OWASP on the Move

2007-08-13T19:58:00Z

Robertwmartin: /* Current demand */

This new program allows local chapter or application security conferences to have OWASP presenters on site.

This page will allow 3 parties to find each other:

* OWASP speakers to entertain OWASP presentations and that want to see the world
* Local chapters or application security events that want to attract an OWASP speaker
* OWASP sponsors that want to support spreading the OWASP message

Owasp on the Move (OotM) is now also a project. Visit the project [[:Category:OWASP_on_the_Move_Project|page]] to see what the future holds for OotM.

== Current demand ==
Add your demand here:
* [[Helsinki]] is looking for OWASP speakers on the SDLC topic for a mini-conference. Expected timing is late August, early Sept. Sponsors and potential speakers are requested to contact Mikko.

* [[Edmonton]] is looking for an OWASP speaker on any topic to coincide with the CIPS Edmonton ICE Conference[http://www.iceconference.com/iceSpeakers.aspx]. The talk would be during November 5 - 7, 2007. Looking for a quick reply if possible as we are trying to finalize the conference program very shortly. Keynotes at the conference include Bruce Schneier and Jim Christy, so this could be a great opportunity to showcase OWASP to an interested audience.

== Current offerings ==
If you want to (re)do an OWASP related presentation, propose them here with your availability boundaries (timing/geographical)
* Marc Curphey will happily speak about the WebAppSec industry, SDLC etc. around Europe. You can see him in action at [http://video.hitb.org/2006.html HITB with John Viega] (big download)
* [mailto:thesp0nge@owasp.org Paolo Perego] is available to talk about [http://www.owasp.org/index.php/Category:OWASP_Orizon_Project Orizon project], safe coding and code review issues around Europe in the near October-December.
* you?

== Upcoming OWASP on the Move Events ==
* [[Belgium]] Mark Curphey and pdp (Architect) will be coming as part of the OWASP Day worldwide conference.

== Past OWASP on the Move Events ==
* [[Turkey]] Dinis joined the first Turkey Mini-Conference
* [[Belgium]] Ivan Ristic and Dinis Cruz came to the chapter meeting (sponsored by F5 Networks locally).

== Sponsors ==
Currently the OotM is sponsored by banners on the OWASP home page.

We are looking for sponsors that specifically want to sponsor the OotM project.

Past local sponsors were:
* F5 Networks in [[Belgium]]

Edmonton

2007-02-22T14:05:15Z

Robertwmartin: /* Local News */

{{Chapter Template|chaptername=Edmonton|extra=The chapter leader is [mailto:robert.martin@shunda.com Robert Martin]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-edmonton|emailarchives=http://lists.owasp.org/pipermail/owasp-edmonton}}

== Local News ==

''Note we return to Telus Plaza for the February meeting.''

Our chapter's next meeting will take place Tuesday, February 27, 2007 at 6:00 PM at the Telus Plaza North Tower. Please meet us in the building's lobby before 6:00 so that we can escort you to the boardroom. The meeting will be over by 7:15. This [http://maps.google.ca/maps?f=q&hl=en&q=10025+Jasper+Ave+NW,+Edmonton,+AB&ie=UTF8&z=17&ll=53.54097,-113.491248&spn=0.004578,0.010493&t=h&om=1 map] guides you to Telus Plaza North.

The February topic will be "Building Defensible Web App Architectures", by Jason Meltzer of Strange Research, http://www.strangeresearch.com.

Web applications have become the most significantly exposed, and
vulnerable, software systems on an organization's network. Thousands
of lines of custom application code lovingly interfacing with a pile
of third-party middleware that's herding data to and from what is
likely an installation of a major database, and all of this is
supporting critical business processes handling yours, and others,
sensitive data. Hopefully you've spent a little time and some honest
effort on reducing security defects in your applications (I see each
of your devs has the OWASP Top 10 taped to their cubicle wall) and
your network guys are seasoned warriors, so everything is solid. Now,
what happens when, not if, you have an incident involving your web
app?

This talk is going to bring the concepts surrounding building a
defensible network into the realm of designing web application
architectures. We will be doing some drawing, and there will be
network devices in our diagrams. We'll discussed defending deployed
web applications, how they are different and what issues that
raises... We'll discuss the implications of such things as when the
OWASP guide say, "By default, no unencrypted data should transit the
network" and we'll discuss how we might be able to get to a position
where we can start to think about having the ability to effectively
respond to a web app incident.

Previous meetings covered:
* OWASP's Top Ten Project
* OWASP's WebGoat insecure web application
* Cross Site Scripting Attacks (Yegor's [http://www.owasp.org/images/5/5e/XssYegorJbanov.pdf slideshow])
* Pub Night(!); discussed strategies for secure use of personal web applications

OWASP - User contributions [en]

OWASP on the Move

Edmonton