPMG, OWASP board member<br />
<br />
Utilising OWASP resources to build security into the SDLC - In this presentaion Jason will show how the free and open resources of OWASP (Open Web Application Security Project) can be utilised to initially measure the current status and maturity of security within your software development life cycle and then drive improvements at every stage. From setting security requirements and implementing standards to developer training, software testing and all importantly measuring results.<br />
<br />
'''19:45-20:45'''<br />
<br />
Jason Steer - has worked in IT security for 15 years and works as a solution architect for Silver Tail across Europe<br />
<br />
Silver Tail - will discuss and walk through some real world attacks being seen by our customers web applications from banking, ecommerce, travel etc to show various business logic abuse cases of website functionality. Attacks are on the rise however most businesses are not aware of the extent of attacks on an hourly basis.<br />
<br />
<br />
'''20:45-close'''<br />
<br />
== Past Events ==<br />
<br />
'''2012 Dates'''<br />
<br />
[[Leeds_UK/Feb_2012]]<br />
<br />
'''2011 Dates'''<br />
<br />
[[Leeds_UK/October_2011_Leeds]]<br />
<br />
[[June_2011]]<br />
<br />
'''2010 Dates'''<br />
<br />
[[8th_December_Leeds]]<br />
<br />
[[15th_September_Leeds]]<br />
<br />
[[16th_june_Leeds]]<br />
<br />
[[17th March - Leeds]]<br />
<br />
'''2009 Dates'''<br />
<br />
[[14th October 2009 - Leeds]]<br />
<br />
<br />
[[Category:United Kingdom]]<br />
[[Category:Europe]]</div>Owaspleedshttps://wiki.owasp.org/index.php?title=Leeds_UK&diff=130973Leeds UK2012-06-05T16:31:03Z<p>Owaspleeds: /* Planned Meetings */</p>
<hr />
<div>{{Chapter Template|chaptername=Leeds UK|extra=<br />
<br />
This is a new chapter and we are looking for enthusiatic new members to make this one of the best OWASP chapters. We are hoping to accumalate a good proportion of subject matter experts who will in turn be able to provide guidance and presentations for the benefit of all chapter members. So please join the mailing list and contribute. <br />
<br />
Details of your chapter Board members can be found here [[Leeds_UK_chapter_leaders]] <br />
<br />
The chapter email address is [mailto:owaspleeds@gmail.com owaspleeds@gmail.com]<br />
<br />
<br />
<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Leeds_UK|emailarchives=http://lists.owasp.org/pipermail/owasp-Leeds_UK}}<br />
<br />
<paypal>Leeds_UK</paypal><br />
<br />
<br />
== Planned Meetings ==<br />
<br />
September 2012<br />
<br />
December 2012<br />
<br />
== Next Meeting ==<br />
'''Date:''' Wednesday 13th June Leeds<br />
<br />
'''Location''' This chapter meeting is being kindly hosted by [PWC http://www.pwc.co.uk/governance-risk-compliance/issues/sustainable-information-security.jhtml]. Please ensure you RSVP with a REAL name so that we can supply the information to PWC building security.<br />
<br />
'''PLEASE NOTE. MORE DETAILS ON TALKS WILL FOLLOW'''<br />
<br />
'''Location:''' TBC<br />
<br />
'''Schedule: 18:15 for 18:30 start'''<br />
<br />
'''18:30-18:45'''<br />
<br />
OWASP Chapter introduction. OWASP values and membership. Chapter information.<br />
<br />
OWASP Leeds board member<br />
<br />
'''18:45-19:45'''<br />
<br />
Jason Alexander - Security Architect KPMG, OWASP board member<br />
<br />
Utilising OWASP resources to build security into the SDLC - In this presentaion Jason will show how the free and open resources of OWASP (Open Web Application Security Project) can be utilised to initially measure the current status and maturity of security within your software development life cycle and then drive improvements at every stage. From setting security requirements and implementing standards to developer training, software testing and all importantly measuring results.<br />
<br />
'''19:45-20:45'''<br />
<br />
Jason Steer - has worked in IT security for 15 years and works as a solution architect for Silver Tail across Europe<br />
<br />
Silver Tail - will discuss and walk through some real world attacks being seen by our customers web applications from banking, ecommerce, travel etc to show various business logic abuse cases of website functionality. Attacks are on the rise however most businesses are not aware of the extent of attacks on an hourly basis.<br />
<br />
<br />
'''20:45-close'''<br />
<br />
== Past Events ==<br />
<br />
'''2012 Dates'''<br />
<br />
[[Leeds_UK/Feb_2012]]<br />
<br />
'''2011 Dates'''<br />
<br />
[[Leeds_UK/October_2011_Leeds]]<br />
<br />
[[June_2011]]<br />
<br />
'''2010 Dates'''<br />
<br />
[[8th_December_Leeds]]<br />
<br />
[[15th_September_Leeds]]<br />
<br />
[[16th_june_Leeds]]<br />
<br />
[[17th March - Leeds]]<br />
<br />
'''2009 Dates'''<br />
<br />
[[14th October 2009 - Leeds]]<br />
<br />
<br />
[[Category:United Kingdom]]<br />
[[Category:Europe]]</div>Owaspleedshttps://wiki.owasp.org/index.php?title=Leeds_UK&diff=130972Leeds UK2012-06-05T16:28:40Z<p>Owaspleeds: /* Next Meeting */</p>
<hr />
<div>{{Chapter Template|chaptername=Leeds UK|extra=<br />
<br />
This is a new chapter and we are looking for enthusiatic new members to make this one of the best OWASP chapters. We are hoping to accumalate a good proportion of subject matter experts who will in turn be able to provide guidance and presentations for the benefit of all chapter members. So please join the mailing list and contribute. <br />
<br />
Details of your chapter Board members can be found here [[Leeds_UK_chapter_leaders]] <br />
<br />
The chapter email address is [mailto:owaspleeds@gmail.com owaspleeds@gmail.com]<br />
<br />
<br />
<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Leeds_UK|emailarchives=http://lists.owasp.org/pipermail/owasp-Leeds_UK}}<br />
<br />
<paypal>Leeds_UK</paypal><br />
<br />
<br />
== Planned Meetings ==<br />
June 13th 2012 Venue:TBC<br />
<br />
September 2012<br />
<br />
December 2012<br />
<br />
== Next Meeting ==<br />
'''Date:''' Wednesday 13th June Leeds<br />
<br />
'''Location''' This chapter meeting is being kindly hosted by [PWC http://www.pwc.co.uk/governance-risk-compliance/issues/sustainable-information-security.jhtml]. Please ensure you RSVP with a REAL name so that we can supply the information to PWC building security.<br />
<br />
'''PLEASE NOTE. MORE DETAILS ON TALKS WILL FOLLOW'''<br />
<br />
'''Location:''' TBC<br />
<br />
'''Schedule: 18:15 for 18:30 start'''<br />
<br />
'''18:30-18:45'''<br />
<br />
OWASP Chapter introduction. OWASP values and membership. Chapter information.<br />
<br />
OWASP Leeds board member<br />
<br />
'''18:45-19:45'''<br />
<br />
Jason Alexander - Security Architect KPMG, OWASP board member<br />
<br />
Utilising OWASP resources to build security into the SDLC - In this presentaion Jason will show how the free and open resources of OWASP (Open Web Application Security Project) can be utilised to initially measure the current status and maturity of security within your software development life cycle and then drive improvements at every stage. From setting security requirements and implementing standards to developer training, software testing and all importantly measuring results.<br />
<br />
'''19:45-20:45'''<br />
<br />
Jason Steer - has worked in IT security for 15 years and works as a solution architect for Silver Tail across Europe<br />
<br />
Silver Tail - will discuss and walk through some real world attacks being seen by our customers web applications from banking, ecommerce, travel etc to show various business logic abuse cases of website functionality. Attacks are on the rise however most businesses are not aware of the extent of attacks on an hourly basis.<br />
<br />
<br />
'''20:45-close'''<br />
<br />
== Past Events ==<br />
<br />
'''2012 Dates'''<br />
<br />
[[Leeds_UK/Feb_2012]]<br />
<br />
'''2011 Dates'''<br />
<br />
[[Leeds_UK/October_2011_Leeds]]<br />
<br />
[[June_2011]]<br />
<br />
'''2010 Dates'''<br />
<br />
[[8th_December_Leeds]]<br />
<br />
[[15th_September_Leeds]]<br />
<br />
[[16th_june_Leeds]]<br />
<br />
[[17th March - Leeds]]<br />
<br />
'''2009 Dates'''<br />
<br />
[[14th October 2009 - Leeds]]<br />
<br />
<br />
[[Category:United Kingdom]]<br />
[[Category:Europe]]</div>Owaspleedshttps://wiki.owasp.org/index.php?title=Birmingham&diff=130224Birmingham2012-05-21T16:31:49Z<p>Owaspleeds: /* Chapter News */</p>
<hr />
<div>{{Chapter Template|chaptername=Birmingham, UK|extra=Details of your our Chapter Leaders are here [[Birmingham_Chapter_Leaders]] |mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-birmingham|emailarchives=http://lists.owasp.org/pipermail/owasp-birmingham}}<br />
If you would like to submit a talk then please [https://docs.google.com/a/fishermansenemy.com/spreadsheet/viewform?formkey=dEtraldFSkh4YWxPWkxwdVFfcGNGRHc6MQ#gid=0 fill in this form]<br />
<br />
OWASP is a charitable organisation. Our chapter meetings are free to attend but there are always costs associated with running them. Any amount of donation is appreciated and will be used entirely to enhance the chapter meetings: <paypal>Birmingham UK</paypal><br />
<br />
== Sponsors ==<br />
<br />
Many thanks to our first silver sponsor, [https://www.hedgehogsecurity.co.uk/ Hedgehog Security]<br />
<br />
[[File:Hedgehogsec.jpg|200px|thumb|left]]<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
== Chapter News ==<br />
<br />
'''Planned Chapter Meetings'''<br />
<br />
June 6th 2012 Venue:ICC<br />
<br />
September 2012 Venue:TBC<br />
<br />
December 2012 Venue:TBC<br />
<br />
== Next Meeting ==<br />
'''Date:''' Wednesday 6th June :::<br />
<br />
'''Location:''' <br />
ICC<br />
Broad Street<br />
Birmingham<br />
B1 2AA<br />
<br />
'''Tickets'''<br />
<br />
Sign up for your free tickets at [http://owaspbrum.eventbrite.co.uk/ Eventbrite]<br />
<br />
'''Confirmed Talks'''<br />
<br />
'''Jason Alexander''' <br />
In this presentaion Jason will show how the free and open resources of OWASP (Open Web Application Security Project) can be utilised to initially measure the current status and maturity of security within your software development life cycle and then drive improvements at every stage. From setting security requirements and implementing standards to developer training, software testing and all importantly measuring results.<br />
<br />
'''Peter Bassill'''<br />
In this presentation Peter will detail the Apache mod_security module. Mod_security is a powerful addition to the Apache web server that will allow you to add an extra layer to your web applications defence in depth strategy as well as allowing some very handy tricks including virtual patching. <br />
<br />
== Past Events ==<br />
'''Date:''' Friday 23rd March ::: <br />
<br />
'''Location:''' Service Birmingham Offices<br />
<br />
B1 Building <br />
<br />
50 Summerhill Road<br />
<br />
B1 3RB Birmingham<br />
<br />
'''Talks'''<br />
<br />
'''Tom MacKenzie''' will be reprising the talk he gave at Black Hat Abu Dhabi.<br />
<br />
Meticulous attackers can subvert audit controls to the point where a compromise is almost undetectable. We look at the tools and techniques which can be used by attackers to minimise evidence left behind and propose a novel strategy for managing this issue.<br />
<br />
Fully identifying the method and impact of a data compromise is heavily reliant on the forensic information available to investigators. Commonly this is dependent on having logs for the compromised period. However, in the cases where an attacker has taken steps to reduce their footprint on the system, investigations can be more challenging.<br />
<br />
We explore the various evidential sources which are commonly used to identify the extent and method of a web application compromise. We then discuss an attack which, due to its nature, is more complicated to identify and understand. The presentation will draw together the techniques used in investigating a data compromise and create an attack which is designed to completely compromise the web server while leaving the least amount of evidence on the system.<br />
<br />
Incident readiness specialists can often recommend that verbose logging is put in place. Logging such as full http request and response logging fits the bill for the investigator but by their nature these logs have serious drawbacks for the day to day management of the server; large storage requirements, incidental storage of sensitive data and performance issues are common problems.<br />
<br />
We suggest a new approach, restricting access or logging anomalies at the framework level. By blending the information gained at the framework level with automated application profiling techniques we can create heavily targeted logs bespoke to the specific application. This can be implemented for all applications regardless of whether source code is available. This method gives us the best chance of keeping logging to an absolute minimum whilst ensuring that techniques used to minimise forensic evidence left by an attack are unsuccessful.<br />
<br />
'''Ian Williams''' will be giving his first ever public talk (be gentle!) on how to get into web application security from a learners perspective. Ian will be looking at the Damn Vulnerable Web Application and how it can be used to learn web application security.<br />
There are plenty of books out there on web app security, SQLi and XSS. Reading about them is one thing, but if you are really going to understand how they work you've got to get your hands dirty. We will be looking at one environment in which you can practice what you've read about without fear of getting sue'd, but still getting some exposure to some of the techniques that are used to try any mitigate the attacks you are doing.<br />
<br />
'''Uzi Yair''', the cofounder and CEO of GTB Technologies, will be giving a talk on DLP. The talk will cover the mitigation of data loss prevention together with the web application security – threats, problems, needs and trends<br />
Why is Data Loss Prevention important for web application security experts ? According to a Gartner CISO survey, Data Loss Prevention (DLP) is the biggest priority for 2012. Data Loss Prevention (DLP) is typically defined as any solution or process that identifies confidential data, tracks that data as it moves through and out of enterprise and prevents unauthorized disclosure of data by creating and enforcing disclosure policies. Since confidential data can reside on a variety of computing devices (physical servers, virtual servers, databases, file servers, PCs, point-of-sale devices, flash drives and mobile devices) and move through a variety of network access points (wireline, wireless, VPNs, etc.) there are a variety of solutions that are tackling the problem of data loss, data recovery and data leaks. As the number of Internet-connected devices skyrockets into the billions, Data Loss Prevention is an increasingly important part of any organization’s ability to manage and protect critical and confidential information.<br />
<br />
<br />
'''Speaker Bio's'''<br />
<br />
Thomas Mackenzie is an Application Security Consultant for SpiderLabs in Europe, the Middle East and Africa. SpiderLabs is the global advanced security services team within Trustwave responsible for:<br />
<br />
* Security Analysis and Testing<br />
* Incident Response and Investigation<br />
* Research & Development<br />
<br />
Thomas has been asked to present technical talks at a number of international events including, DeepSec, Bsides Chicago and BlackHat Abu Dhabi. Thomas also speaks at a number of domestic venues including; OWASP events across the UK, PHP London, Marketing Event around WordPress, DC4420 and guest lecturing on application security and vulnerability management at a number of UK universities.<br />
Thomas is the founder of upSploit Advisory Management, an automated disclosure system that helps security researchers and vendors communicate vulnerability information quickly, easily and in an ethical manner. <br />
<br />
Previously to Trustwave Thomas worked for security boutique in the North of England, where he worked as a security engineer in the web application security testing team. Before completing his move to SpiderLabs, he contracted for a number of companies providing consulting services in the area of web application security.<br />
<br />
Thomas has founded a number of vulnerabilities in well known software i.e. Wordpress and a highly downloaded iPhone App.<br />
<br />
Ian Williams is an Information Security Analyst for RWE IT UK, the IT provider for RWEnpower and one of the largest utilities in the UK. Ian is rather new to the security field having moved into it from a career in Wintel server support and software packaging and distribution.<br />
Always being one to have a tinker with things security had become a natural fit with Ian obtaining GIAC certifications GCIH, GAWN and GPEN in the 5 years since he started in the industry.<br />
Ian is a passionate supporter of the UK information security community and is working to pay back all of the support he has gained in the last 5 years by organising local security meetings such as OWASP and 2600 and speaking as a new commer to the industry, in the hope it will encourage more of the IT tinkerers to come over to the dark side!<br />
<br />
Uzi Yair is the cofounder and CEO of GTB Technologies, is a leader and expert in the data leak prevention marketplace. Uzi leads the development of GTB's game changing technology; a technology which has solved the known DLP market limitation of false positive rates.<br />
<br />
'''December 2011'''<br />
<br />
We have to supply KPMG a list of attendees 24 hours before the meeting. If all tickets are gone please request to go on the standby list<br />
<br />
'''Location:''' KPMG Offices Birmingham <br />
<br />
One Snowhill <br />
<br />
Snow Hill Queensway <br />
<br />
Birmingham <br />
<br />
West Midlands<br />
<br />
B4 6GH <br />
<br />
Massive thanks to [http://www.kpmg.com/UK/en/WhatWeDo/Advisory/risk-consulting/services/tech-risk/Pages/InformationProtectionBusinessResilience.aspx KPMG] who again are supporting OWASP and giving something back to the community. <br />
<br />
<br />
<br />
'''Schedule: 18:00 for 18:20 start'''<br />
<br />
<br />
<br />
'''18:20-18:30'''<br />
<br />
OWASP Chapter introduction. OWASP values and membership. Chapter information.<br />
<br />
OWASP Birmingham Chapter Leader<br />
<br />
<br />
<br />
'''18:30 - 19:10''' <br />
<br />
'''Talk 1''' ''Agnitio: the security code review Swiss army knife'' <br />
<br />
Teaching developers to write secure code, helping security professionals find security flaws in source code, producing application security metrics and reports with integrity checks and audit trails. If you want to implement an SDLC that produces secure software with the audit trails and reports frequently demanded by auditors and management you need to acknowledge that these are key constituents and implement them in a form that is both easy to understand and use.<br />
<br />
This is far easier to talk about than it is to implement in the real world where well structured SDLC’s are rare and application security programmes are usually under funded. Working with developers, security professionals and management to cultivate an environment where secure code is written and flaws found consistently requires both time and money. The same can be said for producing informative reports and metrics when all of your security code review data resides in notepad, Word and Excel files. With these problems in mind I developed Agnitio to be my security code review Swiss army knife and released it as a free tool in late 2010.<br />
<br />
In this demonstration filled talk I will show how Agnitio can be used to addresses repeatability, integrity and audit trail concerns by requiring the creation of application profiles, the use of a security code review checklist consisting of over 80 application security questions and mandatory integrity checks for reviews and reports created using the tool. I will demonstrate how the inbuilt secure coding and security code review guidance modules allow developers and security professionals to access the information they need precisely when they need it. I will also show how Agnitio automatically creates metrics and reports bringing much needed visibility to the security code review process with no extra effort required from the reviewer, developers or management.<br />
<br />
Agnitio v2.1 will be demonstrated during this talk which will show how Agnitio’s already powerful feature set has been expanded to guidance and questions linked to the OWASP top 10 mobile risks as well as the ability to decompile and analyse Android applications.<br />
<br />
'''Speaker''''' David Rook Application Security Lead - Realex Payments Ltd''<br />
<br />
<br />
'''19:30 - 20:10'''<br />
<br />
'''Talk 2:''' ''Mobile Security - The Tune is Different, The Dance is the Same''<br />
<br />
Paco Hope will discuss what is fundamentally new about mobile applications, and what is fundamentally not new with respect to securing them. Looking at how the platforms work, their respective app stores, and the role of carriers and their security, we will understand four golden rules to ensuring secure use and development of mobile apps. Whether we are the app developer, security professional, or just someone trying to use their mobile securely, these four rules are important to know.<br />
<br />
'''Speaker''' Paco Hope, Principal Consultant, Cigital <br />
<br />
<br />
'''20:20 -21-00'''<br />
<br />
'''Talk 3:''' ''Mobile Application Security''<br />
<br />
This talk will start by taking a look at the mobile applosion that we have all witnessed since the Apple App Store was launched on the 11th July 2008. Mobile users have downloaded over 25 billion mobile apps since that day which is roughly 14,000 apps for every minute since Apple launched the App Store. Those kinds of numbers make it clear that mobile apps are big business and that we need to quickly understand how to secure these applications.<br />
<br />
I will show how mobile manufacturers and network operators are now a big part of your threat models and how their approach to security could undermine your application security efforts.<br />
<br />
The final part of the talk will focus on Android and iOS applications. I will give an overview of each platform as well guidance on how you should approach security code reviews for Android and iOS applications.<br />
<br />
'''Speaker''' ''David Rook Application Security Lead - Realex Payments Ltd''<br />
<br />
<br />
<br />
'''Speaker Bio's'''<br />
<br />
'''David Rook''' is the Application Security Lead at Realex Payments in Dublin. He is a contributor to several OWASP projects including the code review guide and the Cryptographic Storage Cheat Sheet. He has presented at leading information security conferences including DEF CON, BlackHat USA and RSA Europe. In addition to his work with OWASP David created a security resource website and blog called Security Ninja (http://www.securityninja.co.uk).<br />
<br />
In 2010 the Security Ninja blog was nominated for five awards including the best technology blog at the Irish Blog Awards, the Computer Weekly IT Security blog award and was a finalist for the Irish Web Awards Best Technology Site. In 2011 David received a Developer Security MVP award from Microsoft. David has recently become one of the first mentors in the Information Security Mentors project helping young people progress their information security careers.<br />
<br />
<br />
'''Paco Hope''' is a Principal Consultant with Cigital, Inc. and has 12 years of experience in mobile security, embedded security, web software security and operating system security. He has led numerous engagements assessing source code and implementations of mobile phones, lottery systems, casino gaming devices, smart cards and web applications. He is the co-author of The Web Security Testing Cookbook and Mastering FreeBSD and OpenBSD Security. Mr. Hope also serves on the Application Security Advisory Board of (ISC)2, acting as a subject matter expert for the Certified Information Systems Security Professional (CISSP) and the Certified Secure Software Lifecycle Professional (CSSLP).<br />
<br />
<br />
<br />
[[Category:OWASP Chapter]]<br />
[[Category:United Kingdom]]</div>Owaspleedshttps://wiki.owasp.org/index.php?title=Birmingham&diff=130223Birmingham2012-05-21T16:31:13Z<p>Owaspleeds: /* Chapter News */</p>
<hr />
<div>{{Chapter Template|chaptername=Birmingham, UK|extra=Details of your our Chapter Leaders are here [[Birmingham_Chapter_Leaders]] |mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-birmingham|emailarchives=http://lists.owasp.org/pipermail/owasp-birmingham}}<br />
If you would like to submit a talk then please [https://docs.google.com/a/fishermansenemy.com/spreadsheet/viewform?formkey=dEtraldFSkh4YWxPWkxwdVFfcGNGRHc6MQ#gid=0 fill in this form]<br />
<br />
OWASP is a charitable organisation. Our chapter meetings are free to attend but there are always costs associated with running them. Any amount of donation is appreciated and will be used entirely to enhance the chapter meetings: <paypal>Birmingham UK</paypal><br />
<br />
== Sponsors ==<br />
<br />
Many thanks to our first silver sponsor, [https://www.hedgehogsecurity.co.uk/ Hedgehog Security]<br />
<br />
[[File:Hedgehogsec.jpg|200px|thumb|left]]<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
== Chapter News ==<br />
<br />
'''Planned Chapter Meetings'''<br />
<br />
June 6th 2012 Venue:ICC<br />
<br />
September 2012 Venue:TBC<br />
<br />
December 2012 Venue:TBC<br />
<br />
http://www.test.com<br />
<br />
== Next Meeting ==<br />
'''Date:''' Wednesday 6th June :::<br />
<br />
'''Location:''' <br />
ICC<br />
Broad Street<br />
Birmingham<br />
B1 2AA<br />
<br />
'''Tickets'''<br />
<br />
Sign up for your free tickets at [http://owaspbrum.eventbrite.co.uk/ Eventbrite]<br />
<br />
'''Confirmed Talks'''<br />
<br />
'''Jason Alexander''' <br />
In this presentaion Jason will show how the free and open resources of OWASP (Open Web Application Security Project) can be utilised to initially measure the current status and maturity of security within your software development life cycle and then drive improvements at every stage. From setting security requirements and implementing standards to developer training, software testing and all importantly measuring results.<br />
<br />
'''Peter Bassill'''<br />
In this presentation Peter will detail the Apache mod_security module. Mod_security is a powerful addition to the Apache web server that will allow you to add an extra layer to your web applications defence in depth strategy as well as allowing some very handy tricks including virtual patching. <br />
<br />
== Past Events ==<br />
'''Date:''' Friday 23rd March ::: <br />
<br />
'''Location:''' Service Birmingham Offices<br />
<br />
B1 Building <br />
<br />
50 Summerhill Road<br />
<br />
B1 3RB Birmingham<br />
<br />
'''Talks'''<br />
<br />
'''Tom MacKenzie''' will be reprising the talk he gave at Black Hat Abu Dhabi.<br />
<br />
Meticulous attackers can subvert audit controls to the point where a compromise is almost undetectable. We look at the tools and techniques which can be used by attackers to minimise evidence left behind and propose a novel strategy for managing this issue.<br />
<br />
Fully identifying the method and impact of a data compromise is heavily reliant on the forensic information available to investigators. Commonly this is dependent on having logs for the compromised period. However, in the cases where an attacker has taken steps to reduce their footprint on the system, investigations can be more challenging.<br />
<br />
We explore the various evidential sources which are commonly used to identify the extent and method of a web application compromise. We then discuss an attack which, due to its nature, is more complicated to identify and understand. The presentation will draw together the techniques used in investigating a data compromise and create an attack which is designed to completely compromise the web server while leaving the least amount of evidence on the system.<br />
<br />
Incident readiness specialists can often recommend that verbose logging is put in place. Logging such as full http request and response logging fits the bill for the investigator but by their nature these logs have serious drawbacks for the day to day management of the server; large storage requirements, incidental storage of sensitive data and performance issues are common problems.<br />
<br />
We suggest a new approach, restricting access or logging anomalies at the framework level. By blending the information gained at the framework level with automated application profiling techniques we can create heavily targeted logs bespoke to the specific application. This can be implemented for all applications regardless of whether source code is available. This method gives us the best chance of keeping logging to an absolute minimum whilst ensuring that techniques used to minimise forensic evidence left by an attack are unsuccessful.<br />
<br />
'''Ian Williams''' will be giving his first ever public talk (be gentle!) on how to get into web application security from a learners perspective. Ian will be looking at the Damn Vulnerable Web Application and how it can be used to learn web application security.<br />
There are plenty of books out there on web app security, SQLi and XSS. Reading about them is one thing, but if you are really going to understand how they work you've got to get your hands dirty. We will be looking at one environment in which you can practice what you've read about without fear of getting sue'd, but still getting some exposure to some of the techniques that are used to try any mitigate the attacks you are doing.<br />
<br />
'''Uzi Yair''', the cofounder and CEO of GTB Technologies, will be giving a talk on DLP. The talk will cover the mitigation of data loss prevention together with the web application security – threats, problems, needs and trends<br />
Why is Data Loss Prevention important for web application security experts ? According to a Gartner CISO survey, Data Loss Prevention (DLP) is the biggest priority for 2012. Data Loss Prevention (DLP) is typically defined as any solution or process that identifies confidential data, tracks that data as it moves through and out of enterprise and prevents unauthorized disclosure of data by creating and enforcing disclosure policies. Since confidential data can reside on a variety of computing devices (physical servers, virtual servers, databases, file servers, PCs, point-of-sale devices, flash drives and mobile devices) and move through a variety of network access points (wireline, wireless, VPNs, etc.) there are a variety of solutions that are tackling the problem of data loss, data recovery and data leaks. As the number of Internet-connected devices skyrockets into the billions, Data Loss Prevention is an increasingly important part of any organization’s ability to manage and protect critical and confidential information.<br />
<br />
<br />
'''Speaker Bio's'''<br />
<br />
Thomas Mackenzie is an Application Security Consultant for SpiderLabs in Europe, the Middle East and Africa. SpiderLabs is the global advanced security services team within Trustwave responsible for:<br />
<br />
* Security Analysis and Testing<br />
* Incident Response and Investigation<br />
* Research & Development<br />
<br />
Thomas has been asked to present technical talks at a number of international events including, DeepSec, Bsides Chicago and BlackHat Abu Dhabi. Thomas also speaks at a number of domestic venues including; OWASP events across the UK, PHP London, Marketing Event around WordPress, DC4420 and guest lecturing on application security and vulnerability management at a number of UK universities.<br />
Thomas is the founder of upSploit Advisory Management, an automated disclosure system that helps security researchers and vendors communicate vulnerability information quickly, easily and in an ethical manner. <br />
<br />
Previously to Trustwave Thomas worked for security boutique in the North of England, where he worked as a security engineer in the web application security testing team. Before completing his move to SpiderLabs, he contracted for a number of companies providing consulting services in the area of web application security.<br />
<br />
Thomas has founded a number of vulnerabilities in well known software i.e. Wordpress and a highly downloaded iPhone App.<br />
<br />
Ian Williams is an Information Security Analyst for RWE IT UK, the IT provider for RWEnpower and one of the largest utilities in the UK. Ian is rather new to the security field having moved into it from a career in Wintel server support and software packaging and distribution.<br />
Always being one to have a tinker with things security had become a natural fit with Ian obtaining GIAC certifications GCIH, GAWN and GPEN in the 5 years since he started in the industry.<br />
Ian is a passionate supporter of the UK information security community and is working to pay back all of the support he has gained in the last 5 years by organising local security meetings such as OWASP and 2600 and speaking as a new commer to the industry, in the hope it will encourage more of the IT tinkerers to come over to the dark side!<br />
<br />
Uzi Yair is the cofounder and CEO of GTB Technologies, is a leader and expert in the data leak prevention marketplace. Uzi leads the development of GTB's game changing technology; a technology which has solved the known DLP market limitation of false positive rates.<br />
<br />
'''December 2011'''<br />
<br />
We have to supply KPMG a list of attendees 24 hours before the meeting. If all tickets are gone please request to go on the standby list<br />
<br />
'''Location:''' KPMG Offices Birmingham <br />
<br />
One Snowhill <br />
<br />
Snow Hill Queensway <br />
<br />
Birmingham <br />
<br />
West Midlands<br />
<br />
B4 6GH <br />
<br />
Massive thanks to [http://www.kpmg.com/UK/en/WhatWeDo/Advisory/risk-consulting/services/tech-risk/Pages/InformationProtectionBusinessResilience.aspx KPMG] who again are supporting OWASP and giving something back to the community. <br />
<br />
<br />
<br />
'''Schedule: 18:00 for 18:20 start'''<br />
<br />
<br />
<br />
'''18:20-18:30'''<br />
<br />
OWASP Chapter introduction. OWASP values and membership. Chapter information.<br />
<br />
OWASP Birmingham Chapter Leader<br />
<br />
<br />
<br />
'''18:30 - 19:10''' <br />
<br />
'''Talk 1''' ''Agnitio: the security code review Swiss army knife'' <br />
<br />
Teaching developers to write secure code, helping security professionals find security flaws in source code, producing application security metrics and reports with integrity checks and audit trails. If you want to implement an SDLC that produces secure software with the audit trails and reports frequently demanded by auditors and management you need to acknowledge that these are key constituents and implement them in a form that is both easy to understand and use.<br />
<br />
This is far easier to talk about than it is to implement in the real world where well structured SDLC’s are rare and application security programmes are usually under funded. Working with developers, security professionals and management to cultivate an environment where secure code is written and flaws found consistently requires both time and money. The same can be said for producing informative reports and metrics when all of your security code review data resides in notepad, Word and Excel files. With these problems in mind I developed Agnitio to be my security code review Swiss army knife and released it as a free tool in late 2010.<br />
<br />
In this demonstration filled talk I will show how Agnitio can be used to addresses repeatability, integrity and audit trail concerns by requiring the creation of application profiles, the use of a security code review checklist consisting of over 80 application security questions and mandatory integrity checks for reviews and reports created using the tool. I will demonstrate how the inbuilt secure coding and security code review guidance modules allow developers and security professionals to access the information they need precisely when they need it. I will also show how Agnitio automatically creates metrics and reports bringing much needed visibility to the security code review process with no extra effort required from the reviewer, developers or management.<br />
<br />
Agnitio v2.1 will be demonstrated during this talk which will show how Agnitio’s already powerful feature set has been expanded to guidance and questions linked to the OWASP top 10 mobile risks as well as the ability to decompile and analyse Android applications.<br />
<br />
'''Speaker''''' David Rook Application Security Lead - Realex Payments Ltd''<br />
<br />
<br />
'''19:30 - 20:10'''<br />
<br />
'''Talk 2:''' ''Mobile Security - The Tune is Different, The Dance is the Same''<br />
<br />
Paco Hope will discuss what is fundamentally new about mobile applications, and what is fundamentally not new with respect to securing them. Looking at how the platforms work, their respective app stores, and the role of carriers and their security, we will understand four golden rules to ensuring secure use and development of mobile apps. Whether we are the app developer, security professional, or just someone trying to use their mobile securely, these four rules are important to know.<br />
<br />
'''Speaker''' Paco Hope, Principal Consultant, Cigital <br />
<br />
<br />
'''20:20 -21-00'''<br />
<br />
'''Talk 3:''' ''Mobile Application Security''<br />
<br />
This talk will start by taking a look at the mobile applosion that we have all witnessed since the Apple App Store was launched on the 11th July 2008. Mobile users have downloaded over 25 billion mobile apps since that day which is roughly 14,000 apps for every minute since Apple launched the App Store. Those kinds of numbers make it clear that mobile apps are big business and that we need to quickly understand how to secure these applications.<br />
<br />
I will show how mobile manufacturers and network operators are now a big part of your threat models and how their approach to security could undermine your application security efforts.<br />
<br />
The final part of the talk will focus on Android and iOS applications. I will give an overview of each platform as well guidance on how you should approach security code reviews for Android and iOS applications.<br />
<br />
'''Speaker''' ''David Rook Application Security Lead - Realex Payments Ltd''<br />
<br />
<br />
<br />
'''Speaker Bio's'''<br />
<br />
'''David Rook''' is the Application Security Lead at Realex Payments in Dublin. He is a contributor to several OWASP projects including the code review guide and the Cryptographic Storage Cheat Sheet. He has presented at leading information security conferences including DEF CON, BlackHat USA and RSA Europe. In addition to his work with OWASP David created a security resource website and blog called Security Ninja (http://www.securityninja.co.uk).<br />
<br />
In 2010 the Security Ninja blog was nominated for five awards including the best technology blog at the Irish Blog Awards, the Computer Weekly IT Security blog award and was a finalist for the Irish Web Awards Best Technology Site. In 2011 David received a Developer Security MVP award from Microsoft. David has recently become one of the first mentors in the Information Security Mentors project helping young people progress their information security careers.<br />
<br />
<br />
'''Paco Hope''' is a Principal Consultant with Cigital, Inc. and has 12 years of experience in mobile security, embedded security, web software security and operating system security. He has led numerous engagements assessing source code and implementations of mobile phones, lottery systems, casino gaming devices, smart cards and web applications. He is the co-author of The Web Security Testing Cookbook and Mastering FreeBSD and OpenBSD Security. Mr. Hope also serves on the Application Security Advisory Board of (ISC)2, acting as a subject matter expert for the Certified Information Systems Security Professional (CISSP) and the Certified Secure Software Lifecycle Professional (CSSLP).<br />
<br />
<br />
<br />
[[Category:OWASP Chapter]]<br />
[[Category:United Kingdom]]</div>Owaspleedshttps://wiki.owasp.org/index.php?title=Bristol&diff=130202Bristol2012-05-21T15:18:30Z<p>Owaspleeds: /* Chapter Meetings */</p>
<hr />
<div>{{Chapter Template|chaptername=Bristol, UK|extra=Details of the chapter leaders are here [[Bristol_Chapter_Leaders]].|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-bristol|emailarchives=http://lists.owasp.org/pipermail/owasp-bristol}}<br />
<br />
== Chapter Meetings ==<br />
<br />
The first ever Bristol chapter meeting will be held on the 18th July. Kindly hosted by KPMG.<br />
<br />
Please get in touch if you wish to speak or sponsor!<br />
<br />
[[Category:OWASP Chapter]]<br />
[[Category:United Kingdom]]</div>Owaspleedshttps://wiki.owasp.org/index.php?title=Bristol&diff=130201Bristol2012-05-21T15:17:26Z<p>Owaspleeds: </p>
<hr />
<div>{{Chapter Template|chaptername=Bristol, UK|extra=Details of the chapter leaders are here [[Bristol_Chapter_Leaders]].|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-bristol|emailarchives=http://lists.owasp.org/pipermail/owasp-bristol}}<br />
<br />
== Chapter Meetings ==<br />
<br />
'''Meeting Location'''<br />
<br />
Everyone is welcome to join us at our chapter meetings.<br />
<br />
[[Category:OWASP Chapter]]<br />
[[Category:United Kingdom]]</div>Owaspleedshttps://wiki.owasp.org/index.php?title=Bristol_Chapter_Leaders&diff=130200Bristol Chapter Leaders2012-05-21T15:15:11Z<p>Owaspleeds: Created page with "Your Bristol Chapter leaders are: '''Jason Alexander''' Security Architect - KPMG Jason has over 12 years of information security experience. He has an avid interest in web ..."</p>
<hr />
<div>Your Bristol Chapter leaders are:<br />
<br />
'''Jason Alexander''' Security Architect - KPMG<br />
<br />
Jason has over 12 years of information security experience. He has an avid interest in web application security and especially web services security.<br />
<br />
[mailto:jason.alexander@owasp.org jason.alexander@owasp.org] Twitter @0wasp<br />
<br />
'''Andrew Allman''' Information Security Consultant -KPMG<br />
<br />
Andrew is an experienced Information Assurance consultant specialising in risk management, policy & procedures and operations. Andrew has 15 years’ experience of information assurance in ICT systems with in both the public and private sectors. <br />
<br />
'''Daniel O'Brien''' Information Security Consultant<br />
<br />
Dan has over 10 years experience of working in IT specifically within the financial services sector. Dan has had multiple roles within that time including systems analyst and security analyst. The OWASP Bristol chapter represents Dan's first official OWASP activity and is looking forward to learning about others' security experiences and sharing his own.</div>Owaspleedshttps://wiki.owasp.org/index.php?title=Bristol&diff=130197Bristol2012-05-21T15:01:55Z<p>Owaspleeds: </p>
<hr />
<div>{{Chapter Template|chaptername=Bristol, UK|extra=Details of the chapter leaders are here [[Bristol_Chapter_Leaders]].|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-bristol|emailarchives=http://lists.owasp.org/pipermail/owasp-bristol}}<br />
<br />
== Local News ==<br />
<br />
'''Meeting Location'''<br />
<br />
Everyone is welcome to join us at our chapter meetings.<br />
<br />
[[Category:OWASP Chapter]]<br />
[[Category:United Kingdom]]</div>Owaspleedshttps://wiki.owasp.org/index.php?title=Leeds_UK_chapter_leaders&diff=130150Leeds UK chapter leaders2012-05-21T11:11:02Z<p>Owaspleeds: /* Chapter Board/Leaders */</p>
<hr />
<div>== Chapter Board/Leaders ==<br />
<br />
'''Jason Alexander''' Application Security Specialist - KPMG<br />
<br />
Jason has over 10 years of information security experience. He has an avid interest in web application security and especially web services security.<br />
<br />
[mailto:jason.alexander@owasp.org jason.alexander@owasp.org] Twitter @0wasp<br />
<br />
'''Martin Law''' Director - First Defence Information Security Limited<br />
<br />
Martin is also the Vice chair of CREST Standards Committee and a very experienced security consultant.<br />
<br />
'''Mike Woodhead''' Senior Security Consultant - Activity Information Management LTD<br />
<br />
Mike has over 10 years experience in the security industry, both as an e-commerce developer and penetration tester. While he has a well rounded skill set, he prefers the challenge associated with web application testing. <br />
He currently holds the Crest Certified Web Application Tester certification.<br />
<br />
'''Neal Lewis''' Neal Lewis & Associates Ltd.<br />
<br />
Neal has twelve years of experience in the information security industry, now director of Neal Lewis & Associates Ltd. Providing infosec consultancy, secure network infrastructure and communications solutions.<br />
<br />
We can all be contacted through [mailto:owaspleeds@gmail.com owaspleeds@gmail.com]<br />
<br />
Please remember, there is no limit on the amount of chapter leaders. If you feel you can contribute to the success of the chapter then please volunteer.</div>Owaspleedshttps://wiki.owasp.org/index.php?title=Leeds_UK_chapter_leaders&diff=130149Leeds UK chapter leaders2012-05-21T11:04:20Z<p>Owaspleeds: /* Chapter Board/Leaders */</p>
<hr />
<div>== Chapter Board/Leaders ==<br />
<br />
'''Jason Alexander''' Application Security Specialist - KPMG<br />
<br />
Jason has over 10 years of information security experience. He has an avid interest in web application security and especially web services security.<br />
<br />
[mailto:jason.alexander@owasp.org jason.alexander@owasp.org]<br />
<br />
'''Martin Law''' Director - First Defence Information Security Limited<br />
<br />
Martin is also the Vice chair of CREST Standards Committee and a very experienced security consultant.<br />
<br />
'''Mike Woodhead''' Senior Security Consultant - Activity Information Management LTD<br />
<br />
Mike has over 10 years experience in the security industry, both as an e-commerce developer and penetration tester. While he has a well rounded skill set, he prefers the challenge associated with web application testing. <br />
He currently holds the Crest Certified Web Application Tester certification.<br />
<br />
'''Neal Lewis''' Neal Lewis & Associates Ltd.<br />
<br />
Neal has twelve years of experience in the information security industry, now director of Neal Lewis & Associates Ltd. Providing infosec consultancy, secure network infrastructure and communications solutions.<br />
<br />
We can all be contacted through [mailto:owaspleeds@gmail.com owaspleeds@gmail.com]<br />
<br />
Please remember, there is no limit on the amount of chapter leaders. If you feel you can contribute to the success of the chapter then please volunteer.</div>Owaspleedshttps://wiki.owasp.org/index.php?title=Leeds_UK_chapter_leaders&diff=130148Leeds UK chapter leaders2012-05-21T09:43:15Z<p>Owaspleeds: /* Chapter Board/Leaders */</p>
<hr />
<div>== Chapter Board/Leaders ==<br />
<br />
'''Jason Alexander''' Application Security Specialist - KPMG<br />
<br />
Jason has over 10 years of information security experience. He has an avid interest in web application security and especially web services security.<br />
<br />
[mailto:jason.alexander@owasp.org jason.alexander@owasp.org]<br />
<br />
'''Nadim Nawaz''' SmoothWall Ltd<br />
<br />
Nadim is a Business Development Manager at SmoothWall Ltd. Nadim has over 8 years experience in the Internet Security Industry.<br />
<br />
'''Martin Law''' Director - First Defence Information Security Limited<br />
<br />
Martin is also the Vice chair of CREST Standards Committee and a very experienced security consultant.<br />
<br />
'''Mike Woodhead''' Senior Security Consultant - Activity Information Management LTD<br />
<br />
Mike has over 10 years experience in the security industry, both as an e-commerce developer and penetration tester. While he has a well rounded skill set, he prefers the challenge associated with web application testing. <br />
He currently holds the Crest Certified Web Application Tester certification.<br />
<br />
'''Neal Lewis''' Neal Lewis & Associates Ltd.<br />
<br />
Neal has twelve years of experience in the information security industry, now director of Neal Lewis & Associates Ltd. Providing infosec consultancy, secure network infrastructure and communications solutions.<br />
<br />
We can all be contacted through [mailto:owaspleeds@gmail.com owaspleeds@gmail.com]<br />
<br />
Please remember, there is no limit on the amount of chapter leaders. If you feel you can contribute to the success of the chapter then please volunteer.</div>Owaspleedshttps://wiki.owasp.org/index.php?title=Leeds_UK_chapter_leaders&diff=129754Leeds UK chapter leaders2012-05-14T08:54:11Z<p>Owaspleeds: /* Chapter Board/Leaders */</p>
<hr />
<div>== Chapter Board/Leaders ==<br />
<br />
'''Jason Alexander''' Application Security Specialist - KPMG<br />
<br />
Jason has over 10 years of information security experience. He has an avid interest in web application security and especially web services security.<br />
<br />
[mailto:jason.alexander@owasp.org jason.alexander@owasp.org]<br />
<br />
'''Nadim Nawaz''' SmoothWall Ltd<br />
<br />
Nadim is a Business Development Manager at SmoothWall Ltd. Nadim has over 8 years experience in the Internet Security Industry.<br />
<br />
'''Martin Law''' Director - First Defence Information Security Limited<br />
<br />
Martin is also the Vice chair of CREST Standards Committee and a very experienced security consultant.<br />
<br />
'''Mike Woodhead''' Senior Security Consultant - Activity Information Management LTD<br />
<br />
Mike has over 10 years experience in the security industry, both as an e-commerce developer and penetration tester. While he has a well rounded skill set, he prefers the challenge associated with web application testing. <br />
He currently holds the Crest Certified Web Application Tester certification.<br />
<br />
We can all be contacted through [mailto:owaspleeds@gmail.com owaspleeds@gmail.com]<br />
<br />
Please remember, there is no limit on the amount of chapter leaders. If you feel you can contribute to the success of the chapter then please volunteer.</div>Owaspleedshttps://wiki.owasp.org/index.php?title=Leeds_UK&diff=129753Leeds UK2012-05-14T08:53:25Z<p>Owaspleeds: /* Past Events */</p>
<hr />
<div>{{Chapter Template|chaptername=Leeds UK|extra=<br />
<br />
This is a new chapter and we are looking for enthusiatic new members to make this one of the best OWASP chapters. We are hoping to accumalate a good proportion of subject matter experts who will in turn be able to provide guidance and presentations for the benefit of all chapter members. So please join the mailing list and contribute. <br />
<br />
Details of your chapter Board members can be found here [[Leeds_UK_chapter_leaders]] <br />
<br />
The chapter email address is [mailto:owaspleeds@gmail.com owaspleeds@gmail.com]<br />
<br />
<br />
<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Leeds_UK|emailarchives=http://lists.owasp.org/pipermail/owasp-Leeds_UK}}<br />
<br />
<paypal>Leeds_UK</paypal><br />
<br />
<br />
== Planned Meetings ==<br />
June 13th 2012 Venue:TBC<br />
<br />
September 2012<br />
<br />
December 2012<br />
<br />
== Next Meeting ==<br />
'''Date:''' Wednesday 13th June Leeds::: <br />
<br />
'''PLEASE NOTE. MORE DETAILS ON TALKS WILL FOLLOW'''<br />
<br />
'''Location:''' TBC<br />
<br />
'''Schedule: 18:15 for 18:30 start'''<br />
<br />
'''18:30-18:45'''<br />
<br />
OWASP Chapter introduction. OWASP values and membership. Chapter information.<br />
<br />
OWASP Leeds board member<br />
<br />
'''18:45-19:45'''<br />
<br />
<br />
'''19:45-20:45'''<br />
<br />
<br />
'''20:45-close'''<br />
<br />
== Past Events ==<br />
<br />
'''2012 Dates'''<br />
<br />
[[Leeds_UK/Feb_2012]]<br />
<br />
'''2011 Dates'''<br />
<br />
[[Leeds_UK/October_2011_Leeds]]<br />
<br />
[[June_2011]]<br />
<br />
'''2010 Dates'''<br />
<br />
[[8th_December_Leeds]]<br />
<br />
[[15th_September_Leeds]]<br />
<br />
[[16th_june_Leeds]]<br />
<br />
[[17th March - Leeds]]<br />
<br />
'''2009 Dates'''<br />
<br />
[[14th October 2009 - Leeds]]<br />
<br />
<br />
[[Category:United Kingdom]]<br />
[[Category:Europe]]</div>Owaspleedshttps://wiki.owasp.org/index.php?title=Leeds_UK&diff=129752Leeds UK2012-05-14T08:53:06Z<p>Owaspleeds: /* Past Events */</p>
<hr />
<div>{{Chapter Template|chaptername=Leeds UK|extra=<br />
<br />
This is a new chapter and we are looking for enthusiatic new members to make this one of the best OWASP chapters. We are hoping to accumalate a good proportion of subject matter experts who will in turn be able to provide guidance and presentations for the benefit of all chapter members. So please join the mailing list and contribute. <br />
<br />
Details of your chapter Board members can be found here [[Leeds_UK_chapter_leaders]] <br />
<br />
The chapter email address is [mailto:owaspleeds@gmail.com owaspleeds@gmail.com]<br />
<br />
<br />
<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Leeds_UK|emailarchives=http://lists.owasp.org/pipermail/owasp-Leeds_UK}}<br />
<br />
<paypal>Leeds_UK</paypal><br />
<br />
<br />
== Planned Meetings ==<br />
June 13th 2012 Venue:TBC<br />
<br />
September 2012<br />
<br />
December 2012<br />
<br />
== Next Meeting ==<br />
'''Date:''' Wednesday 13th June Leeds::: <br />
<br />
'''PLEASE NOTE. MORE DETAILS ON TALKS WILL FOLLOW'''<br />
<br />
'''Location:''' TBC<br />
<br />
'''Schedule: 18:15 for 18:30 start'''<br />
<br />
'''18:30-18:45'''<br />
<br />
OWASP Chapter introduction. OWASP values and membership. Chapter information.<br />
<br />
OWASP Leeds board member<br />
<br />
'''18:45-19:45'''<br />
<br />
<br />
'''19:45-20:45'''<br />
<br />
<br />
'''20:45-close'''<br />
<br />
== Past Events ==<br />
<br />
'''2012 Dates'''<br />
[[Leeds_UK/Feb_2012]]<br />
<br />
'''2011 Dates'''<br />
<br />
[[Leeds_UK/October_2011_Leeds]]<br />
<br />
[[June_2011]]<br />
<br />
'''2010 Dates'''<br />
<br />
[[8th_December_Leeds]]<br />
<br />
[[15th_September_Leeds]]<br />
<br />
[[16th_june_Leeds]]<br />
<br />
[[17th March - Leeds]]<br />
<br />
'''2009 Dates'''<br />
<br />
[[14th October 2009 - Leeds]]<br />
<br />
<br />
[[Category:United Kingdom]]<br />
[[Category:Europe]]</div>Owaspleedshttps://wiki.owasp.org/index.php?title=Leeds_UK/Feb_2012&diff=129751Leeds UK/Feb 20122012-05-14T08:51:57Z<p>Owaspleeds: Created page with "This event is being kindly sponsored by RandomStorm [1] Schedule: 18:15 for 18:30 start 18:30-18:45 OWASP Chapter introduction. OWASP values and membership. Chapter informatio..."</p>
<hr />
<div>This event is being kindly sponsored by RandomStorm [1]<br />
Schedule: 18:15 for 18:30 start<br />
18:30-18:45<br />
OWASP Chapter introduction. OWASP values and membership. Chapter information.<br />
OWASP Leeds board member<br />
18:45-19:45<br />
Identity and Accountability in the Database - Pete Finnigan,<br />
Pete Finnigan specialises in the Security of Oracle databases. Pete has been interested in Oracle Security for many years and more recently in generally database security. Pete has also written the book "Oracle Security Step-by-step" and has produced many papers on the subject of oracle security. Pete has also produced a number of security tools that can aid in securing a database. More information can be found at Pete's web site http://www.petefinnigan.com<br />
<br />
19:45-20:45<br />
The perils of auto-configuring IP webcams - Robin Wood aka DigiNinja<br />
I recently purchased an IP based webcam to monitor my daughter at night. Obviously with such precious data coming from it I couldnt just plug it in and let it go so I audited it first, these are my very worrying findings.<br />
Robins commercial background is as a software developer but he's always had an interest in security and from around 2005 Robin has been moving away from general software development and more into security related areas. Robin now works for RandomStorm, a penetration testing company based near Leeds, as Senior Security Engineer running the penetration testing team and developing new projects and tools.<br />
20:45-close<br />
General networking and drinks from our sponsors !!!</div>Owaspleedshttps://wiki.owasp.org/index.php?title=Leeds_UK&diff=129750Leeds UK2012-05-14T08:51:03Z<p>Owaspleeds: /* Next Meeting */</p>
<hr />
<div>{{Chapter Template|chaptername=Leeds UK|extra=<br />
<br />
This is a new chapter and we are looking for enthusiatic new members to make this one of the best OWASP chapters. We are hoping to accumalate a good proportion of subject matter experts who will in turn be able to provide guidance and presentations for the benefit of all chapter members. So please join the mailing list and contribute. <br />
<br />
Details of your chapter Board members can be found here [[Leeds_UK_chapter_leaders]] <br />
<br />
The chapter email address is [mailto:owaspleeds@gmail.com owaspleeds@gmail.com]<br />
<br />
<br />
<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Leeds_UK|emailarchives=http://lists.owasp.org/pipermail/owasp-Leeds_UK}}<br />
<br />
<paypal>Leeds_UK</paypal><br />
<br />
<br />
== Planned Meetings ==<br />
June 13th 2012 Venue:TBC<br />
<br />
September 2012<br />
<br />
December 2012<br />
<br />
== Next Meeting ==<br />
'''Date:''' Wednesday 13th June Leeds::: <br />
<br />
'''PLEASE NOTE. MORE DETAILS ON TALKS WILL FOLLOW'''<br />
<br />
'''Location:''' TBC<br />
<br />
'''Schedule: 18:15 for 18:30 start'''<br />
<br />
'''18:30-18:45'''<br />
<br />
OWASP Chapter introduction. OWASP values and membership. Chapter information.<br />
<br />
OWASP Leeds board member<br />
<br />
'''18:45-19:45'''<br />
<br />
<br />
'''19:45-20:45'''<br />
<br />
<br />
'''20:45-close'''<br />
<br />
== Past Events ==<br />
<br />
'''2011 Dates'''<br />
<br />
[[Leeds_UK/October_2011_Leeds]]<br />
<br />
[[June_2011]]<br />
<br />
'''2010 Dates'''<br />
<br />
[[8th_December_Leeds]]<br />
<br />
[[15th_September_Leeds]]<br />
<br />
[[16th_june_Leeds]]<br />
<br />
[[17th March - Leeds]]<br />
<br />
'''2009 Dates'''<br />
<br />
[[14th October 2009 - Leeds]]<br />
<br />
<br />
[[Category:United Kingdom]]<br />
[[Category:Europe]]</div>Owaspleedshttps://wiki.owasp.org/index.php?title=Leeds_UK&diff=129749Leeds UK2012-05-14T08:48:40Z<p>Owaspleeds: /* Planned Meetings */</p>
<hr />
<div>{{Chapter Template|chaptername=Leeds UK|extra=<br />
<br />
This is a new chapter and we are looking for enthusiatic new members to make this one of the best OWASP chapters. We are hoping to accumalate a good proportion of subject matter experts who will in turn be able to provide guidance and presentations for the benefit of all chapter members. So please join the mailing list and contribute. <br />
<br />
Details of your chapter Board members can be found here [[Leeds_UK_chapter_leaders]] <br />
<br />
The chapter email address is [mailto:owaspleeds@gmail.com owaspleeds@gmail.com]<br />
<br />
<br />
<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Leeds_UK|emailarchives=http://lists.owasp.org/pipermail/owasp-Leeds_UK}}<br />
<br />
<paypal>Leeds_UK</paypal><br />
<br />
<br />
== Planned Meetings ==<br />
June 13th 2012 Venue:TBC<br />
<br />
September 2012<br />
<br />
December 2012<br />
<br />
== Next Meeting ==<br />
'''Date:''' Wednesday 22nd February Leeds::: Please RSVP via '''[http://www.eventbrite.com/event/2905413169 eventbrite]'''<br />
<br />
'''PLEASE NOTE. MORE DETAILS ON TALKS WILL FOLLOW'''<br />
<br />
'''Location:''' NTI Leeds, Leeds Metropolitan University, Old Broadcasting House, 148 Woodhouse Lane, Leeds LS2 9EN - Many thanks to Leeds Met for hosting our event!!<br />
<br />
This event is being kindly sponsored by RandomStorm [http://www.randomstorm.com/]<br />
<br />
'''Schedule: 18:15 for 18:30 start'''<br />
<br />
'''18:30-18:45'''<br />
<br />
OWASP Chapter introduction. OWASP values and membership. Chapter information.<br />
<br />
OWASP Leeds board member<br />
<br />
'''18:45-19:45'''<br />
<br />
'''Identity and Accountability in the Database''' - Pete Finnigan, <br />
<br />
Pete Finnigan specialises in the Security of Oracle databases. Pete has been interested in Oracle Security for many years and more recently in generally database security. Pete has also written the book "Oracle Security Step-by-step" and has produced many papers on the subject of oracle security. Pete has also produced a number of security tools that can aid in securing a database. More information can be found at Pete's web site http://www.petefinnigan.com<br />
<br />
<br />
'''19:45-20:45'''<br />
<br />
'''The perils of auto-configuring IP webcams''' - Robin Wood aka DigiNinja<br />
<br />
I recently purchased an IP based webcam to monitor my daughter at night. Obviously with such precious data coming from it I couldnt just plug it in and let it go so I audited it first, these are my very worrying findings.<br />
<br />
Robins commercial background is as a software developer but he's always had an interest in security and from around 2005 Robin has been moving away from general software development and more into security related areas. Robin now works for RandomStorm, a penetration testing company based near Leeds, as Senior Security Engineer running the penetration testing team and developing new projects and tools.<br />
<br />
'''20:45-close'''<br />
<br />
General networking and drinks from our sponsors !!!<br />
<br />
== Past Events ==<br />
<br />
'''2011 Dates'''<br />
<br />
[[Leeds_UK/October_2011_Leeds]]<br />
<br />
[[June_2011]]<br />
<br />
'''2010 Dates'''<br />
<br />
[[8th_December_Leeds]]<br />
<br />
[[15th_September_Leeds]]<br />
<br />
[[16th_june_Leeds]]<br />
<br />
[[17th March - Leeds]]<br />
<br />
'''2009 Dates'''<br />
<br />
[[14th October 2009 - Leeds]]<br />
<br />
<br />
[[Category:United Kingdom]]<br />
[[Category:Europe]]</div>Owaspleedshttps://wiki.owasp.org/index.php?title=Birmingham&diff=126627Birmingham2012-03-20T19:17:21Z<p>Owaspleeds: /* Next Meeting */</p>
<hr />
<div>{{Chapter Template|chaptername=Birmingham, UK|extra=Details of your our Chapter Leaders are here [[Birmingham_Chapter_Leaders]] |mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-birmingham|emailarchives=http://lists.owasp.org/pipermail/owasp-birmingham}}<br />
<br />
<br />
OWASP is a charitable organisation. Our chapter meetings are free to attend but there are always costs associated with running them. Any amount of donation is appreciated and will be used entirely to enhance the chapter meetings: <paypal>Birmingham UK</paypal><br />
<br />
== Sponsors ==<br />
<br />
Many thanks to our first silver sponsor, [https://www.hedgehogsecurity.co.uk/ Hedgehog Security]<br />
<br />
[[File:Hedgehogsec.jpg|200px|thumb|left]]<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
== Chapter News ==<br />
<br />
'''Planned Chapter Meetings'''<br />
<br />
March 23rd 2012 Venue: Service Birmingham<br />
<br />
June2012 Venue:TBC<br />
<br />
September 2012 Venue:TBC<br />
<br />
December 2012 Venue:TBC<br />
<br />
== Next Meeting ==<br />
'''Date:''' Friday 23rd March ::: Please RSVP via '''[http://owaspbirmingham.eventbrite.co.uk eventbrite]''' You must register prior to the event.<br />
<br />
'''Location:''' Service Birmingham Offices<br />
<br />
B1 Building <br />
<br />
50 Summerhill Road<br />
<br />
B1 3RB Birmingham<br />
<br />
'''Talks'''<br />
<br />
'''Tom MacKenzie''' will be reprising the talk he gave at Black Hat Abu Dhabi.<br />
<br />
Meticulous attackers can subvert audit controls to the point where a compromise is almost undetectable. We look at the tools and techniques which can be used by attackers to minimise evidence left behind and propose a novel strategy for managing this issue.<br />
<br />
Fully identifying the method and impact of a data compromise is heavily reliant on the forensic information available to investigators. Commonly this is dependent on having logs for the compromised period. However, in the cases where an attacker has taken steps to reduce their footprint on the system, investigations can be more challenging.<br />
<br />
We explore the various evidential sources which are commonly used to identify the extent and method of a web application compromise. We then discuss an attack which, due to its nature, is more complicated to identify and understand. The presentation will draw together the techniques used in investigating a data compromise and create an attack which is designed to completely compromise the web server while leaving the least amount of evidence on the system.<br />
<br />
Incident readiness specialists can often recommend that verbose logging is put in place. Logging such as full http request and response logging fits the bill for the investigator but by their nature these logs have serious drawbacks for the day to day management of the server; large storage requirements, incidental storage of sensitive data and performance issues are common problems.<br />
<br />
We suggest a new approach, restricting access or logging anomalies at the framework level. By blending the information gained at the framework level with automated application profiling techniques we can create heavily targeted logs bespoke to the specific application. This can be implemented for all applications regardless of whether source code is available. This method gives us the best chance of keeping logging to an absolute minimum whilst ensuring that techniques used to minimise forensic evidence left by an attack are unsuccessful.<br />
<br />
'''Ian Williams''' will be giving his first ever public talk (be gentle!) on how to get into web application security from a learners perspective. Ian will be looking at the Damn Vulnerable Web Application and how it can be used to learn web application security.<br />
There are plenty of books out there on web app security, SQLi and XSS. Reading about them is one thing, but if you are really going to understand how they work you've got to get your hands dirty. We will be looking at one environment in which you can practice what you've read about without fear of getting sue'd, but still getting some exposure to some of the techniques that are used to try any mitigate the attacks you are doing.<br />
<br />
'''Uzi Yair''', the cofounder and CEO of GTB Technologies, will be giving a talk on DLP. The talk will cover the mitigation of data loss prevention together with the web application security – threats, problems, needs and trends<br />
Why is Data Loss Prevention important for web application security experts ? According to a Gartner CISO survey, Data Loss Prevention (DLP) is the biggest priority for 2012. Data Loss Prevention (DLP) is typically defined as any solution or process that identifies confidential data, tracks that data as it moves through and out of enterprise and prevents unauthorized disclosure of data by creating and enforcing disclosure policies. Since confidential data can reside on a variety of computing devices (physical servers, virtual servers, databases, file servers, PCs, point-of-sale devices, flash drives and mobile devices) and move through a variety of network access points (wireline, wireless, VPNs, etc.) there are a variety of solutions that are tackling the problem of data loss, data recovery and data leaks. As the number of Internet-connected devices skyrockets into the billions, Data Loss Prevention is an increasingly important part of any organization’s ability to manage and protect critical and confidential information.<br />
<br />
<br />
'''Speaker Bio's'''<br />
<br />
Thomas Mackenzie is an Application Security Consultant for SpiderLabs in Europe, the Middle East and Africa. SpiderLabs is the global advanced security services team within Trustwave responsible for:<br />
<br />
* Security Analysis and Testing<br />
* Incident Response and Investigation<br />
* Research & Development<br />
<br />
Thomas has been asked to present technical talks at a number of international events including, DeepSec, Bsides Chicago and BlackHat Abu Dhabi. Thomas also speaks at a number of domestic venues including; OWASP events across the UK, PHP London, Marketing Event around WordPress, DC4420 and guest lecturing on application security and vulnerability management at a number of UK universities.<br />
Thomas is the founder of upSploit Advisory Management, an automated disclosure system that helps security researchers and vendors communicate vulnerability information quickly, easily and in an ethical manner. <br />
<br />
Previously to Trustwave Thomas worked for security boutique in the North of England, where he worked as a security engineer in the web application security testing team. Before completing his move to SpiderLabs, he contracted for a number of companies providing consulting services in the area of web application security.<br />
<br />
Thomas has founded a number of vulnerabilities in well known software i.e. Wordpress and a highly downloaded iPhone App.<br />
<br />
Ian Williams is an Information Security Analyst for RWE IT UK, the IT provider for RWEnpower and one of the largest utilities in the UK. Ian is rather new to the security field having moved into it from a career in Wintel server support and software packaging and distribution.<br />
Always being one to have a tinker with things security had become a natural fit with Ian obtaining GIAC certifications GCIH, GAWN and GPEN in the 5 years since he started in the industry.<br />
Ian is a passionate supporter of the UK information security community and is working to pay back all of the support he has gained in the last 5 years by organising local security meetings such as OWASP and 2600 and speaking as a new commer to the industry, in the hope it will encourage more of the IT tinkerers to come over to the dark side!<br />
<br />
Uzi Yair is the cofounder and CEO of GTB Technologies, is a leader and expert in the data leak prevention marketplace. Uzi leads the development of GTB's game changing technology; a technology which has solved the known DLP market limitation of false positive rates.<br />
<br />
== Past Events ==<br />
We have to supply KPMG a list of attendees 24 hours before the meeting. If all tickets are gone please request to go on the standby list<br />
<br />
'''Location:''' KPMG Offices Birmingham <br />
<br />
One Snowhill <br />
<br />
Snow Hill Queensway <br />
<br />
Birmingham <br />
<br />
West Midlands<br />
<br />
B4 6GH <br />
<br />
Massive thanks to [http://www.kpmg.com/UK/en/WhatWeDo/Advisory/risk-consulting/services/tech-risk/Pages/InformationProtectionBusinessResilience.aspx KPMG] who again are supporting OWASP and giving something back to the community. <br />
<br />
<br />
<br />
'''Schedule: 18:00 for 18:20 start'''<br />
<br />
<br />
<br />
'''18:20-18:30'''<br />
<br />
OWASP Chapter introduction. OWASP values and membership. Chapter information.<br />
<br />
OWASP Birmingham Chapter Leader<br />
<br />
<br />
<br />
'''18:30 - 19:10''' <br />
<br />
'''Talk 1''' ''Agnitio: the security code review Swiss army knife'' <br />
<br />
Teaching developers to write secure code, helping security professionals find security flaws in source code, producing application security metrics and reports with integrity checks and audit trails. If you want to implement an SDLC that produces secure software with the audit trails and reports frequently demanded by auditors and management you need to acknowledge that these are key constituents and implement them in a form that is both easy to understand and use.<br />
<br />
This is far easier to talk about than it is to implement in the real world where well structured SDLC’s are rare and application security programmes are usually under funded. Working with developers, security professionals and management to cultivate an environment where secure code is written and flaws found consistently requires both time and money. The same can be said for producing informative reports and metrics when all of your security code review data resides in notepad, Word and Excel files. With these problems in mind I developed Agnitio to be my security code review Swiss army knife and released it as a free tool in late 2010.<br />
<br />
In this demonstration filled talk I will show how Agnitio can be used to addresses repeatability, integrity and audit trail concerns by requiring the creation of application profiles, the use of a security code review checklist consisting of over 80 application security questions and mandatory integrity checks for reviews and reports created using the tool. I will demonstrate how the inbuilt secure coding and security code review guidance modules allow developers and security professionals to access the information they need precisely when they need it. I will also show how Agnitio automatically creates metrics and reports bringing much needed visibility to the security code review process with no extra effort required from the reviewer, developers or management.<br />
<br />
Agnitio v2.1 will be demonstrated during this talk which will show how Agnitio’s already powerful feature set has been expanded to guidance and questions linked to the OWASP top 10 mobile risks as well as the ability to decompile and analyse Android applications.<br />
<br />
'''Speaker''''' David Rook Application Security Lead - Realex Payments Ltd''<br />
<br />
<br />
'''19:30 - 20:10'''<br />
<br />
'''Talk 2:''' ''Mobile Security - The Tune is Different, The Dance is the Same''<br />
<br />
Paco Hope will discuss what is fundamentally new about mobile applications, and what is fundamentally not new with respect to securing them. Looking at how the platforms work, their respective app stores, and the role of carriers and their security, we will understand four golden rules to ensuring secure use and development of mobile apps. Whether we are the app developer, security professional, or just someone trying to use their mobile securely, these four rules are important to know.<br />
<br />
'''Speaker''' Paco Hope, Principal Consultant, Cigital <br />
<br />
<br />
'''20:20 -21-00'''<br />
<br />
'''Talk 3:''' ''Mobile Application Security''<br />
<br />
This talk will start by taking a look at the mobile applosion that we have all witnessed since the Apple App Store was launched on the 11th July 2008. Mobile users have downloaded over 25 billion mobile apps since that day which is roughly 14,000 apps for every minute since Apple launched the App Store. Those kinds of numbers make it clear that mobile apps are big business and that we need to quickly understand how to secure these applications.<br />
<br />
I will show how mobile manufacturers and network operators are now a big part of your threat models and how their approach to security could undermine your application security efforts.<br />
<br />
The final part of the talk will focus on Android and iOS applications. I will give an overview of each platform as well guidance on how you should approach security code reviews for Android and iOS applications.<br />
<br />
'''Speaker''' ''David Rook Application Security Lead - Realex Payments Ltd''<br />
<br />
<br />
<br />
'''Speaker Bio's'''<br />
<br />
'''David Rook''' is the Application Security Lead at Realex Payments in Dublin. He is a contributor to several OWASP projects including the code review guide and the Cryptographic Storage Cheat Sheet. He has presented at leading information security conferences including DEF CON, BlackHat USA and RSA Europe. In addition to his work with OWASP David created a security resource website and blog called Security Ninja (http://www.securityninja.co.uk).<br />
<br />
In 2010 the Security Ninja blog was nominated for five awards including the best technology blog at the Irish Blog Awards, the Computer Weekly IT Security blog award and was a finalist for the Irish Web Awards Best Technology Site. In 2011 David received a Developer Security MVP award from Microsoft. David has recently become one of the first mentors in the Information Security Mentors project helping young people progress their information security careers.<br />
<br />
<br />
'''Paco Hope''' is a Principal Consultant with Cigital, Inc. and has 12 years of experience in mobile security, embedded security, web software security and operating system security. He has led numerous engagements assessing source code and implementations of mobile phones, lottery systems, casino gaming devices, smart cards and web applications. He is the co-author of The Web Security Testing Cookbook and Mastering FreeBSD and OpenBSD Security. Mr. Hope also serves on the Application Security Advisory Board of (ISC)2, acting as a subject matter expert for the Certified Information Systems Security Professional (CISSP) and the Certified Secure Software Lifecycle Professional (CSSLP).<br />
<br />
<br />
<br />
[[Category:OWASP Chapter]]<br />
[[Category:United Kingdom]]</div>Owaspleedshttps://wiki.owasp.org/index.php?title=UK&diff=125049UK2012-02-25T13:39:13Z<p>Owaspleeds: </p>
<hr />
<div>This is the landing page for the UK chapters. In the past few years we have grown from only one chapter to seven. This incedible growth is due to the fantastic efforts of those involved and the support we get from all OWASP chpater attendees. If you feel you can contribute to a chapter then please get in touch with the appropriate chapter leaders who will be more than happy to engage with you or your organisation.<br />
<br />
'''Upcoming Chapter Meetings'''<br />
<br />
''::Birmingham::''<br />
<br />
March 23rd<br />
<br />
<br />
''::Bristol::''<br />
<br />
<br />
''::Leeds::''<br />
<br />
<br />
''::London Royal Holloway::''<br />
<br />
March 8th<br />
<br />
<br />
''::London::''<br />
<br />
March 29th<br />
<br />
<br />
''::Manchester::''<br />
<br />
May 30th<br />
<br />
<br />
''::Newcastle::''<br />
<br />
<br />
''::Scotland::''<br />
<br />
<br />
----<br />
<br />
More details can be found on the specific chapter pages. Thes can be accessed by clicking on the below:<br />
<br />
[[Birmingham]]<br />
<br />
[[Bristol]] <br />
<br />
[[Leeds_UK]] <br />
<br />
[[London]] <br />
<br />
[[Royal_Holloway]] (London) <br />
<br />
[[Manchester]] <br />
<br />
[[Newcastle]] <br />
<br />
[[Scotland]] <br />
<br />
<br />
[[Category:United Kingdom]]<br />
[[Category:Europe]]</div>Owaspleedshttps://wiki.owasp.org/index.php?title=UK&diff=125048UK2012-02-25T13:38:14Z<p>Owaspleeds: </p>
<hr />
<div>This is the landing page for the UK chapters. In the past few years we have grown from only one chapter to seven. This incedible growth is due to the fantastic efforts of those involved and the support we get from all OWASP chpater attendees. If you feel you can contribute to a chapter then please get in touch with the appropriate chapter leaders who will be more than happy to engage with you or your organisation.<br />
<br />
'''Upcoming Chapter Meetings'''<br />
<br />
''::Birmingham::''<br />
<br />
March 23rd<br />
<br />
<br />
''::Bristol::''<br />
<br />
<br />
''::Leeds::''<br />
<br />
<br />
''::London Royal Holloway::''<br />
<br />
March 8th<br />
<br />
<br />
''::London::''<br />
<br />
March 29th<br />
<br />
<br />
''::Manchester::''<br />
<br />
May 30th<br />
<br />
<br />
''::Newcastle::''<br />
<br />
<br />
''::Scotland::''<br />
<br />
<br />
----<br />
<br />
More details can be found on the specific chapter pages. Thes can be accessed by clicking on the below:<br />
<br />
[[Birmingham]]<br />
<br />
[[Bristol]] <br />
<br />
[[Leeds_UK]] <br />
<br />
[[London]] <br />
<br />
[[Royal_Holloway]] <br />
<br />
[[Manchester]] <br />
<br />
[[Newcastle]] <br />
<br />
[[Scotland]] <br />
<br />
<br />
[[Category:United Kingdom]]<br />
[[Category:Europe]]</div>Owaspleedshttps://wiki.owasp.org/index.php?title=UK&diff=125047UK2012-02-25T13:36:44Z<p>Owaspleeds: Created page with "This is the landing page for the UK chapters. In the past few years we have grown from only one chapter to seven. This incedible growth is due to the fantastic efforts of thos..."</p>
<hr />
<div>This is the landing page for the UK chapters. In the past few years we have grown from only one chapter to seven. This incedible growth is due to the fantastic efforts of those involved and the support we get from all OWASP chpater attendees. If you feel you can contribute to a chapter then please get in touch with the appropriate chapter leaders who will be more than happy to engage with you or your organisation.<br />
<br />
'''Upcoming Chapter Meetings'''<br />
<br />
''::Birmingham::''<br />
<br />
March 23rd<br />
<br />
<br />
''::Bristol::''<br />
<br />
<br />
''::Leeds::''<br />
<br />
<br />
''::London::''<br />
<br />
March 8th<br />
<br />
March 29th<br />
<br />
<br />
''::Manchester::''<br />
<br />
May 30th<br />
<br />
<br />
''::Newcastle::''<br />
<br />
<br />
''::Scotland::''<br />
<br />
<br />
----<br />
<br />
More details can be found on the specific chapter pages. Thes can be accessed by clicking on the below:<br />
<br />
[[Birmingham]]<br />
<br />
[[Bristol]] <br />
<br />
[[Leeds_UK]] <br />
<br />
[[London]] <br />
<br />
[[Manchester]] <br />
<br />
[[Newcastle]] <br />
<br />
[[Scotland]] <br />
<br />
<br />
[[Category:United Kingdom]]<br />
[[Category:Europe]]</div>Owaspleedshttps://wiki.owasp.org/index.php?title=Leeds_UK&diff=124189Leeds UK2012-02-14T14:18:55Z<p>Owaspleeds: /* Next Meeting */</p>
<hr />
<div>{{Chapter Template|chaptername=Leeds UK|extra=<br />
<br />
This is a new chapter and we are looking for enthusiatic new members to make this one of the best OWASP chapters. We are hoping to accumalate a good proportion of subject matter experts who will in turn be able to provide guidance and presentations for the benefit of all chapter members. So please join the mailing list and contribute. <br />
<br />
Details of your chapter Board members can be found here [[Leeds_UK_chapter_leaders]] <br />
<br />
The chapter email address is [mailto:owaspleeds@gmail.com owaspleeds@gmail.com]<br />
<br />
<br />
<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Leeds_UK|emailarchives=http://lists.owasp.org/pipermail/owasp-Leeds_UK}}<br />
<br />
<paypal>Leeds_UK</paypal><br />
<br />
<br />
== Planned Meetings ==<br />
May 2012 Venue:TBC<br />
<br />
== Next Meeting ==<br />
'''Date:''' Wednesday 22nd February Leeds::: Please RSVP via '''[http://www.eventbrite.com/event/2905413169 eventbrite]'''<br />
<br />
'''PLEASE NOTE. MORE DETAILS ON TALKS WILL FOLLOW'''<br />
<br />
'''Location:''' NTI Leeds, Leeds Metropolitan University, Old Broadcasting House, 148 Woodhouse Lane, Leeds LS2 9EN - Many thanks to Leeds Met for hosting our event!!<br />
<br />
This event is being kindly sponsored by RandomStorm [http://www.randomstorm.com/]<br />
<br />
'''Schedule: 18:15 for 18:30 start'''<br />
<br />
'''18:30-18:45'''<br />
<br />
OWASP Chapter introduction. OWASP values and membership. Chapter information.<br />
<br />
OWASP Leeds board member<br />
<br />
'''18:45-19:45'''<br />
<br />
'''Identity and Accountability in the Database''' - Pete Finnigan, <br />
<br />
Pete Finnigan specialises in the Security of Oracle databases. Pete has been interested in Oracle Security for many years and more recently in generally database security. Pete has also written the book "Oracle Security Step-by-step" and has produced many papers on the subject of oracle security. Pete has also produced a number of security tools that can aid in securing a database. More information can be found at Pete's web site http://www.petefinnigan.com<br />
<br />
<br />
'''19:45-20:45'''<br />
<br />
'''The perils of auto-configuring IP webcams''' - Robin Wood aka DigiNinja<br />
<br />
I recently purchased an IP based webcam to monitor my daughter at night. Obviously with such precious data coming from it I couldnt just plug it in and let it go so I audited it first, these are my very worrying findings.<br />
<br />
Robins commercial background is as a software developer but he's always had an interest in security and from around 2005 Robin has been moving away from general software development and more into security related areas. Robin now works for RandomStorm, a penetration testing company based near Leeds, as Senior Security Engineer running the penetration testing team and developing new projects and tools.<br />
<br />
'''20:45-close'''<br />
<br />
General networking and drinks from our sponsors !!!<br />
<br />
== Past Events ==<br />
<br />
'''2011 Dates'''<br />
<br />
[[Leeds_UK/October_2011_Leeds]]<br />
<br />
[[June_2011]]<br />
<br />
'''2010 Dates'''<br />
<br />
[[8th_December_Leeds]]<br />
<br />
[[15th_September_Leeds]]<br />
<br />
[[16th_june_Leeds]]<br />
<br />
[[17th March - Leeds]]<br />
<br />
'''2009 Dates'''<br />
<br />
[[14th October 2009 - Leeds]]<br />
<br />
<br />
[[Category:United Kingdom]]<br />
[[Category:Europe]]</div>Owaspleedshttps://wiki.owasp.org/index.php?title=Leeds_UK&diff=123775Leeds UK2012-02-05T11:58:12Z<p>Owaspleeds: /* Next Meeting */</p>
<hr />
<div>{{Chapter Template|chaptername=Leeds UK|extra=<br />
<br />
This is a new chapter and we are looking for enthusiatic new members to make this one of the best OWASP chapters. We are hoping to accumalate a good proportion of subject matter experts who will in turn be able to provide guidance and presentations for the benefit of all chapter members. So please join the mailing list and contribute. <br />
<br />
Details of your chapter Board members can be found here [[Leeds_UK_chapter_leaders]] <br />
<br />
The chapter email address is [mailto:owaspleeds@gmail.com owaspleeds@gmail.com]<br />
<br />
<br />
<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Leeds_UK|emailarchives=http://lists.owasp.org/pipermail/owasp-Leeds_UK}}<br />
<br />
<paypal>Leeds_UK</paypal><br />
<br />
<br />
== Planned Meetings ==<br />
May 2012 Venue:TBC<br />
<br />
== Next Meeting ==<br />
'''Date:''' Wednesday 22nd February Leeds::: Please RSVP via '''[http://www.eventbrite.com/event/2905413169 eventbrite]'''<br />
<br />
'''PLEASE NOTE. MORE DETAILS ON TALKS WILL FOLLOW'''<br />
<br />
'''Location:''' NTI Leeds, Leeds Metropolitan University, Old Broadcasting House, 148 Woodhouse Lane, Leeds LS2 9EN - Many thanks to Leeds Met for hosting our event!!<br />
<br />
This event is being kindly sponsored by RandomStorm [http://www.randomstorm.com/]<br />
<br />
'''Schedule: 18:15 for 18:30 start'''<br />
<br />
'''18:30-18:45'''<br />
<br />
OWASP Chapter introduction. OWASP values and membership. Chapter information.<br />
<br />
OWASP Leeds board member<br />
<br />
'''18:45-19:45'''<br />
<br />
'''Identity and Accountability in the Database''' - Pete Finnigan, <br />
<br />
Pete Finnigan specialises in the Security of Oracle databases. Pete has been interested in Oracle Security for many years and more recently in generally database security. Pete has also written the book "Oracle Security Step-by-step" and has produced many papers on the subject of oracle security. Pete has also produced a number of security tools that can aid in securing a database. More information can be found at Pete's web site http://www.petefinnigan.com<br />
<br />
<br />
'''19:45-20:45'''<br />
<br />
'''Talk to be confirmed''' - Robin Wood aka DigiNinja<br />
<br />
Robins commercial background is as a software developer but he's always had an interest in security and from around 2005 Robin has been moving away from general software development and more into security related areas. Robin now works for RandomStorm, a penetration testing company based near Leeds, as Senior Security Engineer running the penetration testing team and developing new projects and tools.<br />
<br />
'''20:45-close'''<br />
<br />
General networking and drinks from our sponsors !!!<br />
<br />
== Past Events ==<br />
<br />
'''2011 Dates'''<br />
<br />
[[Leeds_UK/October_2011_Leeds]]<br />
<br />
[[June_2011]]<br />
<br />
'''2010 Dates'''<br />
<br />
[[8th_December_Leeds]]<br />
<br />
[[15th_September_Leeds]]<br />
<br />
[[16th_june_Leeds]]<br />
<br />
[[17th March - Leeds]]<br />
<br />
'''2009 Dates'''<br />
<br />
[[14th October 2009 - Leeds]]<br />
<br />
<br />
[[Category:United Kingdom]]<br />
[[Category:Europe]]</div>Owaspleedshttps://wiki.owasp.org/index.php?title=Leeds_UK&diff=123774Leeds UK2012-02-05T11:55:42Z<p>Owaspleeds: /* Next Meeting */</p>
<hr />
<div>{{Chapter Template|chaptername=Leeds UK|extra=<br />
<br />
This is a new chapter and we are looking for enthusiatic new members to make this one of the best OWASP chapters. We are hoping to accumalate a good proportion of subject matter experts who will in turn be able to provide guidance and presentations for the benefit of all chapter members. So please join the mailing list and contribute. <br />
<br />
Details of your chapter Board members can be found here [[Leeds_UK_chapter_leaders]] <br />
<br />
The chapter email address is [mailto:owaspleeds@gmail.com owaspleeds@gmail.com]<br />
<br />
<br />
<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Leeds_UK|emailarchives=http://lists.owasp.org/pipermail/owasp-Leeds_UK}}<br />
<br />
<paypal>Leeds_UK</paypal><br />
<br />
<br />
== Planned Meetings ==<br />
May 2012 Venue:TBC<br />
<br />
== Next Meeting ==<br />
'''Date:''' Wednesday 22nd February Leeds::: Please RSVP via '''[http://www.eventbr eventbrite]'''<br />
<br />
'''PLEASE NOTE. MORE DETAILS ON TALKS WILL FOLLOW'''<br />
<br />
'''Location:''' NTI Leeds, Leeds Metropolitan University, Old Broadcasting House, 148 Woodhouse Lane, Leeds LS2 9EN - Many thanks to Leeds Met for hosting our event!!<br />
<br />
This event is being kindly sponsored by RandomStorm [http://www.randomstorm.com/]<br />
<br />
'''Schedule: 18:15 for 18:30 start'''<br />
<br />
'''18:30-18:45'''<br />
<br />
OWASP Chapter introduction. OWASP values and membership. Chapter information.<br />
<br />
OWASP Leeds board member<br />
<br />
'''18:45-19:45'''<br />
<br />
'''Identity and Accountability in the Database''' - Pete Finnigan, <br />
<br />
Pete Finnigan specialises in the Security of Oracle databases. Pete has been interested in Oracle Security for many years and more recently in generally database security. Pete has also written the book "Oracle Security Step-by-step" and has produced many papers on the subject of oracle security. Pete has also produced a number of security tools that can aid in securing a database. More information can be found at Pete's web site http://www.petefinnigan.com<br />
<br />
<br />
'''19:45-20:45'''<br />
<br />
'''Talk to be confirmed''' - Robin Wood aka DigiNinja<br />
<br />
Robins commercial background is as a software developer but he's always had an interest in security and from around 2005 Robin has been moving away from general software development and more into security related areas. Robin now works for RandomStorm, a penetration testing company based near Leeds, as Senior Security Engineer running the penetration testing team and developing new projects and tools.<br />
<br />
'''20:45-close'''<br />
<br />
General networking and drinks from our sponsors !!!<br />
<br />
== Past Events ==<br />
<br />
'''2011 Dates'''<br />
<br />
[[Leeds_UK/October_2011_Leeds]]<br />
<br />
[[June_2011]]<br />
<br />
'''2010 Dates'''<br />
<br />
[[8th_December_Leeds]]<br />
<br />
[[15th_September_Leeds]]<br />
<br />
[[16th_june_Leeds]]<br />
<br />
[[17th March - Leeds]]<br />
<br />
'''2009 Dates'''<br />
<br />
[[14th October 2009 - Leeds]]<br />
<br />
<br />
[[Category:United Kingdom]]<br />
[[Category:Europe]]</div>Owaspleedshttps://wiki.owasp.org/index.php?title=Leeds_UK&diff=123773Leeds UK2012-02-05T11:32:10Z<p>Owaspleeds: /* Planned Meetings */</p>
<hr />
<div>{{Chapter Template|chaptername=Leeds UK|extra=<br />
<br />
This is a new chapter and we are looking for enthusiatic new members to make this one of the best OWASP chapters. We are hoping to accumalate a good proportion of subject matter experts who will in turn be able to provide guidance and presentations for the benefit of all chapter members. So please join the mailing list and contribute. <br />
<br />
Details of your chapter Board members can be found here [[Leeds_UK_chapter_leaders]] <br />
<br />
The chapter email address is [mailto:owaspleeds@gmail.com owaspleeds@gmail.com]<br />
<br />
<br />
<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Leeds_UK|emailarchives=http://lists.owasp.org/pipermail/owasp-Leeds_UK}}<br />
<br />
<paypal>Leeds_UK</paypal><br />
<br />
<br />
== Planned Meetings ==<br />
May 2012 Venue:TBC<br />
<br />
== Next Meeting ==<br />
'''Date:''' Tuesday 25th October Leeds::: Please RSVP via '''[http://www.eventbrite.com/event/2353391056 eventbrite]'''<br />
<br />
'''PLEASE NOTE. MORE DETAILS ON TALKS WILL FOLLOW'''<br />
<br />
'''Location:''' KPMG Offices Leeds<br />
<br />
'''Schedule: 18:00 for 18:20 start'''<br />
<br />
'''18:20-18:30'''<br />
<br />
OWASP Chapter introduction. OWASP values and membership. Chapter information.<br />
<br />
OWASP Leeds board member<br />
<br />
AppSensor - Detect and Respond to Attacks from Within the Application<br />
<br />
''Colin Watson, project contributor, Codes of Conduct project leader and Industry Committee member''<br />
<br />
Zed Attack Proxy ZAP - An intercepting proxy aimed at people new to appsec as well as experienced pentesters<br />
<br />
''Simon Bennetts, ZAP project lead and OWASP Manchester chapter leader''<br />
<br />
3rd talk TBC<br />
<br />
== Past Events ==<br />
<br />
'''2011 Dates'''<br />
<br />
[[Leeds_UK/October_2011_Leeds]]<br />
<br />
[[June_2011]]<br />
<br />
'''2010 Dates'''<br />
<br />
[[8th_December_Leeds]]<br />
<br />
[[15th_September_Leeds]]<br />
<br />
[[16th_june_Leeds]]<br />
<br />
[[17th March - Leeds]]<br />
<br />
'''2009 Dates'''<br />
<br />
[[14th October 2009 - Leeds]]<br />
<br />
<br />
[[Category:United Kingdom]]<br />
[[Category:Europe]]</div>Owaspleedshttps://wiki.owasp.org/index.php?title=Leeds_UK&diff=123772Leeds UK2012-02-05T11:30:54Z<p>Owaspleeds: /* Past Events */</p>
<hr />
<div>{{Chapter Template|chaptername=Leeds UK|extra=<br />
<br />
This is a new chapter and we are looking for enthusiatic new members to make this one of the best OWASP chapters. We are hoping to accumalate a good proportion of subject matter experts who will in turn be able to provide guidance and presentations for the benefit of all chapter members. So please join the mailing list and contribute. <br />
<br />
Details of your chapter Board members can be found here [[Leeds_UK_chapter_leaders]] <br />
<br />
The chapter email address is [mailto:owaspleeds@gmail.com owaspleeds@gmail.com]<br />
<br />
<br />
<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Leeds_UK|emailarchives=http://lists.owasp.org/pipermail/owasp-Leeds_UK}}<br />
<br />
<paypal>Leeds_UK</paypal><br />
<br />
<br />
== Planned Meetings ==<br />
February 2012 Venue:TBC<br />
<br />
== Next Meeting ==<br />
'''Date:''' Tuesday 25th October Leeds::: Please RSVP via '''[http://www.eventbrite.com/event/2353391056 eventbrite]'''<br />
<br />
'''PLEASE NOTE. MORE DETAILS ON TALKS WILL FOLLOW'''<br />
<br />
'''Location:''' KPMG Offices Leeds<br />
<br />
'''Schedule: 18:00 for 18:20 start'''<br />
<br />
'''18:20-18:30'''<br />
<br />
OWASP Chapter introduction. OWASP values and membership. Chapter information.<br />
<br />
OWASP Leeds board member<br />
<br />
AppSensor - Detect and Respond to Attacks from Within the Application<br />
<br />
''Colin Watson, project contributor, Codes of Conduct project leader and Industry Committee member''<br />
<br />
Zed Attack Proxy ZAP - An intercepting proxy aimed at people new to appsec as well as experienced pentesters<br />
<br />
''Simon Bennetts, ZAP project lead and OWASP Manchester chapter leader''<br />
<br />
3rd talk TBC<br />
<br />
== Past Events ==<br />
<br />
'''2011 Dates'''<br />
<br />
[[Leeds_UK/October_2011_Leeds]]<br />
<br />
[[June_2011]]<br />
<br />
'''2010 Dates'''<br />
<br />
[[8th_December_Leeds]]<br />
<br />
[[15th_September_Leeds]]<br />
<br />
[[16th_june_Leeds]]<br />
<br />
[[17th March - Leeds]]<br />
<br />
'''2009 Dates'''<br />
<br />
[[14th October 2009 - Leeds]]<br />
<br />
<br />
[[Category:United Kingdom]]<br />
[[Category:Europe]]</div>Owaspleedshttps://wiki.owasp.org/index.php?title=Leeds_UK/October_2011_Leeds&diff=123771Leeds UK/October 2011 Leeds2012-02-05T11:29:42Z<p>Owaspleeds: </p>
<hr />
<div>'''Date: Tuesday 25th October Leeds::: Please RSVP via eventbrite'''<br />
<br />
PLEASE NOTE. MORE DETAILS ON TALKS WILL FOLLOW<br />
'''Location: KPMG Offices Leeds'''<br />
<br />
Schedule: 18:00 for 18:20 start<br />
<br />
18:20-18:30<br />
OWASP Chapter introduction. OWASP values and membership. Chapter information.<br />
OWASP Leeds board member<br />
<br />
AppSensor - Detect and Respond to Attacks from Within the Application<br />
Colin Watson, project contributor, Codes of Conduct project leader and Industry Committee member<br />
<br />
Zed Attack Proxy ZAP - An intercepting proxy aimed at people new to appsec as well as experienced pentesters<br />
Simon Bennetts, ZAP project lead and OWASP Manchester chapter leader<br />
<br />
3rd talk TBC</div>Owaspleedshttps://wiki.owasp.org/index.php?title=Leeds_UK&diff=123770Leeds UK2012-02-05T11:28:12Z<p>Owaspleeds: /* Past Events */</p>
<hr />
<div>{{Chapter Template|chaptername=Leeds UK|extra=<br />
<br />
This is a new chapter and we are looking for enthusiatic new members to make this one of the best OWASP chapters. We are hoping to accumalate a good proportion of subject matter experts who will in turn be able to provide guidance and presentations for the benefit of all chapter members. So please join the mailing list and contribute. <br />
<br />
Details of your chapter Board members can be found here [[Leeds_UK_chapter_leaders]] <br />
<br />
The chapter email address is [mailto:owaspleeds@gmail.com owaspleeds@gmail.com]<br />
<br />
<br />
<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Leeds_UK|emailarchives=http://lists.owasp.org/pipermail/owasp-Leeds_UK}}<br />
<br />
<paypal>Leeds_UK</paypal><br />
<br />
<br />
== Planned Meetings ==<br />
February 2012 Venue:TBC<br />
<br />
== Next Meeting ==<br />
'''Date:''' Tuesday 25th October Leeds::: Please RSVP via '''[http://www.eventbrite.com/event/2353391056 eventbrite]'''<br />
<br />
'''PLEASE NOTE. MORE DETAILS ON TALKS WILL FOLLOW'''<br />
<br />
'''Location:''' KPMG Offices Leeds<br />
<br />
'''Schedule: 18:00 for 18:20 start'''<br />
<br />
'''18:20-18:30'''<br />
<br />
OWASP Chapter introduction. OWASP values and membership. Chapter information.<br />
<br />
OWASP Leeds board member<br />
<br />
AppSensor - Detect and Respond to Attacks from Within the Application<br />
<br />
''Colin Watson, project contributor, Codes of Conduct project leader and Industry Committee member''<br />
<br />
Zed Attack Proxy ZAP - An intercepting proxy aimed at people new to appsec as well as experienced pentesters<br />
<br />
''Simon Bennetts, ZAP project lead and OWASP Manchester chapter leader''<br />
<br />
3rd talk TBC<br />
<br />
== Past Events ==<br />
<br />
'''2011 Dates'''<br />
<br />
[[October_2011_Leeds]]<br />
<br />
[[June_2011]]<br />
<br />
'''2010 Dates'''<br />
<br />
[[8th_December_Leeds]]<br />
<br />
[[15th_September_Leeds]]<br />
<br />
[[16th_june_Leeds]]<br />
<br />
[[17th March - Leeds]]<br />
<br />
'''2009 Dates'''<br />
<br />
[[14th October 2009 - Leeds]]<br />
<br />
<br />
[[Category:United Kingdom]]<br />
[[Category:Europe]]</div>Owaspleedshttps://wiki.owasp.org/index.php?title=Leeds_UK/October_2011_Leeds&diff=123769Leeds UK/October 2011 Leeds2012-02-05T11:27:05Z<p>Owaspleeds: Created page with "Date: Tuesday 25th October Leeds::: Please RSVP via eventbrite PLEASE NOTE. MORE DETAILS ON TALKS WILL FOLLOW Location: KPMG Offices Leeds Schedule: 18:00 for 18:20 start 18:2..."</p>
<hr />
<div>Date: Tuesday 25th October Leeds::: Please RSVP via eventbrite<br />
PLEASE NOTE. MORE DETAILS ON TALKS WILL FOLLOW<br />
Location: KPMG Offices Leeds<br />
Schedule: 18:00 for 18:20 start<br />
18:20-18:30<br />
OWASP Chapter introduction. OWASP values and membership. Chapter information.<br />
OWASP Leeds board member<br />
AppSensor - Detect and Respond to Attacks from Within the Application<br />
Colin Watson, project contributor, Codes of Conduct project leader and Industry Committee member<br />
Zed Attack Proxy ZAP - An intercepting proxy aimed at people new to appsec as well as experienced pentesters<br />
Simon Bennetts, ZAP project lead and OWASP Manchester chapter leader<br />
3rd talk TBC</div>Owaspleedshttps://wiki.owasp.org/index.php?title=Leeds_UK&diff=120063Leeds UK2011-11-14T09:32:25Z<p>Owaspleeds: /* 2011 Planned Meetings */</p>
<hr />
<div>{{Chapter Template|chaptername=Leeds UK|extra=<br />
<br />
This is a new chapter and we are looking for enthusiatic new members to make this one of the best OWASP chapters. We are hoping to accumalate a good proportion of subject matter experts who will in turn be able to provide guidance and presentations for the benefit of all chapter members. So please join the mailing list and contribute. <br />
<br />
Details of your chapter Board members can be found here [[Leeds_UK_chapter_leaders]] <br />
<br />
The chapter email address is [mailto:owaspleeds@gmail.com owaspleeds@gmail.com]<br />
<br />
<br />
<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Leeds_UK|emailarchives=http://lists.owasp.org/pipermail/owasp-Leeds_UK}}<br />
<br />
<paypal>Leeds_UK</paypal><br />
<br />
<br />
== Planned Meetings ==<br />
<br />
January 18th 2012 Venue:TBC<br />
<br />
== Next Meeting ==<br />
'''Date:''' Tuesday 25th October Leeds::: Please RSVP via '''[http://www.eventbrite.com/event/2353391056 eventbrite]'''<br />
<br />
'''PLEASE NOTE. MORE DETAILS ON TALKS WILL FOLLOW'''<br />
<br />
'''Location:''' KPMG Offices Leeds<br />
<br />
'''Schedule: 18:00 for 18:20 start'''<br />
<br />
'''18:20-18:30'''<br />
<br />
OWASP Chapter introduction. OWASP values and membership. Chapter information.<br />
<br />
OWASP Leeds board member<br />
<br />
AppSensor - Detect and Respond to Attacks from Within the Application<br />
<br />
''Colin Watson, project contributor, Codes of Conduct project leader and Industry Committee member''<br />
<br />
Zed Attack Proxy ZAP - An intercepting proxy aimed at people new to appsec as well as experienced pentesters<br />
<br />
''Simon Bennetts, ZAP project lead and OWASP Manchester chapter leader''<br />
<br />
3rd talk TBC<br />
<br />
== Past Events ==<br />
<br />
'''2011 Dates'''<br />
<br />
[[June_2011]]<br />
<br />
'''2010 Dates'''<br />
<br />
[[8th_December_Leeds]]<br />
<br />
[[15th_September_Leeds]]<br />
<br />
[[16th_june_Leeds]]<br />
<br />
[[17th March - Leeds]]<br />
<br />
'''2009 Dates'''<br />
<br />
[[14th October 2009 - Leeds]]<br />
<br />
<br />
[[Category:United Kingdom]]<br />
[[Category:Europe]]</div>Owaspleedshttps://wiki.owasp.org/index.php?title=Leeds_UK&diff=120062Leeds UK2011-11-14T09:32:11Z<p>Owaspleeds: /* 2011 Planned Meetings */</p>
<hr />
<div>{{Chapter Template|chaptername=Leeds UK|extra=<br />
<br />
This is a new chapter and we are looking for enthusiatic new members to make this one of the best OWASP chapters. We are hoping to accumalate a good proportion of subject matter experts who will in turn be able to provide guidance and presentations for the benefit of all chapter members. So please join the mailing list and contribute. <br />
<br />
Details of your chapter Board members can be found here [[Leeds_UK_chapter_leaders]] <br />
<br />
The chapter email address is [mailto:owaspleeds@gmail.com owaspleeds@gmail.com]<br />
<br />
<br />
<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Leeds_UK|emailarchives=http://lists.owasp.org/pipermail/owasp-Leeds_UK}}<br />
<br />
<paypal>Leeds_UK</paypal><br />
<br />
<br />
== 2011 Planned Meetings ==<br />
<br />
January 18th 2012 Venue:TBC<br />
<br />
== Next Meeting ==<br />
'''Date:''' Tuesday 25th October Leeds::: Please RSVP via '''[http://www.eventbrite.com/event/2353391056 eventbrite]'''<br />
<br />
'''PLEASE NOTE. MORE DETAILS ON TALKS WILL FOLLOW'''<br />
<br />
'''Location:''' KPMG Offices Leeds<br />
<br />
'''Schedule: 18:00 for 18:20 start'''<br />
<br />
'''18:20-18:30'''<br />
<br />
OWASP Chapter introduction. OWASP values and membership. Chapter information.<br />
<br />
OWASP Leeds board member<br />
<br />
AppSensor - Detect and Respond to Attacks from Within the Application<br />
<br />
''Colin Watson, project contributor, Codes of Conduct project leader and Industry Committee member''<br />
<br />
Zed Attack Proxy ZAP - An intercepting proxy aimed at people new to appsec as well as experienced pentesters<br />
<br />
''Simon Bennetts, ZAP project lead and OWASP Manchester chapter leader''<br />
<br />
3rd talk TBC<br />
<br />
== Past Events ==<br />
<br />
'''2011 Dates'''<br />
<br />
[[June_2011]]<br />
<br />
'''2010 Dates'''<br />
<br />
[[8th_December_Leeds]]<br />
<br />
[[15th_September_Leeds]]<br />
<br />
[[16th_june_Leeds]]<br />
<br />
[[17th March - Leeds]]<br />
<br />
'''2009 Dates'''<br />
<br />
[[14th October 2009 - Leeds]]<br />
<br />
<br />
[[Category:United Kingdom]]<br />
[[Category:Europe]]</div>Owaspleedshttps://wiki.owasp.org/index.php?title=Leeds_UK&diff=119499Leeds UK2011-10-24T14:27:35Z<p>Owaspleeds: /* Next Meeting */</p>
<hr />
<div>{{Chapter Template|chaptername=Leeds UK|extra=<br />
<br />
This is a new chapter and we are looking for enthusiatic new members to make this one of the best OWASP chapters. We are hoping to accumalate a good proportion of subject matter experts who will in turn be able to provide guidance and presentations for the benefit of all chapter members. So please join the mailing list and contribute. <br />
<br />
Details of your chapter Board members can be found here [[Leeds_UK_chapter_leaders]] <br />
<br />
The chapter email address is [mailto:owaspleeds@gmail.com owaspleeds@gmail.com]<br />
<br />
<br />
<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Leeds_UK|emailarchives=http://lists.owasp.org/pipermail/owasp-Leeds_UK}}<br />
<br />
<paypal>Leeds_UK</paypal><br />
<br />
<br />
== 2011 Planned Meetings ==<br />
<br />
December 14th Manchester<br />
<br />
== Next Meeting ==<br />
'''Date:''' Tuesday 25th October Leeds::: Please RSVP via '''[http://www.eventbrite.com/event/2353391056 eventbrite]'''<br />
<br />
'''PLEASE NOTE. MORE DETAILS ON TALKS WILL FOLLOW'''<br />
<br />
'''Location:''' KPMG Offices Leeds<br />
<br />
'''Schedule: 18:00 for 18:20 start'''<br />
<br />
'''18:20-18:30'''<br />
<br />
OWASP Chapter introduction. OWASP values and membership. Chapter information.<br />
<br />
OWASP Leeds board member<br />
<br />
AppSensor - Detect and Respond to Attacks from Within the Application<br />
<br />
''Colin Watson, project contributor, Codes of Conduct project leader and Industry Committee member''<br />
<br />
Zed Attack Proxy ZAP - An intercepting proxy aimed at people new to appsec as well as experienced pentesters<br />
<br />
''Simon Bennetts, ZAP project lead and OWASP Manchester chapter leader''<br />
<br />
3rd talk TBC<br />
<br />
== Past Events ==<br />
<br />
'''2011 Dates'''<br />
<br />
[[June_2011]]<br />
<br />
'''2010 Dates'''<br />
<br />
[[8th_December_Leeds]]<br />
<br />
[[15th_September_Leeds]]<br />
<br />
[[16th_june_Leeds]]<br />
<br />
[[17th March - Leeds]]<br />
<br />
'''2009 Dates'''<br />
<br />
[[14th October 2009 - Leeds]]<br />
<br />
<br />
[[Category:United Kingdom]]<br />
[[Category:Europe]]</div>Owaspleedshttps://wiki.owasp.org/index.php?title=Leeds_UK&diff=118767Leeds UK2011-10-09T12:02:49Z<p>Owaspleeds: /* Next Meeting */</p>
<hr />
<div>{{Chapter Template|chaptername=Leeds UK|extra=<br />
<br />
This is a new chapter and we are looking for enthusiatic new members to make this one of the best OWASP chapters. We are hoping to accumalate a good proportion of subject matter experts who will in turn be able to provide guidance and presentations for the benefit of all chapter members. So please join the mailing list and contribute. <br />
<br />
Details of your chapter Board members can be found here [[Leeds_UK_chapter_leaders]] <br />
<br />
The chapter email address is [mailto:owaspleeds@gmail.com owaspleeds@gmail.com]<br />
<br />
<br />
<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Leeds_UK|emailarchives=http://lists.owasp.org/pipermail/owasp-Leeds_UK}}<br />
<br />
<paypal>Leeds_UK</paypal><br />
<br />
<br />
== 2011 Planned Meetings ==<br />
<br />
December 14th Manchester<br />
<br />
== Next Meeting ==<br />
'''Date:''' Tuesday 25th October Leeds::: Please RSVP via the eventbrite link TBA<br />
<br />
""PLEASE NOTE. MORE DETAILS ON TALKS WILL FOLLOW""<br />
<br />
'''Location:''' KPMG Offices Leeds<br />
<br />
'''Schedule: 18:00 for 18:20 start'''<br />
<br />
'''18:20-18:30'''<br />
<br />
OWASP Chapter introduction. OWASP values and membership. Chapter information.<br />
<br />
OWASP Leeds board member<br />
<br />
Appsensor -Detect and Respond to Attacks from Within the Application<br />
<br />
"Colin Watson, project leader"<br />
<br />
Zed Attack Proxy ZAP - A intercepting proxy aimed at developers<br />
<br />
"Simon Bennetts, lead developer and OWASP Manchester chapter leader"<br />
<br />
WPScan - A Wordpress vulnerability scanner<br />
<br />
''Ryan Dewhurst, Lead developer and creator''<br />
<br />
== Past Events ==<br />
<br />
'''2011 Dates'''<br />
<br />
[[June_2011]]<br />
<br />
'''2010 Dates'''<br />
<br />
[[8th_December_Leeds]]<br />
<br />
[[15th_September_Leeds]]<br />
<br />
[[16th_june_Leeds]]<br />
<br />
[[17th March - Leeds]]<br />
<br />
'''2009 Dates'''<br />
<br />
[[14th October 2009 - Leeds]]<br />
<br />
<br />
[[Category:United Kingdom]]<br />
[[Category:Europe]]</div>Owaspleedshttps://wiki.owasp.org/index.php?title=Leeds_UK&diff=117994Leeds UK2011-09-26T11:55:39Z<p>Owaspleeds: /* Next Meeting */</p>
<hr />
<div>{{Chapter Template|chaptername=Leeds UK|extra=<br />
<br />
This is a new chapter and we are looking for enthusiatic new members to make this one of the best OWASP chapters. We are hoping to accumalate a good proportion of subject matter experts who will in turn be able to provide guidance and presentations for the benefit of all chapter members. So please join the mailing list and contribute. <br />
<br />
Details of your chapter Board members can be found here [[Leeds_UK_chapter_leaders]] <br />
<br />
The chapter email address is [mailto:owaspleeds@gmail.com owaspleeds@gmail.com]<br />
<br />
<br />
<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Leeds_UK|emailarchives=http://lists.owasp.org/pipermail/owasp-Leeds_UK}}<br />
<br />
<paypal>Leeds_UK</paypal><br />
<br />
<br />
== 2011 Planned Meetings ==<br />
<br />
December 14th Manchester<br />
<br />
== Next Meeting ==<br />
'''Date:''' Wednesday 26th October Leeds::: Please RSVP via the eventbrite link TBA<br />
<br />
""PLEASE NOTE. MORE DETAILS ON TALKS WILL FOLLOW""<br />
<br />
'''Location:''' KPMG Offices Leeds<br />
<br />
'''Schedule: 18:00 for 18:20 start'''<br />
<br />
'''18:20-18:30'''<br />
<br />
OWASP Chapter introduction. OWASP values and membership. Chapter information.<br />
<br />
OWASP Leeds board member<br />
<br />
'''18:30-19:00'''<br />
<br />
WPScan - A Wordpress vulnerability scanner<br />
<br />
''Ryan Dewhurst, Lead developer and creator''<br />
<br />
<br />
<br />
'''19:00 - 20:00'''<br />
<br />
OWASP ZAP - Zed Attack Proxy<br />
<br />
''Simon Bennet, Project Leader and Manchester OWASP chapter board member''<br />
<br />
== Past Events ==<br />
<br />
'''2011 Dates'''<br />
<br />
[[June_2011]]<br />
<br />
'''2010 Dates'''<br />
<br />
[[8th_December_Leeds]]<br />
<br />
[[15th_September_Leeds]]<br />
<br />
[[16th_june_Leeds]]<br />
<br />
[[17th March - Leeds]]<br />
<br />
'''2009 Dates'''<br />
<br />
[[14th October 2009 - Leeds]]<br />
<br />
<br />
[[Category:United Kingdom]]<br />
[[Category:Europe]]</div>Owaspleedshttps://wiki.owasp.org/index.php?title=Leeds_UK&diff=117556Leeds UK2011-09-18T11:01:52Z<p>Owaspleeds: /* Next Meeting */</p>
<hr />
<div>{{Chapter Template|chaptername=Leeds UK|extra=<br />
<br />
This is a new chapter and we are looking for enthusiatic new members to make this one of the best OWASP chapters. We are hoping to accumalate a good proportion of subject matter experts who will in turn be able to provide guidance and presentations for the benefit of all chapter members. So please join the mailing list and contribute. <br />
<br />
Details of your chapter Board members can be found here [[Leeds_UK_chapter_leaders]] <br />
<br />
The chapter email address is [mailto:owaspleeds@gmail.com owaspleeds@gmail.com]<br />
<br />
<br />
<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Leeds_UK|emailarchives=http://lists.owasp.org/pipermail/owasp-Leeds_UK}}<br />
<br />
<paypal>Leeds_UK</paypal><br />
<br />
<br />
== 2011 Planned Meetings ==<br />
<br />
December 14th Manchester<br />
<br />
== Next Meeting ==<br />
'''Date:''' Wednesday 28th September Leeds::: Please RSVP via the eventbrite link TBA<br />
<br />
""PLEASE NOTE. MORE DETAILS ON TALKS WILL FOLLOW""<br />
<br />
'''Location:''' KPMG Offices Leeds<br />
<br />
'''Schedule: 18:00 for 18:20 start'''<br />
<br />
'''18:20-18:30'''<br />
<br />
OWASP Chapter introduction. OWASP values and membership. Chapter information.<br />
<br />
OWASP Leeds board member<br />
<br />
'''18:30-19:00'''<br />
<br />
WPScan - A Wordpress vulnerability scanner<br />
<br />
''Ryan Dewhurst, Lead developer and creator''<br />
<br />
<br />
<br />
'''19:00 - 20:00'''<br />
<br />
OWASP ZAP - Zed Attack Proxy<br />
<br />
''Simon Bennet, Project Leader and Manchester OWASP chapter board member''<br />
<br />
== Past Events ==<br />
<br />
'''2011 Dates'''<br />
<br />
[[June_2011]]<br />
<br />
'''2010 Dates'''<br />
<br />
[[8th_December_Leeds]]<br />
<br />
[[15th_September_Leeds]]<br />
<br />
[[16th_june_Leeds]]<br />
<br />
[[17th March - Leeds]]<br />
<br />
'''2009 Dates'''<br />
<br />
[[14th October 2009 - Leeds]]<br />
<br />
<br />
[[Category:United Kingdom]]<br />
[[Category:Europe]]</div>Owaspleedshttps://wiki.owasp.org/index.php?title=Leeds_UK&diff=117555Leeds UK2011-09-18T10:58:20Z<p>Owaspleeds: /* 2011 Planned Meetings */</p>
<hr />
<div>{{Chapter Template|chaptername=Leeds UK|extra=<br />
<br />
This is a new chapter and we are looking for enthusiatic new members to make this one of the best OWASP chapters. We are hoping to accumalate a good proportion of subject matter experts who will in turn be able to provide guidance and presentations for the benefit of all chapter members. So please join the mailing list and contribute. <br />
<br />
Details of your chapter Board members can be found here [[Leeds_UK_chapter_leaders]] <br />
<br />
The chapter email address is [mailto:owaspleeds@gmail.com owaspleeds@gmail.com]<br />
<br />
<br />
<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Leeds_UK|emailarchives=http://lists.owasp.org/pipermail/owasp-Leeds_UK}}<br />
<br />
<paypal>Leeds_UK</paypal><br />
<br />
<br />
== 2011 Planned Meetings ==<br />
<br />
December 14th Manchester<br />
<br />
== Next Meeting ==<br />
'''Date:''' Wednesday 22nd June in Manchester::: Please RSVP via the eventbrite link http://t.co/Cx3w8d7<br />
<br />
'''Location:''' KPMG Offices Manchester<br />
<br />
'''Schedule: 18:00 for 18:20 start'''<br />
<br />
'''18:20-18:30'''<br />
<br />
OWASP Chapter introduction. OWASP values and membership. Chapter information.<br />
<br />
OWASP Leeds board member<br />
<br />
'''18:30-19:30'''<br />
<br />
Talk Title to follow<br />
<br />
''Rapid 7''<br />
<br />
<br />
<br />
'''19:30 - 20:30'''<br />
<br />
How to become Twitter's admin: An introduction to Modern Web Service Attacks<br />
<br />
''Andreas Falkenberg, RUB''<br />
<br />
== Past Events ==<br />
<br />
'''2011 Dates'''<br />
<br />
[[June_2011]]<br />
<br />
'''2010 Dates'''<br />
<br />
[[8th_December_Leeds]]<br />
<br />
[[15th_September_Leeds]]<br />
<br />
[[16th_june_Leeds]]<br />
<br />
[[17th March - Leeds]]<br />
<br />
'''2009 Dates'''<br />
<br />
[[14th October 2009 - Leeds]]<br />
<br />
<br />
[[Category:United Kingdom]]<br />
[[Category:Europe]]</div>Owaspleedshttps://wiki.owasp.org/index.php?title=Leeds_UK&diff=117554Leeds UK2011-09-18T10:50:53Z<p>Owaspleeds: /* Past Events */</p>
<hr />
<div>{{Chapter Template|chaptername=Leeds UK|extra=<br />
<br />
This is a new chapter and we are looking for enthusiatic new members to make this one of the best OWASP chapters. We are hoping to accumalate a good proportion of subject matter experts who will in turn be able to provide guidance and presentations for the benefit of all chapter members. So please join the mailing list and contribute. <br />
<br />
Details of your chapter Board members can be found here [[Leeds_UK_chapter_leaders]] <br />
<br />
The chapter email address is [mailto:owaspleeds@gmail.com owaspleeds@gmail.com]<br />
<br />
<br />
<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Leeds_UK|emailarchives=http://lists.owasp.org/pipermail/owasp-Leeds_UK}}<br />
<br />
<paypal>Leeds_UK</paypal><br />
<br />
<br />
== 2011 Planned Meetings ==<br />
<br />
June 22nd Manchester<br />
<br />
September 21st Leeds<br />
<br />
December 14th Manchester<br />
<br />
== Next Meeting ==<br />
'''Date:''' Wednesday 22nd June in Manchester::: Please RSVP via the eventbrite link http://t.co/Cx3w8d7<br />
<br />
'''Location:''' KPMG Offices Manchester<br />
<br />
'''Schedule: 18:00 for 18:20 start'''<br />
<br />
'''18:20-18:30'''<br />
<br />
OWASP Chapter introduction. OWASP values and membership. Chapter information.<br />
<br />
OWASP Leeds board member<br />
<br />
'''18:30-19:30'''<br />
<br />
Talk Title to follow<br />
<br />
''Rapid 7''<br />
<br />
<br />
<br />
'''19:30 - 20:30'''<br />
<br />
How to become Twitter's admin: An introduction to Modern Web Service Attacks<br />
<br />
''Andreas Falkenberg, RUB''<br />
<br />
== Past Events ==<br />
<br />
'''2011 Dates'''<br />
<br />
[[June_2011]]<br />
<br />
'''2010 Dates'''<br />
<br />
[[8th_December_Leeds]]<br />
<br />
[[15th_September_Leeds]]<br />
<br />
[[16th_june_Leeds]]<br />
<br />
[[17th March - Leeds]]<br />
<br />
'''2009 Dates'''<br />
<br />
[[14th October 2009 - Leeds]]<br />
<br />
<br />
[[Category:United Kingdom]]<br />
[[Category:Europe]]</div>Owaspleedshttps://wiki.owasp.org/index.php?title=June_2011&diff=117553June 20112011-09-18T10:48:51Z<p>Owaspleeds: Created page with "Date: Wednesday 22nd June in Manchester::: Please RSVP via the eventbrite link http://t.co/Cx3w8d7 Location: KPMG Offices Manchester Schedule: 18:00 for 18:20 start 18:20-18:30 O..."</p>
<hr />
<div>Date: Wednesday 22nd June in Manchester::: Please RSVP via the eventbrite link http://t.co/Cx3w8d7<br />
Location: KPMG Offices Manchester<br />
Schedule: 18:00 for 18:20 start<br />
18:20-18:30<br />
OWASP Chapter introduction. OWASP values and membership. Chapter information.<br />
OWASP Leeds board member<br />
18:30-19:30<br />
Talk Title to follow<br />
Rapid 7<br />
<br />
19:30 - 20:30<br />
How to become Twitter's admin: An introduction to Modern Web Service Attacks<br />
Andreas Falkenberg, RUB</div>Owaspleedshttps://wiki.owasp.org/index.php?title=Leeds_UK&diff=117552Leeds UK2011-09-18T10:47:50Z<p>Owaspleeds: /* Past Events */</p>
<hr />
<div>{{Chapter Template|chaptername=Leeds UK|extra=<br />
<br />
This is a new chapter and we are looking for enthusiatic new members to make this one of the best OWASP chapters. We are hoping to accumalate a good proportion of subject matter experts who will in turn be able to provide guidance and presentations for the benefit of all chapter members. So please join the mailing list and contribute. <br />
<br />
Details of your chapter Board members can be found here [[Leeds_UK_chapter_leaders]] <br />
<br />
The chapter email address is [mailto:owaspleeds@gmail.com owaspleeds@gmail.com]<br />
<br />
<br />
<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Leeds_UK|emailarchives=http://lists.owasp.org/pipermail/owasp-Leeds_UK}}<br />
<br />
<paypal>Leeds_UK</paypal><br />
<br />
<br />
== 2011 Planned Meetings ==<br />
<br />
June 22nd Manchester<br />
<br />
September 21st Leeds<br />
<br />
December 14th Manchester<br />
<br />
== Next Meeting ==<br />
'''Date:''' Wednesday 22nd June in Manchester::: Please RSVP via the eventbrite link http://t.co/Cx3w8d7<br />
<br />
'''Location:''' KPMG Offices Manchester<br />
<br />
'''Schedule: 18:00 for 18:20 start'''<br />
<br />
'''18:20-18:30'''<br />
<br />
OWASP Chapter introduction. OWASP values and membership. Chapter information.<br />
<br />
OWASP Leeds board member<br />
<br />
'''18:30-19:30'''<br />
<br />
Talk Title to follow<br />
<br />
''Rapid 7''<br />
<br />
<br />
<br />
'''19:30 - 20:30'''<br />
<br />
How to become Twitter's admin: An introduction to Modern Web Service Attacks<br />
<br />
''Andreas Falkenberg, RUB''<br />
<br />
== Past Events ==<br />
<br />
'''2011 Dates'''<br />
<br />
<br />
<br />
'''2010 Dates'''<br />
<br />
[[8th_December_Leeds]]<br />
<br />
[[15th_September_Leeds]]<br />
<br />
[[16th_june_Leeds]]<br />
<br />
[[17th March - Leeds]]<br />
<br />
'''2009 Dates'''<br />
<br />
[[14th October 2009 - Leeds]]<br />
<br />
<br />
[[Category:United Kingdom]]<br />
[[Category:Europe]]</div>Owaspleeds