https://wiki.owasp.org/api.php?action=feedcontributions&feedformat=atom&user=Sunny+WearOWASP - User contributions [en]2026-05-17T14:42:31ZUser contributionsMediaWiki 1.27.2https://wiki.owasp.org/index.php?title=Tampa&diff=256592Tampa2020-01-08T16:45:17Z<p>Sunny Wear: ssss</p>
<hr />
<div>{{Chapter Template|chaptername=Tampa|extra=Anyone in our area interested in information security is welcome to attend. Our meetings are informal and encourage open discussion of all aspects of application security. We invite attendees to give short presentations about specific topics. <br />
<br />
We have a mailing list at: https://groups.google.com/a/owasp.org/d/forum/tampa-chapter<br />
<br />
If you have any questions about the Tampa chapter, please send an email to the chapter leaders via the above mailing list:<br />
* [mailto:jon.singer@owasp.org Jonathan Singer] - Co-Leader<br />
* [mailto:sunny.wear@owasp.org Sunny Wear] - Co-Leader<br />
* Nestor Torres - Chapter Coordinator<br />
* Charlie Marval - Chapter Coordinator<br />
<br />
The Tampa chapter is sponsored by:<br />
We are looking for sponsors!<br />
<br />
Join the OWASP Tampa LinkedIn group [https://www.linkedin.com/groups/2897535/profile here]. <br />
<br />
Join the OWASP Tampa Facebook group [https://www.facebook.com/owasptampa/ here].<br />
<br />
A reminder that CISSPs can earn 1 CPE credit for every hour of attendance at OWASP meetings.<br />
|mailinglistsite=https://groups.google.com/a/owasp.org/d/forum/tampa-chapter<br />
=https://groups.google.com/a/owasp.org/d/forum/tampa-chapter<br />
}}<br />
<br />
== Next Meeting ==<br />
<br />
Date:<br />
<br />
* Friday, February 7, 2020 <br />
<br />
Time:<br />
<br />
* 11:30am - 1:00pm <br />
<br />
Description:<br />
<br />
* OWASP Tampa Q1 Lunch and Learn Meeting 2020<br />
<br />
Location:<br />
* '''SecureSet Academy''' 1915 N Avenida Republica de Cuba #3622<br />
Tampa, FL 33605<br />
Registration: https://owasp-tampa-chapter-q1-lunch-n-learn-2020.eventbrite.com<br />
<br />
AGENDA:<br />
Announcements <br />
Speaker<br />
<br />
<br />
DESCRIPTION: <br />
<br />
Join us for OWASP Tampa Q1 Lunch and Learn!<br />
<br />
'''Speaker:'''<br />
<br />
'''Mila Paul'''<br />
<br />
Title: SECURE YOUR SPRING BOOT APP WITH SPRING SECURITY AND OAUTH 2.0<br />
<br />
Description: <br />
PART 1: INTRODUCTION TO SECURITY IN WEB APPS (WHY DO I CARE) AND SPRING SECURITY<br />
<br />
PART 2: BUILD APP WITH SPRING SECURITY OAUTH2 AND TEST IT<br />
<br />
PART 3: OTHER OPTIONS WITH SPRING SECURITY<br />
<br />
Bio: Mila Paul is adjunct faculty in Computer and Cyber Sciences and also has courses for certificates for secure web development and blockchain on Openclassrooms.com and Amesite.com. Her interest in cybersecurity began in her work as a defense contractor in the Middle East for twelve years. Now she enjoys teaching, blockchain startups and music production. <br />
<br />
<br />
== Presentation Archives ==<br />
<br />
2019-Q1 - Application Security in an Ever Changing Digital Landscape - Trace Hollifield - Presentation Slides [[:File:Dev Sec Ops 2019-03.pdf|here]]<br />
<br />
2016-Q4 - Mark Villinski, Kaspersky - Unlock the Key to Repel Ransomware, Major General Oleg D. Kalugin, Formerly with KGB and author of "Spymaster", John Ford- Defend Trade Secrets Act of 2016, Steve Obeck, Tanium- Security Hygiene, Jeremy Rasmussen, Cybersecurity Director of Abacode - “Incident Response and Investigations: Tales from the Trenches”<br />
<br />
2016-Q3 - Red Team Operating in a modern environment - Jonathan Echavarria - Presentation Slides [https://www.owasp.org/images/4/4b/Red_Team_Operating_in_a_Modern_Environment.pdf here]<br />
<br />
2016-Q2 - OpenSAMM Software Assurance Maturity Model - Eoin Fitzpatrick - Presentation Slides [https://www.owasp.org/images/b/bd/OpenSAMM_Overview.pdf here]<br />
<br />
2016-Q1 - AppSec Pipeline: Application Security in a world of Agile Development, Continuous Change and DevOps - Doug Morato - Presentation Slides [https://www.owasp.org/images/e/ef/OWASP_Tampa_-_02_19_2016_-_AppSec_Pipeline.pdf here]<br />
<br />
2015-Q4 - Care & Feeding of Programmers-Addressing App Sec Gaps with Headers - Sunny Wear - Presentation Slides [https://www.owasp.org/images/d/d3/Care_%26_Feeding_of_Programmers_-Addressing_App_Sec_Gaps_with_Headers.pdf here]<br />
<br />
2015-Q4 - Secure Session Management - Brian Beaudry - Presentation Slides [http://www.slideshare.net/gpsec/secure-session-management here]<br />
<br />
OWASP Tampa Day 2014 - Shadow IT Does Not Have To Be Shady - Scott VanWart - Presentation Slides [https://www.owasp.org/images/b/b8/OTD_2014_-_Shadow-IT-Shady-FINAL.pdf here]<br />
<br />
OWASP Tampa Day 2014 - Offensive Mobile Forensics - Joey Peloquin - Presentation Slides [https://www.owasp.org/images/0/06/OTD_2014_-_OMF_GPS.pdf here]<br />
<br />
OWASP Tampa Day 2014 - OWASP Top 10 for MVC 4 and Greater - James Davis - Presentation Slides [https://www.owasp.org/images/c/cb/OTD_2014_-_OWASPTop10forMVC.pdf here]<br />
<br />
OWASP Tampa Day 2014 - Application Centric Mobile Application Security Model - Daniel Bender - Presentation Slides [https://www.owasp.org/images/4/42/OTD_2014_-_owasp-mobile.pdf here]<br />
<br />
OWASP Tampa Day 2014 - Intern down for what? - Tony Turner - Presentation Slides [https://www.owasp.org/images/0/05/InternDown4What_edit.pdf here]<br />
<br />
2014-Q3 - Do we really know the OWASP Top 10? - Jon Singer - Presentation Slides [https://www.owasp.org/images/3/34/Do_we_really_know_the_OWASP_Top_10.pdf here]<br />
<br />
2014-Q1 - Herding Cats - Carl Brothers - Presentation Slides [https://www.owasp.org/images/f/fc/Herding_Cats_-_OWASP%2C_Tampa_3-12-2014.pdf here]<br />
<br />
2014-Q1 - The Enemy Within - Ramece Cave - Presentation Slides [https://www.owasp.org/images/c/c2/TheEnemyWithin.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Securing Your Applications' Data With Web Application Firewalls - Dennis K. Usle - Presentation Slides [https://www.owasp.org/images/b/b7/Securing_your_Applications_%26_Data_With_Web_Application_Firewalls.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Bring Your Own Service - Doug Maul - Presentation Slides [https://www.owasp.org/images/e/e2/Bring_Your_Own_Service.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Design Consideration & Guiding Principles for Implementing Cloud Security - Bill Sterns - Presentation Slides [https://www.owasp.org/images/4/47/Design_considerations_and_Guiding_Principles_for_Implementing_Cloud_Security.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Let's Get Right To The Endpoint - Mel Pless - Presentation Slides [https://www.owasp.org/images/e/e5/Let%E2%80%99s_Get_Right_To_The_Endpoint.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Vulnerability Management That Works - Tony Turner - Presentation Slides [https://www.owasp.org/images/2/2f/Vulnerability_Management_That_Works.pdf here]<br />
<br />
2012-Q3 - Taming the B.E.A.S.T. - Richard Newman - Presentation Slides [https://www.owasp.org/images/1/10/Taming_the_B.E.A.S.T..pdf here]<br />
<br />
OWASP Tampa Day 2012 - Changing the Game - Jason Kent - Presentation Slides [https://www.owasp.org/images/0/04/OWASP_Changing_the_Game_-_Jason_Kent.pdf here]<br />
<br />
OWASP Tampa Day 2012 - MDM Technical Presentation - Keith Katz - Presentation Slides [https://www.owasp.org/images/a/a4/Zenprise_Technical_Presentation_-_Keith_Katz.pdf here]<br />
<br />
OWASP Tampa Day 2012 - Federated Identities in the Real World - Nathan Sargent - Presentation Slides [https://www.owasp.org/images/7/78/Federated_Identities_in_the_Real_World_-_Nathan_Sargent.pdf here]<br />
<br />
OWASP Tampa Day 2012 - Define and Optimize Your Approach to Application Security - Bruce Jenkins - Presentation Slides [https://www.owasp.org/images/8/8a/Define_and_Optimize_Your_Approach_to_Application_Security_-_Bruce_Jenkins.pdf here]<br />
<br />
OWASP Tampa Day 2012 - Anonymous: Lessons Learned - Bill Church - Presentation Slides [https://www.owasp.org/images/a/a1/Anonymous_-_Lessons_Learned_-_Bill_Church.pdf here]<br />
<br />
2012-Q1 - Protecting Against SQLi in Real-Time - Stuart Hancock - Presentation Slides [https://www.owasp.org/index.php/File:DBN-OWASP_Presentation.pdf here]<br />
<br />
2011-Q4 - How Not to Build Android Apps - Jack Mannino - Presentation Slides [https://www.owasp.org/images/8/86/HowNotToBuildAndroidApps2.pdf here]<br />
<br />
2011-Q4 - Behind Enemy Lines: Practical & Triage Approaches to Mobile Security Abroad - Justin Morehouse - Presentation Slides [http://www.slideshare.net/mascasa/behind-enemy-lines-practical-triage-approaches-to-mobile-security-abroad here] <br />
<br />
2011-Q3 - Hiding in Plain Sight - Ramece Cave - Presentation Slides [https://www.owasp.org/images/2/28/Hiding_in_Plain_Sight.pdf here] <br />
<br />
2011-Q3 - PCI Compliance 2.0 - Kate Mullin - Presentation Slides [https://www.owasp.org/images/6/67/PCI_Compliance_9_2011.pdf here] <br />
<br />
OWASP Tampa Day 2011 - PCI for Developers: Lessons from the Real World - Trevor Hawthorn - Presentation Slides [https://www.owasp.org/images/f/f7/OTD2011-TH.pdf here] <br />
<br />
OWASP Tampa Day 2011 - Top Website Vulnerabilities: Trends, Business Effects and How to Fight Them - Rinaldi Rampen - Presentation Slides [https://www.owasp.org/images/a/aa/OTD2011-RR.pdf here] <br />
<br />
OWASP Tampa Day 2011 - How to Defend the Universe from Evil-doers: A Guide for Software Developers and Security Teams - Bruce Jenkins - Presentation Slides [https://www.owasp.org/images/1/12/OTD2011-BJ.pdf here] <br />
<br />
OWASP Tampa Day 2011 - Analysis of Deadly Combination of XSS and CSRF - Sherif Koussa - Presentation Slides [https://www.owasp.org/images/8/8c/OTD2011-SK.pdf here] <br />
<br />
2011-Q1 - Real Lessons of Deploying Static Analysis in Development Groups - Jeff LoSapio - Presentation Slides [http://www.owasp.org/images/3/3b/TampaOWASP_March2011.pdf here] <br />
<br />
2011-Q1 - Intelligence Gathering for Penetration Testers: Opening Doors with Metadata - Chris Patten - Presentation Slides [http://www.owasp.org/images/a/ae/Intel_pen_owasp_Q1_2011.pdf here] <br />
<br />
2011-Q1 - Vulnerability Management in an IPv6 World - Richard Newman &amp; Brett McKinney - Presentation Slides [http://www.owasp.org/images/f/fa/Vulnerability_Scanning_in_an_IPv6_World.pdf here] <br />
<br />
2010-Q4 - Nessus Bridge for Metasploit - Zate Berg - Presentation Slides [http://www.scribd.com/doc/41173753/Nessus-Bridge-for-Metasploit here] <br />
<br />
2010-Q2 - Stealing Guests...The VMware Way - Justin Morehouse &amp; Tony Flick - Presentation slides [http://www.fyrmassociates.com/pdfs/Stealing_Guests_The_VMware_Way-ShmooCon2010.pdf here] <br />
<br />
2010-Q1 - The New World of Smartphone Security - Trevor Hawthorn - Presentation slides [http://www.stratumsec.net/sites/default/files/Stratum%20Security-The%20New%20World%20of%20Smartphone%20Security-Shmoocon%202010.pdf here] <br />
<br />
2009-Q3 - Hacking the Smart Grid - Tony Flick - Presentation slides [http://www.owasp.org/images/d/df/HackingTheSmartGrid-OWASP_Tampa.pdf here] <br />
<br />
2009-Q2 - Open SAMM - Zate Berg - Presentation slides [https://www.owasp.org/images/c/c3/Software_Assurance_Maturity_Model.pdf here] <br />
<br />
2009-Q1 - XSS Anonymous Browser - Matt Flick - Presentation slides [https://www.owasp.org/images/b/bb/BlackHat-DC-09-Flick-XAB_Slides.pdf here] <br />
<br />
2008-Q4 - Google Code Search&nbsp;: The pitfalls of Copy/Paste - Tony Flick - Presentation slides [https://www.owasp.org/images/5/5b/GoogleCodeSearch.pdf here] <br />
<br />
[[Category:OWASP_Chapter]]<br />
[[Category:United States]]<br />
[[Category:Florida]]</div>Sunny Wearhttps://wiki.owasp.org/index.php?title=Tampa&diff=255910Tampa2019-11-02T16:15:52Z<p>Sunny Wear: updated location</p>
<hr />
<div>{{Chapter Template|chaptername=Tampa|extra=Anyone in our area interested in information security is welcome to attend. Our meetings are informal and encourage open discussion of all aspects of application security. We invite attendees to give short presentations about specific topics. <br />
<br />
We have a mailing list at: https://groups.google.com/a/owasp.org/d/forum/tampa-chapter<br />
<br />
If you have any questions about the Tampa chapter, please send an email to the chapter leaders via the above mailing list:<br />
* [mailto:jon.singer@owasp.org Jonathan Singer] - Co-Leader<br />
* [mailto:sunny.wear@owasp.org Sunny Wear] - Co-Leader<br />
* Nestor Torres - Chapter Coordinator<br />
* Charlie Marval - Chapter Coordinator<br />
<br />
The Tampa chapter is sponsored by:<br />
We are looking for sponsors!<br />
<br />
Join the OWASP Tampa LinkedIn group [https://www.linkedin.com/groups/2897535/profile here]. <br />
<br />
Join the OWASP Tampa Facebook group [https://www.facebook.com/owasptampa/ here].<br />
<br />
A reminder that CISSPs can earn 1 CPE credit for every hour of attendance at OWASP meetings.<br />
|mailinglistsite=https://groups.google.com/a/owasp.org/d/forum/tampa-chapter<br />
=https://groups.google.com/a/owasp.org/d/forum/tampa-chapter<br />
}}<br />
<br />
== Next Meeting ==<br />
<br />
Date:<br />
<br />
* Friday, December 6, 2019 <br />
<br />
Time:<br />
<br />
* 8:00am - 5:00pm <br />
<br />
Description:<br />
<br />
* OWASP Tampa Day 2109<br />
<br />
Location:<br />
* '''Wild Rover Brewery''' 13921 Lynmar Blvd Tampa, FL 33626<br />
Registration: https://owasp-tampa-day-2019.eventbrite.com<br />
<br />
AGENDA:<br />
Speakers<br />
Games<br />
Career Advice<br />
Networking<br />
<br />
DESCRIPTION: <br />
<br />
Join us for OWASP Tampa Day 2019! Speakers and topics to be announced soon!<br />
<br />
== Meeting Location ==<br />
<br />
Location:<br />
<br />
'''Wild Rover Brewery''' 13921 Lynmar Blvd Tampa, FL 33626<br />
<br />
== Presentation Archives ==<br />
<br />
2019-Q1 - Application Security in an Ever Changing Digital Landscape - Trace Hollifield - Presentation Slides [[:File:Dev Sec Ops 2019-03.pdf|here]]<br />
<br />
2016-Q4 - Mark Villinski, Kaspersky - Unlock the Key to Repel Ransomware, Major General Oleg D. Kalugin, Formerly with KGB and author of "Spymaster", John Ford- Defend Trade Secrets Act of 2016, Steve Obeck, Tanium- Security Hygiene, Jeremy Rasmussen, Cybersecurity Director of Abacode - “Incident Response and Investigations: Tales from the Trenches”<br />
<br />
2016-Q3 - Red Team Operating in a modern environment - Jonathan Echavarria - Presentation Slides [https://www.owasp.org/images/4/4b/Red_Team_Operating_in_a_Modern_Environment.pdf here]<br />
<br />
2016-Q2 - OpenSAMM Software Assurance Maturity Model - Eoin Fitzpatrick - Presentation Slides [https://www.owasp.org/images/b/bd/OpenSAMM_Overview.pdf here]<br />
<br />
2016-Q1 - AppSec Pipeline: Application Security in a world of Agile Development, Continuous Change and DevOps - Doug Morato - Presentation Slides [https://www.owasp.org/images/e/ef/OWASP_Tampa_-_02_19_2016_-_AppSec_Pipeline.pdf here]<br />
<br />
2015-Q4 - Care & Feeding of Programmers-Addressing App Sec Gaps with Headers - Sunny Wear - Presentation Slides [https://www.owasp.org/images/d/d3/Care_%26_Feeding_of_Programmers_-Addressing_App_Sec_Gaps_with_Headers.pdf here]<br />
<br />
2015-Q4 - Secure Session Management - Brian Beaudry - Presentation Slides [http://www.slideshare.net/gpsec/secure-session-management here]<br />
<br />
OWASP Tampa Day 2014 - Shadow IT Does Not Have To Be Shady - Scott VanWart - Presentation Slides [https://www.owasp.org/images/b/b8/OTD_2014_-_Shadow-IT-Shady-FINAL.pdf here]<br />
<br />
OWASP Tampa Day 2014 - Offensive Mobile Forensics - Joey Peloquin - Presentation Slides [https://www.owasp.org/images/0/06/OTD_2014_-_OMF_GPS.pdf here]<br />
<br />
OWASP Tampa Day 2014 - OWASP Top 10 for MVC 4 and Greater - James Davis - Presentation Slides [https://www.owasp.org/images/c/cb/OTD_2014_-_OWASPTop10forMVC.pdf here]<br />
<br />
OWASP Tampa Day 2014 - Application Centric Mobile Application Security Model - Daniel Bender - Presentation Slides [https://www.owasp.org/images/4/42/OTD_2014_-_owasp-mobile.pdf here]<br />
<br />
OWASP Tampa Day 2014 - Intern down for what? - Tony Turner - Presentation Slides [https://www.owasp.org/images/0/05/InternDown4What_edit.pdf here]<br />
<br />
2014-Q3 - Do we really know the OWASP Top 10? - Jon Singer - Presentation Slides [https://www.owasp.org/images/3/34/Do_we_really_know_the_OWASP_Top_10.pdf here]<br />
<br />
2014-Q1 - Herding Cats - Carl Brothers - Presentation Slides [https://www.owasp.org/images/f/fc/Herding_Cats_-_OWASP%2C_Tampa_3-12-2014.pdf here]<br />
<br />
2014-Q1 - The Enemy Within - Ramece Cave - Presentation Slides [https://www.owasp.org/images/c/c2/TheEnemyWithin.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Securing Your Applications' Data With Web Application Firewalls - Dennis K. Usle - Presentation Slides [https://www.owasp.org/images/b/b7/Securing_your_Applications_%26_Data_With_Web_Application_Firewalls.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Bring Your Own Service - Doug Maul - Presentation Slides [https://www.owasp.org/images/e/e2/Bring_Your_Own_Service.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Design Consideration & Guiding Principles for Implementing Cloud Security - Bill Sterns - Presentation Slides [https://www.owasp.org/images/4/47/Design_considerations_and_Guiding_Principles_for_Implementing_Cloud_Security.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Let's Get Right To The Endpoint - Mel Pless - Presentation Slides [https://www.owasp.org/images/e/e5/Let%E2%80%99s_Get_Right_To_The_Endpoint.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Vulnerability Management That Works - Tony Turner - Presentation Slides [https://www.owasp.org/images/2/2f/Vulnerability_Management_That_Works.pdf here]<br />
<br />
2012-Q3 - Taming the B.E.A.S.T. - Richard Newman - Presentation Slides [https://www.owasp.org/images/1/10/Taming_the_B.E.A.S.T..pdf here]<br />
<br />
OWASP Tampa Day 2012 - Changing the Game - Jason Kent - Presentation Slides [https://www.owasp.org/images/0/04/OWASP_Changing_the_Game_-_Jason_Kent.pdf here]<br />
<br />
OWASP Tampa Day 2012 - MDM Technical Presentation - Keith Katz - Presentation Slides [https://www.owasp.org/images/a/a4/Zenprise_Technical_Presentation_-_Keith_Katz.pdf here]<br />
<br />
OWASP Tampa Day 2012 - Federated Identities in the Real World - Nathan Sargent - Presentation Slides [https://www.owasp.org/images/7/78/Federated_Identities_in_the_Real_World_-_Nathan_Sargent.pdf here]<br />
<br />
OWASP Tampa Day 2012 - Define and Optimize Your Approach to Application Security - Bruce Jenkins - Presentation Slides [https://www.owasp.org/images/8/8a/Define_and_Optimize_Your_Approach_to_Application_Security_-_Bruce_Jenkins.pdf here]<br />
<br />
OWASP Tampa Day 2012 - Anonymous: Lessons Learned - Bill Church - Presentation Slides [https://www.owasp.org/images/a/a1/Anonymous_-_Lessons_Learned_-_Bill_Church.pdf here]<br />
<br />
2012-Q1 - Protecting Against SQLi in Real-Time - Stuart Hancock - Presentation Slides [https://www.owasp.org/index.php/File:DBN-OWASP_Presentation.pdf here]<br />
<br />
2011-Q4 - How Not to Build Android Apps - Jack Mannino - Presentation Slides [https://www.owasp.org/images/8/86/HowNotToBuildAndroidApps2.pdf here]<br />
<br />
2011-Q4 - Behind Enemy Lines: Practical & Triage Approaches to Mobile Security Abroad - Justin Morehouse - Presentation Slides [http://www.slideshare.net/mascasa/behind-enemy-lines-practical-triage-approaches-to-mobile-security-abroad here] <br />
<br />
2011-Q3 - Hiding in Plain Sight - Ramece Cave - Presentation Slides [https://www.owasp.org/images/2/28/Hiding_in_Plain_Sight.pdf here] <br />
<br />
2011-Q3 - PCI Compliance 2.0 - Kate Mullin - Presentation Slides [https://www.owasp.org/images/6/67/PCI_Compliance_9_2011.pdf here] <br />
<br />
OWASP Tampa Day 2011 - PCI for Developers: Lessons from the Real World - Trevor Hawthorn - Presentation Slides [https://www.owasp.org/images/f/f7/OTD2011-TH.pdf here] <br />
<br />
OWASP Tampa Day 2011 - Top Website Vulnerabilities: Trends, Business Effects and How to Fight Them - Rinaldi Rampen - Presentation Slides [https://www.owasp.org/images/a/aa/OTD2011-RR.pdf here] <br />
<br />
OWASP Tampa Day 2011 - How to Defend the Universe from Evil-doers: A Guide for Software Developers and Security Teams - Bruce Jenkins - Presentation Slides [https://www.owasp.org/images/1/12/OTD2011-BJ.pdf here] <br />
<br />
OWASP Tampa Day 2011 - Analysis of Deadly Combination of XSS and CSRF - Sherif Koussa - Presentation Slides [https://www.owasp.org/images/8/8c/OTD2011-SK.pdf here] <br />
<br />
2011-Q1 - Real Lessons of Deploying Static Analysis in Development Groups - Jeff LoSapio - Presentation Slides [http://www.owasp.org/images/3/3b/TampaOWASP_March2011.pdf here] <br />
<br />
2011-Q1 - Intelligence Gathering for Penetration Testers: Opening Doors with Metadata - Chris Patten - Presentation Slides [http://www.owasp.org/images/a/ae/Intel_pen_owasp_Q1_2011.pdf here] <br />
<br />
2011-Q1 - Vulnerability Management in an IPv6 World - Richard Newman &amp; Brett McKinney - Presentation Slides [http://www.owasp.org/images/f/fa/Vulnerability_Scanning_in_an_IPv6_World.pdf here] <br />
<br />
2010-Q4 - Nessus Bridge for Metasploit - Zate Berg - Presentation Slides [http://www.scribd.com/doc/41173753/Nessus-Bridge-for-Metasploit here] <br />
<br />
2010-Q2 - Stealing Guests...The VMware Way - Justin Morehouse &amp; Tony Flick - Presentation slides [http://www.fyrmassociates.com/pdfs/Stealing_Guests_The_VMware_Way-ShmooCon2010.pdf here] <br />
<br />
2010-Q1 - The New World of Smartphone Security - Trevor Hawthorn - Presentation slides [http://www.stratumsec.net/sites/default/files/Stratum%20Security-The%20New%20World%20of%20Smartphone%20Security-Shmoocon%202010.pdf here] <br />
<br />
2009-Q3 - Hacking the Smart Grid - Tony Flick - Presentation slides [http://www.owasp.org/images/d/df/HackingTheSmartGrid-OWASP_Tampa.pdf here] <br />
<br />
2009-Q2 - Open SAMM - Zate Berg - Presentation slides [https://www.owasp.org/images/c/c3/Software_Assurance_Maturity_Model.pdf here] <br />
<br />
2009-Q1 - XSS Anonymous Browser - Matt Flick - Presentation slides [https://www.owasp.org/images/b/bb/BlackHat-DC-09-Flick-XAB_Slides.pdf here] <br />
<br />
2008-Q4 - Google Code Search&nbsp;: The pitfalls of Copy/Paste - Tony Flick - Presentation slides [https://www.owasp.org/images/5/5b/GoogleCodeSearch.pdf here] <br />
<br />
[[Category:OWASP_Chapter]]<br />
[[Category:United States]]<br />
[[Category:Florida]]</div>Sunny Wearhttps://wiki.owasp.org/index.php?title=Tampa&diff=255909Tampa2019-11-02T15:39:02Z<p>Sunny Wear: dd</p>
<hr />
<div>{{Chapter Template|chaptername=Tampa|extra=Anyone in our area interested in information security is welcome to attend. Our meetings are informal and encourage open discussion of all aspects of application security. We invite attendees to give short presentations about specific topics. <br />
<br />
We have a mailing list at: https://groups.google.com/a/owasp.org/d/forum/tampa-chapter<br />
<br />
If you have any questions about the Tampa chapter, please send an email to the chapter leaders via the above mailing list:<br />
* [mailto:jon.singer@owasp.org Jonathan Singer] - Co-Leader<br />
* [mailto:sunny.wear@owasp.org Sunny Wear] - Co-Leader<br />
* Nestor Torres - Chapter Coordinator<br />
* Charlie Marval - Chapter Coordinator<br />
<br />
The Tampa chapter is sponsored by:<br />
We are looking for sponsors!<br />
<br />
Join the OWASP Tampa LinkedIn group [https://www.linkedin.com/groups/2897535/profile here]. <br />
<br />
Join the OWASP Tampa Facebook group [https://www.facebook.com/owasptampa/ here].<br />
<br />
A reminder that CISSPs can earn 1 CPE credit for every hour of attendance at OWASP meetings.<br />
|mailinglistsite=https://groups.google.com/a/owasp.org/d/forum/tampa-chapter<br />
=https://groups.google.com/a/owasp.org/d/forum/tampa-chapter<br />
}}<br />
<br />
== Next Meeting ==<br />
<br />
Date:<br />
<br />
* Friday, December 6, 2019 <br />
<br />
Time:<br />
<br />
* 8:00am - 5:00pm <br />
<br />
Description:<br />
<br />
* OWASP Tampa Day 2109<br />
<br />
Location:<br />
* '''Wild Rover Brewery''' 13921 Lynmar Blvd Tampa, FL 33626<br />
Registration: https://owasp-tampa-day-2019.eventbrite.com<br />
<br />
AGENDA:<br />
Speakers<br />
Games<br />
Career Advice<br />
Networking<br />
<br />
DESCRIPTION: <br />
<br />
Join us for OWASP Tampa Day 2019! Speakers and topics to be announced soon!<br />
<br />
== Meeting Location ==<br />
<br />
Location:<br />
<br />
The Undercroft 1320 E. 9th AveTampa, FL 33605<br />
<br />
== Presentation Archives ==<br />
<br />
2019-Q1 - Application Security in an Ever Changing Digital Landscape - Trace Hollifield - Presentation Slides [[:File:Dev Sec Ops 2019-03.pdf|here]]<br />
<br />
2016-Q4 - Mark Villinski, Kaspersky - Unlock the Key to Repel Ransomware, Major General Oleg D. Kalugin, Formerly with KGB and author of "Spymaster", John Ford- Defend Trade Secrets Act of 2016, Steve Obeck, Tanium- Security Hygiene, Jeremy Rasmussen, Cybersecurity Director of Abacode - “Incident Response and Investigations: Tales from the Trenches”<br />
<br />
2016-Q3 - Red Team Operating in a modern environment - Jonathan Echavarria - Presentation Slides [https://www.owasp.org/images/4/4b/Red_Team_Operating_in_a_Modern_Environment.pdf here]<br />
<br />
2016-Q2 - OpenSAMM Software Assurance Maturity Model - Eoin Fitzpatrick - Presentation Slides [https://www.owasp.org/images/b/bd/OpenSAMM_Overview.pdf here]<br />
<br />
2016-Q1 - AppSec Pipeline: Application Security in a world of Agile Development, Continuous Change and DevOps - Doug Morato - Presentation Slides [https://www.owasp.org/images/e/ef/OWASP_Tampa_-_02_19_2016_-_AppSec_Pipeline.pdf here]<br />
<br />
2015-Q4 - Care & Feeding of Programmers-Addressing App Sec Gaps with Headers - Sunny Wear - Presentation Slides [https://www.owasp.org/images/d/d3/Care_%26_Feeding_of_Programmers_-Addressing_App_Sec_Gaps_with_Headers.pdf here]<br />
<br />
2015-Q4 - Secure Session Management - Brian Beaudry - Presentation Slides [http://www.slideshare.net/gpsec/secure-session-management here]<br />
<br />
OWASP Tampa Day 2014 - Shadow IT Does Not Have To Be Shady - Scott VanWart - Presentation Slides [https://www.owasp.org/images/b/b8/OTD_2014_-_Shadow-IT-Shady-FINAL.pdf here]<br />
<br />
OWASP Tampa Day 2014 - Offensive Mobile Forensics - Joey Peloquin - Presentation Slides [https://www.owasp.org/images/0/06/OTD_2014_-_OMF_GPS.pdf here]<br />
<br />
OWASP Tampa Day 2014 - OWASP Top 10 for MVC 4 and Greater - James Davis - Presentation Slides [https://www.owasp.org/images/c/cb/OTD_2014_-_OWASPTop10forMVC.pdf here]<br />
<br />
OWASP Tampa Day 2014 - Application Centric Mobile Application Security Model - Daniel Bender - Presentation Slides [https://www.owasp.org/images/4/42/OTD_2014_-_owasp-mobile.pdf here]<br />
<br />
OWASP Tampa Day 2014 - Intern down for what? - Tony Turner - Presentation Slides [https://www.owasp.org/images/0/05/InternDown4What_edit.pdf here]<br />
<br />
2014-Q3 - Do we really know the OWASP Top 10? - Jon Singer - Presentation Slides [https://www.owasp.org/images/3/34/Do_we_really_know_the_OWASP_Top_10.pdf here]<br />
<br />
2014-Q1 - Herding Cats - Carl Brothers - Presentation Slides [https://www.owasp.org/images/f/fc/Herding_Cats_-_OWASP%2C_Tampa_3-12-2014.pdf here]<br />
<br />
2014-Q1 - The Enemy Within - Ramece Cave - Presentation Slides [https://www.owasp.org/images/c/c2/TheEnemyWithin.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Securing Your Applications' Data With Web Application Firewalls - Dennis K. Usle - Presentation Slides [https://www.owasp.org/images/b/b7/Securing_your_Applications_%26_Data_With_Web_Application_Firewalls.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Bring Your Own Service - Doug Maul - Presentation Slides [https://www.owasp.org/images/e/e2/Bring_Your_Own_Service.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Design Consideration & Guiding Principles for Implementing Cloud Security - Bill Sterns - Presentation Slides [https://www.owasp.org/images/4/47/Design_considerations_and_Guiding_Principles_for_Implementing_Cloud_Security.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Let's Get Right To The Endpoint - Mel Pless - Presentation Slides [https://www.owasp.org/images/e/e5/Let%E2%80%99s_Get_Right_To_The_Endpoint.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Vulnerability Management That Works - Tony Turner - Presentation Slides [https://www.owasp.org/images/2/2f/Vulnerability_Management_That_Works.pdf here]<br />
<br />
2012-Q3 - Taming the B.E.A.S.T. - Richard Newman - Presentation Slides [https://www.owasp.org/images/1/10/Taming_the_B.E.A.S.T..pdf here]<br />
<br />
OWASP Tampa Day 2012 - Changing the Game - Jason Kent - Presentation Slides [https://www.owasp.org/images/0/04/OWASP_Changing_the_Game_-_Jason_Kent.pdf here]<br />
<br />
OWASP Tampa Day 2012 - MDM Technical Presentation - Keith Katz - Presentation Slides [https://www.owasp.org/images/a/a4/Zenprise_Technical_Presentation_-_Keith_Katz.pdf here]<br />
<br />
OWASP Tampa Day 2012 - Federated Identities in the Real World - Nathan Sargent - Presentation Slides [https://www.owasp.org/images/7/78/Federated_Identities_in_the_Real_World_-_Nathan_Sargent.pdf here]<br />
<br />
OWASP Tampa Day 2012 - Define and Optimize Your Approach to Application Security - Bruce Jenkins - Presentation Slides [https://www.owasp.org/images/8/8a/Define_and_Optimize_Your_Approach_to_Application_Security_-_Bruce_Jenkins.pdf here]<br />
<br />
OWASP Tampa Day 2012 - Anonymous: Lessons Learned - Bill Church - Presentation Slides [https://www.owasp.org/images/a/a1/Anonymous_-_Lessons_Learned_-_Bill_Church.pdf here]<br />
<br />
2012-Q1 - Protecting Against SQLi in Real-Time - Stuart Hancock - Presentation Slides [https://www.owasp.org/index.php/File:DBN-OWASP_Presentation.pdf here]<br />
<br />
2011-Q4 - How Not to Build Android Apps - Jack Mannino - Presentation Slides [https://www.owasp.org/images/8/86/HowNotToBuildAndroidApps2.pdf here]<br />
<br />
2011-Q4 - Behind Enemy Lines: Practical & Triage Approaches to Mobile Security Abroad - Justin Morehouse - Presentation Slides [http://www.slideshare.net/mascasa/behind-enemy-lines-practical-triage-approaches-to-mobile-security-abroad here] <br />
<br />
2011-Q3 - Hiding in Plain Sight - Ramece Cave - Presentation Slides [https://www.owasp.org/images/2/28/Hiding_in_Plain_Sight.pdf here] <br />
<br />
2011-Q3 - PCI Compliance 2.0 - Kate Mullin - Presentation Slides [https://www.owasp.org/images/6/67/PCI_Compliance_9_2011.pdf here] <br />
<br />
OWASP Tampa Day 2011 - PCI for Developers: Lessons from the Real World - Trevor Hawthorn - Presentation Slides [https://www.owasp.org/images/f/f7/OTD2011-TH.pdf here] <br />
<br />
OWASP Tampa Day 2011 - Top Website Vulnerabilities: Trends, Business Effects and How to Fight Them - Rinaldi Rampen - Presentation Slides [https://www.owasp.org/images/a/aa/OTD2011-RR.pdf here] <br />
<br />
OWASP Tampa Day 2011 - How to Defend the Universe from Evil-doers: A Guide for Software Developers and Security Teams - Bruce Jenkins - Presentation Slides [https://www.owasp.org/images/1/12/OTD2011-BJ.pdf here] <br />
<br />
OWASP Tampa Day 2011 - Analysis of Deadly Combination of XSS and CSRF - Sherif Koussa - Presentation Slides [https://www.owasp.org/images/8/8c/OTD2011-SK.pdf here] <br />
<br />
2011-Q1 - Real Lessons of Deploying Static Analysis in Development Groups - Jeff LoSapio - Presentation Slides [http://www.owasp.org/images/3/3b/TampaOWASP_March2011.pdf here] <br />
<br />
2011-Q1 - Intelligence Gathering for Penetration Testers: Opening Doors with Metadata - Chris Patten - Presentation Slides [http://www.owasp.org/images/a/ae/Intel_pen_owasp_Q1_2011.pdf here] <br />
<br />
2011-Q1 - Vulnerability Management in an IPv6 World - Richard Newman &amp; Brett McKinney - Presentation Slides [http://www.owasp.org/images/f/fa/Vulnerability_Scanning_in_an_IPv6_World.pdf here] <br />
<br />
2010-Q4 - Nessus Bridge for Metasploit - Zate Berg - Presentation Slides [http://www.scribd.com/doc/41173753/Nessus-Bridge-for-Metasploit here] <br />
<br />
2010-Q2 - Stealing Guests...The VMware Way - Justin Morehouse &amp; Tony Flick - Presentation slides [http://www.fyrmassociates.com/pdfs/Stealing_Guests_The_VMware_Way-ShmooCon2010.pdf here] <br />
<br />
2010-Q1 - The New World of Smartphone Security - Trevor Hawthorn - Presentation slides [http://www.stratumsec.net/sites/default/files/Stratum%20Security-The%20New%20World%20of%20Smartphone%20Security-Shmoocon%202010.pdf here] <br />
<br />
2009-Q3 - Hacking the Smart Grid - Tony Flick - Presentation slides [http://www.owasp.org/images/d/df/HackingTheSmartGrid-OWASP_Tampa.pdf here] <br />
<br />
2009-Q2 - Open SAMM - Zate Berg - Presentation slides [https://www.owasp.org/images/c/c3/Software_Assurance_Maturity_Model.pdf here] <br />
<br />
2009-Q1 - XSS Anonymous Browser - Matt Flick - Presentation slides [https://www.owasp.org/images/b/bb/BlackHat-DC-09-Flick-XAB_Slides.pdf here] <br />
<br />
2008-Q4 - Google Code Search&nbsp;: The pitfalls of Copy/Paste - Tony Flick - Presentation slides [https://www.owasp.org/images/5/5b/GoogleCodeSearch.pdf here] <br />
<br />
[[Category:OWASP_Chapter]]<br />
[[Category:United States]]<br />
[[Category:Florida]]</div>Sunny Wearhttps://wiki.owasp.org/index.php?title=Tampa&diff=251028Tampa2019-05-03T20:04:17Z<p>Sunny Wear: /* Next Meeting */ Q3 meeting details</p>
<hr />
<div>{{Chapter Template|chaptername=Tampa|extra=Anyone in our area interested in information security is welcome to attend. Our meetings are informal and encourage open discussion of all aspects of application security. We invite attendees to give short presentations about specific topics. <br />
<br />
We have a mailing list at: https://lists.owasp.org/mailman/listinfo/owasp-tampa <br />
<br />
If you have any questions about the Tampa chapter, please send an email to the chapter leaders via the above mailing list:<br />
* [mailto:jon.singer@owasp.org Jonathan Singer] - Co-Leader<br />
* [mailto:sunny.wear@owasp.org Sunny Wear] - Co-Leader<br />
* Nestor Torres - Chapter Coordinator<br />
* Charlie Marval - Chapter Coordinator<br />
<br />
The Tampa chapter is sponsored by:<br />
We are looking for sponsors!<br />
<br />
Join the OWASP Tampa LinkedIn group [https://www.linkedin.com/groups/2897535/profile here]. <br />
<br />
Join the OWASP Tampa Facebook group [https://www.facebook.com/owasptampa/ here].<br />
<br />
A reminder that CISSPs can earn 1 CPE credit for every hour of attendance at OWASP meetings.<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-tampa|emailarchives=http://lists.owasp.org/pipermail/owasp-tampa}}<br />
<br />
== Next Meeting ==<br />
<br />
Date:<br />
<br />
* Thursday evening, June 27, 2019 <br />
<br />
Time:<br />
<br />
* 6:00pm - 9:00pm <br />
<br />
Description:<br />
<br />
* OWASP Tampa Chapter Q3 Meeting <br />
<br />
Location:<br />
* '''The Undercroft''' 1320 E. 9th Ave Tampa, FL 33605<br />
Registration: https://web.securityinnovation.com/owasp-tampa2019<br />
<br />
Presentation: Security Innovation's CMD+CTRL Cyber Range<br />
<br />
Sponsor: Security Innovation<br />
<br />
TOPIC: CTF <br />
<br />
DESCRIPTION: <br />
<br />
'''Security Innovation''' is proud to partner with '''OWASP Tampa''' to offer attendees a fun "find the vulnerabilities" game that shows how hackers break into websites and teaches the importance of secure coding habits. <br />
<br />
The game features CMD+CTRL [https://www.securityinnovation.com/training/cmd-ctrl-cyber-range-security-training/cyber-range-suite/cmdctrl-cyber-range-shadow-bank/ '''ShadowBank'''], a web application cyber range where players compete to find vulnerabilities, score points, and move up the leaderboard. Leveraging cheat sheets, attack tables, and expert led training sessions, players can create fake accounts, transfer funds, buy and sell stocks, and other nefarious acts.<br />
<br />
'''Just bring your computer and evil inner-doer and you are ready to roll!'''<br />
<br />
== Meeting Location ==<br />
<br />
Location:<br />
<br />
The Undercroft 1320 E. 9th AveTampa, FL 33605<br />
<br />
== Presentation Archives ==<br />
<br />
2019-Q1 - Application Security in an Ever Changing Digital Landscape - Trace Hollifield - Presentation Slides [[:File:Dev Sec Ops 2019-03.pdf|here]]<br />
<br />
2016-Q4 - Mark Villinski, Kaspersky - Unlock the Key to Repel Ransomware, Major General Oleg D. Kalugin, Formerly with KGB and author of "Spymaster", John Ford- Defend Trade Secrets Act of 2016, Steve Obeck, Tanium- Security Hygiene, Jeremy Rasmussen, Cybersecurity Director of Abacode - “Incident Response and Investigations: Tales from the Trenches”<br />
<br />
2016-Q3 - Red Team Operating in a modern environment - Jonathan Echavarria - Presentation Slides [https://www.owasp.org/images/4/4b/Red_Team_Operating_in_a_Modern_Environment.pdf here]<br />
<br />
2016-Q2 - OpenSAMM Software Assurance Maturity Model - Eoin Fitzpatrick - Presentation Slides [https://www.owasp.org/images/b/bd/OpenSAMM_Overview.pdf here]<br />
<br />
2016-Q1 - AppSec Pipeline: Application Security in a world of Agile Development, Continuous Change and DevOps - Doug Morato - Presentation Slides [https://www.owasp.org/images/e/ef/OWASP_Tampa_-_02_19_2016_-_AppSec_Pipeline.pdf here]<br />
<br />
2015-Q4 - Care & Feeding of Programmers-Addressing App Sec Gaps with Headers - Sunny Wear - Presentation Slides [https://www.owasp.org/images/d/d3/Care_%26_Feeding_of_Programmers_-Addressing_App_Sec_Gaps_with_Headers.pdf here]<br />
<br />
2015-Q4 - Secure Session Management - Brian Beaudry - Presentation Slides [http://www.slideshare.net/gpsec/secure-session-management here]<br />
<br />
OWASP Tampa Day 2014 - Shadow IT Does Not Have To Be Shady - Scott VanWart - Presentation Slides [https://www.owasp.org/images/b/b8/OTD_2014_-_Shadow-IT-Shady-FINAL.pdf here]<br />
<br />
OWASP Tampa Day 2014 - Offensive Mobile Forensics - Joey Peloquin - Presentation Slides [https://www.owasp.org/images/0/06/OTD_2014_-_OMF_GPS.pdf here]<br />
<br />
OWASP Tampa Day 2014 - OWASP Top 10 for MVC 4 and Greater - James Davis - Presentation Slides [https://www.owasp.org/images/c/cb/OTD_2014_-_OWASPTop10forMVC.pdf here]<br />
<br />
OWASP Tampa Day 2014 - Application Centric Mobile Application Security Model - Daniel Bender - Presentation Slides [https://www.owasp.org/images/4/42/OTD_2014_-_owasp-mobile.pdf here]<br />
<br />
OWASP Tampa Day 2014 - Intern down for what? - Tony Turner - Presentation Slides [https://www.owasp.org/images/0/05/InternDown4What_edit.pdf here]<br />
<br />
2014-Q3 - Do we really know the OWASP Top 10? - Jon Singer - Presentation Slides [https://www.owasp.org/images/3/34/Do_we_really_know_the_OWASP_Top_10.pdf here]<br />
<br />
2014-Q1 - Herding Cats - Carl Brothers - Presentation Slides [https://www.owasp.org/images/f/fc/Herding_Cats_-_OWASP%2C_Tampa_3-12-2014.pdf here]<br />
<br />
2014-Q1 - The Enemy Within - Ramece Cave - Presentation Slides [https://www.owasp.org/images/c/c2/TheEnemyWithin.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Securing Your Applications' Data With Web Application Firewalls - Dennis K. Usle - Presentation Slides [https://www.owasp.org/images/b/b7/Securing_your_Applications_%26_Data_With_Web_Application_Firewalls.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Bring Your Own Service - Doug Maul - Presentation Slides [https://www.owasp.org/images/e/e2/Bring_Your_Own_Service.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Design Consideration & Guiding Principles for Implementing Cloud Security - Bill Sterns - Presentation Slides [https://www.owasp.org/images/4/47/Design_considerations_and_Guiding_Principles_for_Implementing_Cloud_Security.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Let's Get Right To The Endpoint - Mel Pless - Presentation Slides [https://www.owasp.org/images/e/e5/Let%E2%80%99s_Get_Right_To_The_Endpoint.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Vulnerability Management That Works - Tony Turner - Presentation Slides [https://www.owasp.org/images/2/2f/Vulnerability_Management_That_Works.pdf here]<br />
<br />
2012-Q3 - Taming the B.E.A.S.T. - Richard Newman - Presentation Slides [https://www.owasp.org/images/1/10/Taming_the_B.E.A.S.T..pdf here]<br />
<br />
OWASP Tampa Day 2012 - Changing the Game - Jason Kent - Presentation Slides [https://www.owasp.org/images/0/04/OWASP_Changing_the_Game_-_Jason_Kent.pdf here]<br />
<br />
OWASP Tampa Day 2012 - MDM Technical Presentation - Keith Katz - Presentation Slides [https://www.owasp.org/images/a/a4/Zenprise_Technical_Presentation_-_Keith_Katz.pdf here]<br />
<br />
OWASP Tampa Day 2012 - Federated Identities in the Real World - Nathan Sargent - Presentation Slides [https://www.owasp.org/images/7/78/Federated_Identities_in_the_Real_World_-_Nathan_Sargent.pdf here]<br />
<br />
OWASP Tampa Day 2012 - Define and Optimize Your Approach to Application Security - Bruce Jenkins - Presentation Slides [https://www.owasp.org/images/8/8a/Define_and_Optimize_Your_Approach_to_Application_Security_-_Bruce_Jenkins.pdf here]<br />
<br />
OWASP Tampa Day 2012 - Anonymous: Lessons Learned - Bill Church - Presentation Slides [https://www.owasp.org/images/a/a1/Anonymous_-_Lessons_Learned_-_Bill_Church.pdf here]<br />
<br />
2012-Q1 - Protecting Against SQLi in Real-Time - Stuart Hancock - Presentation Slides [https://www.owasp.org/index.php/File:DBN-OWASP_Presentation.pdf here]<br />
<br />
2011-Q4 - How Not to Build Android Apps - Jack Mannino - Presentation Slides [https://www.owasp.org/images/8/86/HowNotToBuildAndroidApps2.pdf here]<br />
<br />
2011-Q4 - Behind Enemy Lines: Practical & Triage Approaches to Mobile Security Abroad - Justin Morehouse - Presentation Slides [http://www.slideshare.net/mascasa/behind-enemy-lines-practical-triage-approaches-to-mobile-security-abroad here] <br />
<br />
2011-Q3 - Hiding in Plain Sight - Ramece Cave - Presentation Slides [https://www.owasp.org/images/2/28/Hiding_in_Plain_Sight.pdf here] <br />
<br />
2011-Q3 - PCI Compliance 2.0 - Kate Mullin - Presentation Slides [https://www.owasp.org/images/6/67/PCI_Compliance_9_2011.pdf here] <br />
<br />
OWASP Tampa Day 2011 - PCI for Developers: Lessons from the Real World - Trevor Hawthorn - Presentation Slides [https://www.owasp.org/images/f/f7/OTD2011-TH.pdf here] <br />
<br />
OWASP Tampa Day 2011 - Top Website Vulnerabilities: Trends, Business Effects and How to Fight Them - Rinaldi Rampen - Presentation Slides [https://www.owasp.org/images/a/aa/OTD2011-RR.pdf here] <br />
<br />
OWASP Tampa Day 2011 - How to Defend the Universe from Evil-doers: A Guide for Software Developers and Security Teams - Bruce Jenkins - Presentation Slides [https://www.owasp.org/images/1/12/OTD2011-BJ.pdf here] <br />
<br />
OWASP Tampa Day 2011 - Analysis of Deadly Combination of XSS and CSRF - Sherif Koussa - Presentation Slides [https://www.owasp.org/images/8/8c/OTD2011-SK.pdf here] <br />
<br />
2011-Q1 - Real Lessons of Deploying Static Analysis in Development Groups - Jeff LoSapio - Presentation Slides [http://www.owasp.org/images/3/3b/TampaOWASP_March2011.pdf here] <br />
<br />
2011-Q1 - Intelligence Gathering for Penetration Testers: Opening Doors with Metadata - Chris Patten - Presentation Slides [http://www.owasp.org/images/a/ae/Intel_pen_owasp_Q1_2011.pdf here] <br />
<br />
2011-Q1 - Vulnerability Management in an IPv6 World - Richard Newman &amp; Brett McKinney - Presentation Slides [http://www.owasp.org/images/f/fa/Vulnerability_Scanning_in_an_IPv6_World.pdf here] <br />
<br />
2010-Q4 - Nessus Bridge for Metasploit - Zate Berg - Presentation Slides [http://www.scribd.com/doc/41173753/Nessus-Bridge-for-Metasploit here] <br />
<br />
2010-Q2 - Stealing Guests...The VMware Way - Justin Morehouse &amp; Tony Flick - Presentation slides [http://www.fyrmassociates.com/pdfs/Stealing_Guests_The_VMware_Way-ShmooCon2010.pdf here] <br />
<br />
2010-Q1 - The New World of Smartphone Security - Trevor Hawthorn - Presentation slides [http://www.stratumsec.net/sites/default/files/Stratum%20Security-The%20New%20World%20of%20Smartphone%20Security-Shmoocon%202010.pdf here] <br />
<br />
2009-Q3 - Hacking the Smart Grid - Tony Flick - Presentation slides [http://www.owasp.org/images/d/df/HackingTheSmartGrid-OWASP_Tampa.pdf here] <br />
<br />
2009-Q2 - Open SAMM - Zate Berg - Presentation slides [https://www.owasp.org/images/c/c3/Software_Assurance_Maturity_Model.pdf here] <br />
<br />
2009-Q1 - XSS Anonymous Browser - Matt Flick - Presentation slides [https://www.owasp.org/images/b/bb/BlackHat-DC-09-Flick-XAB_Slides.pdf here] <br />
<br />
2008-Q4 - Google Code Search&nbsp;: The pitfalls of Copy/Paste - Tony Flick - Presentation slides [https://www.owasp.org/images/5/5b/GoogleCodeSearch.pdf here] <br />
<br />
[[Category:OWASP_Chapter]]<br />
[[Category:United States]]<br />
[[Category:Florida]]</div>Sunny Wearhttps://wiki.owasp.org/index.php?title=Tampa&diff=247275Tampa2019-02-11T13:42:36Z<p>Sunny Wear: /* Next Meeting */ Updated topic and description for Q1 meeting.</p>
<hr />
<div>{{Chapter Template|chaptername=Tampa|extra=Anyone in our area interested in information security is welcome to attend. Our meetings are informal and encourage open discussion of all aspects of application security. We invite attendees to give short presentations about specific topics. <br />
<br />
We have a mailing list at: https://lists.owasp.org/mailman/listinfo/owasp-tampa <br />
<br />
If you have any questions about the Tampa chapter, please send an email to the chapter leaders via the above mailing list:<br />
* [mailto:jon.singer@owasp.org Jonathan Singer] - Co-Leader<br />
* [mailto:sunny.wear@owasp.org Sunny Wear] - Co-Leader<br />
* Nestor Torres - Chapter Coordinator<br />
* Charlie Marval - Chapter Coordinator<br />
<br />
The Tampa chapter is sponsored by:<br />
We are looking for sponsors!<br />
<br />
Join the OWASP Tampa LinkedIn group [https://www.linkedin.com/groups/2897535/profile here]. <br />
<br />
Join the OWASP Tampa Facebook group [https://www.facebook.com/owasptampa/ here].<br />
<br />
A reminder that CISSPs can earn 1 CPE credit for every hour of attendance at OWASP meetings.<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-tampa|emailarchives=http://lists.owasp.org/pipermail/owasp-tampa}}<br />
<br />
== Next Meeting ==<br />
<br />
Date:<br />
<br />
* Friday, March 8, 2019 <br />
<br />
Time:<br />
<br />
* 11:30am - 1:00pm <br />
<br />
Description:<br />
<br />
* OWASP Tampa Chapter Q1 Meeting <br />
<br />
Location:<br />
* ISC2 Campus, 311 Park Place Blvd, Clearwater, FL 33759<br />
Tickets:<br />
* https://owasp-tpa-q1-2019.eventbrite.com<br />
Presentation<br />
<br />
SPEAKERS: MicroFocus: Trace Hollifield<br />
<br />
TOPIC: Securing DevOps<br />
<br />
DESCRIPTION: Vulnerabilities plague hardware, software and applications alike. With the pace of development increasing, companies continue to add risk into the production environment. Security professionals need to help the software development lifecycle reduce risk without impeding the timeline. The big question is…how? <br />
<br />
== Meeting Location ==<br />
<br />
Location:<br />
<br />
ISC2 Campus, 311 Park Place Blvd, Clearwater, FL 33759<br />
<br />
== Presentation Archives ==<br />
<br />
2016-Q4 - Mark Villinski, Kaspersky - Unlock the Key to Repel Ransomware, Major General Oleg D. Kalugin, Formerly with KGB and author of "Spymaster", John Ford- Defend Trade Secrets Act of 2016, Steve Obeck, Tanium- Security Hygiene, Jeremy Rasmussen, Cybersecurity Director of Abacode - “Incident Response and Investigations: Tales from the Trenches”<br />
<br />
2016-Q3 - Red Team Operating in a modern environment - Jonathan Echavarria - Presentation Slides [https://www.owasp.org/images/4/4b/Red_Team_Operating_in_a_Modern_Environment.pdf here]<br />
<br />
2016-Q2 - OpenSAMM Software Assurance Maturity Model - Eoin Fitzpatrick - Presentation Slides [https://www.owasp.org/images/b/bd/OpenSAMM_Overview.pdf here]<br />
<br />
2016-Q1 - AppSec Pipeline: Application Security in a world of Agile Development, Continuous Change and DevOps - Doug Morato - Presentation Slides [https://www.owasp.org/images/e/ef/OWASP_Tampa_-_02_19_2016_-_AppSec_Pipeline.pdf here]<br />
<br />
2015-Q4 - Care & Feeding of Programmers-Addressing App Sec Gaps with Headers - Sunny Wear - Presentation Slides [https://www.owasp.org/images/d/d3/Care_%26_Feeding_of_Programmers_-Addressing_App_Sec_Gaps_with_Headers.pdf here]<br />
<br />
2015-Q4 - Secure Session Management - Brian Beaudry - Presentation Slides [http://www.slideshare.net/gpsec/secure-session-management here]<br />
<br />
OWASP Tampa Day 2014 - Shadow IT Does Not Have To Be Shady - Scott VanWart - Presentation Slides [https://www.owasp.org/images/b/b8/OTD_2014_-_Shadow-IT-Shady-FINAL.pdf here]<br />
<br />
OWASP Tampa Day 2014 - Offensive Mobile Forensics - Joey Peloquin - Presentation Slides [https://www.owasp.org/images/0/06/OTD_2014_-_OMF_GPS.pdf here]<br />
<br />
OWASP Tampa Day 2014 - OWASP Top 10 for MVC 4 and Greater - James Davis - Presentation Slides [https://www.owasp.org/images/c/cb/OTD_2014_-_OWASPTop10forMVC.pdf here]<br />
<br />
OWASP Tampa Day 2014 - Application Centric Mobile Application Security Model - Daniel Bender - Presentation Slides [https://www.owasp.org/images/4/42/OTD_2014_-_owasp-mobile.pdf here]<br />
<br />
OWASP Tampa Day 2014 - Intern down for what? - Tony Turner - Presentation Slides [https://www.owasp.org/images/0/05/InternDown4What_edit.pdf here]<br />
<br />
2014-Q3 - Do we really know the OWASP Top 10? - Jon Singer - Presentation Slides [https://www.owasp.org/images/3/34/Do_we_really_know_the_OWASP_Top_10.pdf here]<br />
<br />
2014-Q1 - Herding Cats - Carl Brothers - Presentation Slides [https://www.owasp.org/images/f/fc/Herding_Cats_-_OWASP%2C_Tampa_3-12-2014.pdf here]<br />
<br />
2014-Q1 - The Enemy Within - Ramece Cave - Presentation Slides [https://www.owasp.org/images/c/c2/TheEnemyWithin.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Securing Your Applications' Data With Web Application Firewalls - Dennis K. Usle - Presentation Slides [https://www.owasp.org/images/b/b7/Securing_your_Applications_%26_Data_With_Web_Application_Firewalls.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Bring Your Own Service - Doug Maul - Presentation Slides [https://www.owasp.org/images/e/e2/Bring_Your_Own_Service.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Design Consideration & Guiding Principles for Implementing Cloud Security - Bill Sterns - Presentation Slides [https://www.owasp.org/images/4/47/Design_considerations_and_Guiding_Principles_for_Implementing_Cloud_Security.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Let's Get Right To The Endpoint - Mel Pless - Presentation Slides [https://www.owasp.org/images/e/e5/Let%E2%80%99s_Get_Right_To_The_Endpoint.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Vulnerability Management That Works - Tony Turner - Presentation Slides [https://www.owasp.org/images/2/2f/Vulnerability_Management_That_Works.pdf here]<br />
<br />
2012-Q3 - Taming the B.E.A.S.T. - Richard Newman - Presentation Slides [https://www.owasp.org/images/1/10/Taming_the_B.E.A.S.T..pdf here]<br />
<br />
OWASP Tampa Day 2012 - Changing the Game - Jason Kent - Presentation Slides [https://www.owasp.org/images/0/04/OWASP_Changing_the_Game_-_Jason_Kent.pdf here]<br />
<br />
OWASP Tampa Day 2012 - MDM Technical Presentation - Keith Katz - Presentation Slides [https://www.owasp.org/images/a/a4/Zenprise_Technical_Presentation_-_Keith_Katz.pdf here]<br />
<br />
OWASP Tampa Day 2012 - Federated Identities in the Real World - Nathan Sargent - Presentation Slides [https://www.owasp.org/images/7/78/Federated_Identities_in_the_Real_World_-_Nathan_Sargent.pdf here]<br />
<br />
OWASP Tampa Day 2012 - Define and Optimize Your Approach to Application Security - Bruce Jenkins - Presentation Slides [https://www.owasp.org/images/8/8a/Define_and_Optimize_Your_Approach_to_Application_Security_-_Bruce_Jenkins.pdf here]<br />
<br />
OWASP Tampa Day 2012 - Anonymous: Lessons Learned - Bill Church - Presentation Slides [https://www.owasp.org/images/a/a1/Anonymous_-_Lessons_Learned_-_Bill_Church.pdf here]<br />
<br />
2012-Q1 - Protecting Against SQLi in Real-Time - Stuart Hancock - Presentation Slides [https://www.owasp.org/index.php/File:DBN-OWASP_Presentation.pdf here]<br />
<br />
2011-Q4 - How Not to Build Android Apps - Jack Mannino - Presentation Slides [https://www.owasp.org/images/8/86/HowNotToBuildAndroidApps2.pdf here]<br />
<br />
2011-Q4 - Behind Enemy Lines: Practical & Triage Approaches to Mobile Security Abroad - Justin Morehouse - Presentation Slides [http://www.slideshare.net/mascasa/behind-enemy-lines-practical-triage-approaches-to-mobile-security-abroad here] <br />
<br />
2011-Q3 - Hiding in Plain Sight - Ramece Cave - Presentation Slides [https://www.owasp.org/images/2/28/Hiding_in_Plain_Sight.pdf here] <br />
<br />
2011-Q3 - PCI Compliance 2.0 - Kate Mullin - Presentation Slides [https://www.owasp.org/images/6/67/PCI_Compliance_9_2011.pdf here] <br />
<br />
OWASP Tampa Day 2011 - PCI for Developers: Lessons from the Real World - Trevor Hawthorn - Presentation Slides [https://www.owasp.org/images/f/f7/OTD2011-TH.pdf here] <br />
<br />
OWASP Tampa Day 2011 - Top Website Vulnerabilities: Trends, Business Effects and How to Fight Them - Rinaldi Rampen - Presentation Slides [https://www.owasp.org/images/a/aa/OTD2011-RR.pdf here] <br />
<br />
OWASP Tampa Day 2011 - How to Defend the Universe from Evil-doers: A Guide for Software Developers and Security Teams - Bruce Jenkins - Presentation Slides [https://www.owasp.org/images/1/12/OTD2011-BJ.pdf here] <br />
<br />
OWASP Tampa Day 2011 - Analysis of Deadly Combination of XSS and CSRF - Sherif Koussa - Presentation Slides [https://www.owasp.org/images/8/8c/OTD2011-SK.pdf here] <br />
<br />
2011-Q1 - Real Lessons of Deploying Static Analysis in Development Groups - Jeff LoSapio - Presentation Slides [http://www.owasp.org/images/3/3b/TampaOWASP_March2011.pdf here] <br />
<br />
2011-Q1 - Intelligence Gathering for Penetration Testers: Opening Doors with Metadata - Chris Patten - Presentation Slides [http://www.owasp.org/images/a/ae/Intel_pen_owasp_Q1_2011.pdf here] <br />
<br />
2011-Q1 - Vulnerability Management in an IPv6 World - Richard Newman &amp; Brett McKinney - Presentation Slides [http://www.owasp.org/images/f/fa/Vulnerability_Scanning_in_an_IPv6_World.pdf here] <br />
<br />
2010-Q4 - Nessus Bridge for Metasploit - Zate Berg - Presentation Slides [http://www.scribd.com/doc/41173753/Nessus-Bridge-for-Metasploit here] <br />
<br />
2010-Q2 - Stealing Guests...The VMware Way - Justin Morehouse &amp; Tony Flick - Presentation slides [http://www.fyrmassociates.com/pdfs/Stealing_Guests_The_VMware_Way-ShmooCon2010.pdf here] <br />
<br />
2010-Q1 - The New World of Smartphone Security - Trevor Hawthorn - Presentation slides [http://www.stratumsec.net/sites/default/files/Stratum%20Security-The%20New%20World%20of%20Smartphone%20Security-Shmoocon%202010.pdf here] <br />
<br />
2009-Q3 - Hacking the Smart Grid - Tony Flick - Presentation slides [http://www.owasp.org/images/d/df/HackingTheSmartGrid-OWASP_Tampa.pdf here] <br />
<br />
2009-Q2 - Open SAMM - Zate Berg - Presentation slides [https://www.owasp.org/images/c/c3/Software_Assurance_Maturity_Model.pdf here] <br />
<br />
2009-Q1 - XSS Anonymous Browser - Matt Flick - Presentation slides [https://www.owasp.org/images/b/bb/BlackHat-DC-09-Flick-XAB_Slides.pdf here] <br />
<br />
2008-Q4 - Google Code Search&nbsp;: The pitfalls of Copy/Paste - Tony Flick - Presentation slides [https://www.owasp.org/images/5/5b/GoogleCodeSearch.pdf here] <br />
<br />
[[Category:OWASP_Chapter]]<br />
[[Category:United States]]<br />
[[Category:Florida]]</div>Sunny Wearhttps://wiki.owasp.org/index.php?title=Tampa&diff=246853Tampa2019-01-27T15:29:01Z<p>Sunny Wear: /* Next Meeting */ Q1 2019</p>
<hr />
<div>{{Chapter Template|chaptername=Tampa|extra=Anyone in our area interested in information security is welcome to attend. Our meetings are informal and encourage open discussion of all aspects of application security. We invite attendees to give short presentations about specific topics. <br />
<br />
We have a mailing list at: https://lists.owasp.org/mailman/listinfo/owasp-tampa <br />
<br />
If you have any questions about the Tampa chapter, please send an email to the chapter leaders via the above mailing list:<br />
* [mailto:jon.singer@owasp.org Jonathan Singer] - Co-Leader<br />
* [mailto:sunny.wear@owasp.org Sunny Wear] - Co-Leader<br />
* Nestor Torres - Chapter Coordinator<br />
* Charlie Marval - Chapter Coordinator<br />
<br />
The Tampa chapter is sponsored by:<br />
We are looking for sponsors!<br />
<br />
Join the OWASP Tampa LinkedIn group [https://www.linkedin.com/groups/2897535/profile here]. <br />
<br />
Join the OWASP Tampa Facebook group [https://www.facebook.com/owasptampa/ here].<br />
<br />
A reminder that CISSPs can earn 1 CPE credit for every hour of attendance at OWASP meetings.<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-tampa|emailarchives=http://lists.owasp.org/pipermail/owasp-tampa}}<br />
<br />
== Next Meeting ==<br />
<br />
Date:<br />
<br />
* Friday, March 8, 2019 <br />
<br />
Time:<br />
<br />
* 11:30am - 1:00pm <br />
<br />
Description:<br />
<br />
* OWASP Tampa Chapter Q1 Meeting <br />
<br />
Location:<br />
* ISC2 Campus, 311 Park Place Blvd, Clearwater, FL 33759<br />
Tickets:<br />
* https://owasp-tpa-q1-2019.eventbrite.com<br />
Presentation<br />
<br />
SPEAKERS: MicroFocus: Trace Hollifield<br />
<br />
TOPIC: TBD<br />
<br />
DESCRIPTION: TBD <br />
<br />
== Meeting Location ==<br />
<br />
Location:<br />
<br />
ISC2 Campus, 311 Park Place Blvd, Clearwater, FL 33759<br />
<br />
== Presentation Archives ==<br />
<br />
2016-Q4 - Mark Villinski, Kaspersky - Unlock the Key to Repel Ransomware, Major General Oleg D. Kalugin, Formerly with KGB and author of "Spymaster", John Ford- Defend Trade Secrets Act of 2016, Steve Obeck, Tanium- Security Hygiene, Jeremy Rasmussen, Cybersecurity Director of Abacode - “Incident Response and Investigations: Tales from the Trenches”<br />
<br />
2016-Q3 - Red Team Operating in a modern environment - Jonathan Echavarria - Presentation Slides [https://www.owasp.org/images/4/4b/Red_Team_Operating_in_a_Modern_Environment.pdf here]<br />
<br />
2016-Q2 - OpenSAMM Software Assurance Maturity Model - Eoin Fitzpatrick - Presentation Slides [https://www.owasp.org/images/b/bd/OpenSAMM_Overview.pdf here]<br />
<br />
2016-Q1 - AppSec Pipeline: Application Security in a world of Agile Development, Continuous Change and DevOps - Doug Morato - Presentation Slides [https://www.owasp.org/images/e/ef/OWASP_Tampa_-_02_19_2016_-_AppSec_Pipeline.pdf here]<br />
<br />
2015-Q4 - Care & Feeding of Programmers-Addressing App Sec Gaps with Headers - Sunny Wear - Presentation Slides [https://www.owasp.org/images/d/d3/Care_%26_Feeding_of_Programmers_-Addressing_App_Sec_Gaps_with_Headers.pdf here]<br />
<br />
2015-Q4 - Secure Session Management - Brian Beaudry - Presentation Slides [http://www.slideshare.net/gpsec/secure-session-management here]<br />
<br />
OWASP Tampa Day 2014 - Shadow IT Does Not Have To Be Shady - Scott VanWart - Presentation Slides [https://www.owasp.org/images/b/b8/OTD_2014_-_Shadow-IT-Shady-FINAL.pdf here]<br />
<br />
OWASP Tampa Day 2014 - Offensive Mobile Forensics - Joey Peloquin - Presentation Slides [https://www.owasp.org/images/0/06/OTD_2014_-_OMF_GPS.pdf here]<br />
<br />
OWASP Tampa Day 2014 - OWASP Top 10 for MVC 4 and Greater - James Davis - Presentation Slides [https://www.owasp.org/images/c/cb/OTD_2014_-_OWASPTop10forMVC.pdf here]<br />
<br />
OWASP Tampa Day 2014 - Application Centric Mobile Application Security Model - Daniel Bender - Presentation Slides [https://www.owasp.org/images/4/42/OTD_2014_-_owasp-mobile.pdf here]<br />
<br />
OWASP Tampa Day 2014 - Intern down for what? - Tony Turner - Presentation Slides [https://www.owasp.org/images/0/05/InternDown4What_edit.pdf here]<br />
<br />
2014-Q3 - Do we really know the OWASP Top 10? - Jon Singer - Presentation Slides [https://www.owasp.org/images/3/34/Do_we_really_know_the_OWASP_Top_10.pdf here]<br />
<br />
2014-Q1 - Herding Cats - Carl Brothers - Presentation Slides [https://www.owasp.org/images/f/fc/Herding_Cats_-_OWASP%2C_Tampa_3-12-2014.pdf here]<br />
<br />
2014-Q1 - The Enemy Within - Ramece Cave - Presentation Slides [https://www.owasp.org/images/c/c2/TheEnemyWithin.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Securing Your Applications' Data With Web Application Firewalls - Dennis K. Usle - Presentation Slides [https://www.owasp.org/images/b/b7/Securing_your_Applications_%26_Data_With_Web_Application_Firewalls.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Bring Your Own Service - Doug Maul - Presentation Slides [https://www.owasp.org/images/e/e2/Bring_Your_Own_Service.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Design Consideration & Guiding Principles for Implementing Cloud Security - Bill Sterns - Presentation Slides [https://www.owasp.org/images/4/47/Design_considerations_and_Guiding_Principles_for_Implementing_Cloud_Security.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Let's Get Right To The Endpoint - Mel Pless - Presentation Slides [https://www.owasp.org/images/e/e5/Let%E2%80%99s_Get_Right_To_The_Endpoint.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Vulnerability Management That Works - Tony Turner - Presentation Slides [https://www.owasp.org/images/2/2f/Vulnerability_Management_That_Works.pdf here]<br />
<br />
2012-Q3 - Taming the B.E.A.S.T. - Richard Newman - Presentation Slides [https://www.owasp.org/images/1/10/Taming_the_B.E.A.S.T..pdf here]<br />
<br />
OWASP Tampa Day 2012 - Changing the Game - Jason Kent - Presentation Slides [https://www.owasp.org/images/0/04/OWASP_Changing_the_Game_-_Jason_Kent.pdf here]<br />
<br />
OWASP Tampa Day 2012 - MDM Technical Presentation - Keith Katz - Presentation Slides [https://www.owasp.org/images/a/a4/Zenprise_Technical_Presentation_-_Keith_Katz.pdf here]<br />
<br />
OWASP Tampa Day 2012 - Federated Identities in the Real World - Nathan Sargent - Presentation Slides [https://www.owasp.org/images/7/78/Federated_Identities_in_the_Real_World_-_Nathan_Sargent.pdf here]<br />
<br />
OWASP Tampa Day 2012 - Define and Optimize Your Approach to Application Security - Bruce Jenkins - Presentation Slides [https://www.owasp.org/images/8/8a/Define_and_Optimize_Your_Approach_to_Application_Security_-_Bruce_Jenkins.pdf here]<br />
<br />
OWASP Tampa Day 2012 - Anonymous: Lessons Learned - Bill Church - Presentation Slides [https://www.owasp.org/images/a/a1/Anonymous_-_Lessons_Learned_-_Bill_Church.pdf here]<br />
<br />
2012-Q1 - Protecting Against SQLi in Real-Time - Stuart Hancock - Presentation Slides [https://www.owasp.org/index.php/File:DBN-OWASP_Presentation.pdf here]<br />
<br />
2011-Q4 - How Not to Build Android Apps - Jack Mannino - Presentation Slides [https://www.owasp.org/images/8/86/HowNotToBuildAndroidApps2.pdf here]<br />
<br />
2011-Q4 - Behind Enemy Lines: Practical & Triage Approaches to Mobile Security Abroad - Justin Morehouse - Presentation Slides [http://www.slideshare.net/mascasa/behind-enemy-lines-practical-triage-approaches-to-mobile-security-abroad here] <br />
<br />
2011-Q3 - Hiding in Plain Sight - Ramece Cave - Presentation Slides [https://www.owasp.org/images/2/28/Hiding_in_Plain_Sight.pdf here] <br />
<br />
2011-Q3 - PCI Compliance 2.0 - Kate Mullin - Presentation Slides [https://www.owasp.org/images/6/67/PCI_Compliance_9_2011.pdf here] <br />
<br />
OWASP Tampa Day 2011 - PCI for Developers: Lessons from the Real World - Trevor Hawthorn - Presentation Slides [https://www.owasp.org/images/f/f7/OTD2011-TH.pdf here] <br />
<br />
OWASP Tampa Day 2011 - Top Website Vulnerabilities: Trends, Business Effects and How to Fight Them - Rinaldi Rampen - Presentation Slides [https://www.owasp.org/images/a/aa/OTD2011-RR.pdf here] <br />
<br />
OWASP Tampa Day 2011 - How to Defend the Universe from Evil-doers: A Guide for Software Developers and Security Teams - Bruce Jenkins - Presentation Slides [https://www.owasp.org/images/1/12/OTD2011-BJ.pdf here] <br />
<br />
OWASP Tampa Day 2011 - Analysis of Deadly Combination of XSS and CSRF - Sherif Koussa - Presentation Slides [https://www.owasp.org/images/8/8c/OTD2011-SK.pdf here] <br />
<br />
2011-Q1 - Real Lessons of Deploying Static Analysis in Development Groups - Jeff LoSapio - Presentation Slides [http://www.owasp.org/images/3/3b/TampaOWASP_March2011.pdf here] <br />
<br />
2011-Q1 - Intelligence Gathering for Penetration Testers: Opening Doors with Metadata - Chris Patten - Presentation Slides [http://www.owasp.org/images/a/ae/Intel_pen_owasp_Q1_2011.pdf here] <br />
<br />
2011-Q1 - Vulnerability Management in an IPv6 World - Richard Newman &amp; Brett McKinney - Presentation Slides [http://www.owasp.org/images/f/fa/Vulnerability_Scanning_in_an_IPv6_World.pdf here] <br />
<br />
2010-Q4 - Nessus Bridge for Metasploit - Zate Berg - Presentation Slides [http://www.scribd.com/doc/41173753/Nessus-Bridge-for-Metasploit here] <br />
<br />
2010-Q2 - Stealing Guests...The VMware Way - Justin Morehouse &amp; Tony Flick - Presentation slides [http://www.fyrmassociates.com/pdfs/Stealing_Guests_The_VMware_Way-ShmooCon2010.pdf here] <br />
<br />
2010-Q1 - The New World of Smartphone Security - Trevor Hawthorn - Presentation slides [http://www.stratumsec.net/sites/default/files/Stratum%20Security-The%20New%20World%20of%20Smartphone%20Security-Shmoocon%202010.pdf here] <br />
<br />
2009-Q3 - Hacking the Smart Grid - Tony Flick - Presentation slides [http://www.owasp.org/images/d/df/HackingTheSmartGrid-OWASP_Tampa.pdf here] <br />
<br />
2009-Q2 - Open SAMM - Zate Berg - Presentation slides [https://www.owasp.org/images/c/c3/Software_Assurance_Maturity_Model.pdf here] <br />
<br />
2009-Q1 - XSS Anonymous Browser - Matt Flick - Presentation slides [https://www.owasp.org/images/b/bb/BlackHat-DC-09-Flick-XAB_Slides.pdf here] <br />
<br />
2008-Q4 - Google Code Search&nbsp;: The pitfalls of Copy/Paste - Tony Flick - Presentation slides [https://www.owasp.org/images/5/5b/GoogleCodeSearch.pdf here] <br />
<br />
[[Category:OWASP_Chapter]]<br />
[[Category:United States]]<br />
[[Category:Florida]]</div>Sunny Wearhttps://wiki.owasp.org/index.php?title=Tampa&diff=245915Tampa2018-12-10T17:32:15Z<p>Sunny Wear: updated speaker name</p>
<hr />
<div>{{Chapter Template|chaptername=Tampa|extra=Anyone in our area interested in information security is welcome to attend. Our meetings are informal and encourage open discussion of all aspects of application security. We invite attendees to give short presentations about specific topics. <br />
<br />
We have a mailing list at: https://lists.owasp.org/mailman/listinfo/owasp-tampa <br />
<br />
If you have any questions about the Tampa chapter, please send an email to the chapter leaders via the above mailing list:<br />
* [mailto:jon.singer@owasp.org Jonathan Singer] - Co-Leader<br />
* [mailto:sunny.wear@owasp.org Sunny Wear] - Co-Leader<br />
* Nestor Torres - Chapter Coordinator<br />
* Charlie Marval - Chapter Coordinator<br />
<br />
The Tampa chapter is sponsored by:<br />
We are looking for sponsors!<br />
<br />
Join the OWASP Tampa LinkedIn group [https://www.linkedin.com/groups/2897535/profile here]. <br />
<br />
Join the OWASP Tampa Facebook group [https://www.facebook.com/owasptampa/ here].<br />
<br />
A reminder that CISSPs can earn 1 CPE credit for every hour of attendance at OWASP meetings.<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-tampa|emailarchives=http://lists.owasp.org/pipermail/owasp-tampa}}<br />
<br />
== Next Meeting ==<br />
<br />
Date:<br />
<br />
* Friday, December 7, 2018 <br />
<br />
Time:<br />
<br />
* 11:30am - 1:00pm <br />
<br />
Description:<br />
<br />
* OWASP Tampa Chapter Q4 Meeting <br />
<br />
Location:<br />
* SecureSet Academy<br />
Tickets:<br />
<br />
* https://www.eventbrite.com/e/owasp-tampa-chapter-q4-lunch-n-learn-tickets-51422084840 <br />
<br />
== Presentation ==<br />
<br />
SPEAKERS: White Source Software: Marlene Williams<br />
<br />
TOPIC: Tackling the Risks of Open Source Security: 5 Things You Need to Know<br />
<br />
DESCRIPTION: Open Source has become the key building block for application development in today's market, where companies are under constant pressure to accelerate time to market. The increasing adoption of open source components, however, has introduced new security challenges that most teams are not prepared to mitigate in their current posture. <br />
<br />
In this session, we will present best practices that security teams should implement in order to enable their developers to harness the power of open source without slowing them down or compromising on security.<br />
<br />
== Meeting Location ==<br />
<br />
Location:<br />
<br />
TBA<br />
<br />
== Presentation Archives ==<br />
<br />
2016-Q4 - Mark Villinski, Kaspersky - Unlock the Key to Repel Ransomware, Major General Oleg D. Kalugin, Formerly with KGB and author of "Spymaster", John Ford- Defend Trade Secrets Act of 2016, Steve Obeck, Tanium- Security Hygiene, Jeremy Rasmussen, Cybersecurity Director of Abacode - “Incident Response and Investigations: Tales from the Trenches”<br />
<br />
2016-Q3 - Red Team Operating in a modern environment - Jonathan Echavarria - Presentation Slides [https://www.owasp.org/images/4/4b/Red_Team_Operating_in_a_Modern_Environment.pdf here]<br />
<br />
2016-Q2 - OpenSAMM Software Assurance Maturity Model - Eoin Fitzpatrick - Presentation Slides [https://www.owasp.org/images/b/bd/OpenSAMM_Overview.pdf here]<br />
<br />
2016-Q1 - AppSec Pipeline: Application Security in a world of Agile Development, Continuous Change and DevOps - Doug Morato - Presentation Slides [https://www.owasp.org/images/e/ef/OWASP_Tampa_-_02_19_2016_-_AppSec_Pipeline.pdf here]<br />
<br />
2015-Q4 - Care & Feeding of Programmers-Addressing App Sec Gaps with Headers - Sunny Wear - Presentation Slides [https://www.owasp.org/images/d/d3/Care_%26_Feeding_of_Programmers_-Addressing_App_Sec_Gaps_with_Headers.pdf here]<br />
<br />
2015-Q4 - Secure Session Management - Brian Beaudry - Presentation Slides [http://www.slideshare.net/gpsec/secure-session-management here]<br />
<br />
OWASP Tampa Day 2014 - Shadow IT Does Not Have To Be Shady - Scott VanWart - Presentation Slides [https://www.owasp.org/images/b/b8/OTD_2014_-_Shadow-IT-Shady-FINAL.pdf here]<br />
<br />
OWASP Tampa Day 2014 - Offensive Mobile Forensics - Joey Peloquin - Presentation Slides [https://www.owasp.org/images/0/06/OTD_2014_-_OMF_GPS.pdf here]<br />
<br />
OWASP Tampa Day 2014 - OWASP Top 10 for MVC 4 and Greater - James Davis - Presentation Slides [https://www.owasp.org/images/c/cb/OTD_2014_-_OWASPTop10forMVC.pdf here]<br />
<br />
OWASP Tampa Day 2014 - Application Centric Mobile Application Security Model - Daniel Bender - Presentation Slides [https://www.owasp.org/images/4/42/OTD_2014_-_owasp-mobile.pdf here]<br />
<br />
OWASP Tampa Day 2014 - Intern down for what? - Tony Turner - Presentation Slides [https://www.owasp.org/images/0/05/InternDown4What_edit.pdf here]<br />
<br />
2014-Q3 - Do we really know the OWASP Top 10? - Jon Singer - Presentation Slides [https://www.owasp.org/images/3/34/Do_we_really_know_the_OWASP_Top_10.pdf here]<br />
<br />
2014-Q1 - Herding Cats - Carl Brothers - Presentation Slides [https://www.owasp.org/images/f/fc/Herding_Cats_-_OWASP%2C_Tampa_3-12-2014.pdf here]<br />
<br />
2014-Q1 - The Enemy Within - Ramece Cave - Presentation Slides [https://www.owasp.org/images/c/c2/TheEnemyWithin.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Securing Your Applications' Data With Web Application Firewalls - Dennis K. Usle - Presentation Slides [https://www.owasp.org/images/b/b7/Securing_your_Applications_%26_Data_With_Web_Application_Firewalls.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Bring Your Own Service - Doug Maul - Presentation Slides [https://www.owasp.org/images/e/e2/Bring_Your_Own_Service.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Design Consideration & Guiding Principles for Implementing Cloud Security - Bill Sterns - Presentation Slides [https://www.owasp.org/images/4/47/Design_considerations_and_Guiding_Principles_for_Implementing_Cloud_Security.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Let's Get Right To The Endpoint - Mel Pless - Presentation Slides [https://www.owasp.org/images/e/e5/Let%E2%80%99s_Get_Right_To_The_Endpoint.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Vulnerability Management That Works - Tony Turner - Presentation Slides [https://www.owasp.org/images/2/2f/Vulnerability_Management_That_Works.pdf here]<br />
<br />
2012-Q3 - Taming the B.E.A.S.T. - Richard Newman - Presentation Slides [https://www.owasp.org/images/1/10/Taming_the_B.E.A.S.T..pdf here]<br />
<br />
OWASP Tampa Day 2012 - Changing the Game - Jason Kent - Presentation Slides [https://www.owasp.org/images/0/04/OWASP_Changing_the_Game_-_Jason_Kent.pdf here]<br />
<br />
OWASP Tampa Day 2012 - MDM Technical Presentation - Keith Katz - Presentation Slides [https://www.owasp.org/images/a/a4/Zenprise_Technical_Presentation_-_Keith_Katz.pdf here]<br />
<br />
OWASP Tampa Day 2012 - Federated Identities in the Real World - Nathan Sargent - Presentation Slides [https://www.owasp.org/images/7/78/Federated_Identities_in_the_Real_World_-_Nathan_Sargent.pdf here]<br />
<br />
OWASP Tampa Day 2012 - Define and Optimize Your Approach to Application Security - Bruce Jenkins - Presentation Slides [https://www.owasp.org/images/8/8a/Define_and_Optimize_Your_Approach_to_Application_Security_-_Bruce_Jenkins.pdf here]<br />
<br />
OWASP Tampa Day 2012 - Anonymous: Lessons Learned - Bill Church - Presentation Slides [https://www.owasp.org/images/a/a1/Anonymous_-_Lessons_Learned_-_Bill_Church.pdf here]<br />
<br />
2012-Q1 - Protecting Against SQLi in Real-Time - Stuart Hancock - Presentation Slides [https://www.owasp.org/index.php/File:DBN-OWASP_Presentation.pdf here]<br />
<br />
2011-Q4 - How Not to Build Android Apps - Jack Mannino - Presentation Slides [https://www.owasp.org/images/8/86/HowNotToBuildAndroidApps2.pdf here]<br />
<br />
2011-Q4 - Behind Enemy Lines: Practical & Triage Approaches to Mobile Security Abroad - Justin Morehouse - Presentation Slides [http://www.slideshare.net/mascasa/behind-enemy-lines-practical-triage-approaches-to-mobile-security-abroad here] <br />
<br />
2011-Q3 - Hiding in Plain Sight - Ramece Cave - Presentation Slides [https://www.owasp.org/images/2/28/Hiding_in_Plain_Sight.pdf here] <br />
<br />
2011-Q3 - PCI Compliance 2.0 - Kate Mullin - Presentation Slides [https://www.owasp.org/images/6/67/PCI_Compliance_9_2011.pdf here] <br />
<br />
OWASP Tampa Day 2011 - PCI for Developers: Lessons from the Real World - Trevor Hawthorn - Presentation Slides [https://www.owasp.org/images/f/f7/OTD2011-TH.pdf here] <br />
<br />
OWASP Tampa Day 2011 - Top Website Vulnerabilities: Trends, Business Effects and How to Fight Them - Rinaldi Rampen - Presentation Slides [https://www.owasp.org/images/a/aa/OTD2011-RR.pdf here] <br />
<br />
OWASP Tampa Day 2011 - How to Defend the Universe from Evil-doers: A Guide for Software Developers and Security Teams - Bruce Jenkins - Presentation Slides [https://www.owasp.org/images/1/12/OTD2011-BJ.pdf here] <br />
<br />
OWASP Tampa Day 2011 - Analysis of Deadly Combination of XSS and CSRF - Sherif Koussa - Presentation Slides [https://www.owasp.org/images/8/8c/OTD2011-SK.pdf here] <br />
<br />
2011-Q1 - Real Lessons of Deploying Static Analysis in Development Groups - Jeff LoSapio - Presentation Slides [http://www.owasp.org/images/3/3b/TampaOWASP_March2011.pdf here] <br />
<br />
2011-Q1 - Intelligence Gathering for Penetration Testers: Opening Doors with Metadata - Chris Patten - Presentation Slides [http://www.owasp.org/images/a/ae/Intel_pen_owasp_Q1_2011.pdf here] <br />
<br />
2011-Q1 - Vulnerability Management in an IPv6 World - Richard Newman &amp; Brett McKinney - Presentation Slides [http://www.owasp.org/images/f/fa/Vulnerability_Scanning_in_an_IPv6_World.pdf here] <br />
<br />
2010-Q4 - Nessus Bridge for Metasploit - Zate Berg - Presentation Slides [http://www.scribd.com/doc/41173753/Nessus-Bridge-for-Metasploit here] <br />
<br />
2010-Q2 - Stealing Guests...The VMware Way - Justin Morehouse &amp; Tony Flick - Presentation slides [http://www.fyrmassociates.com/pdfs/Stealing_Guests_The_VMware_Way-ShmooCon2010.pdf here] <br />
<br />
2010-Q1 - The New World of Smartphone Security - Trevor Hawthorn - Presentation slides [http://www.stratumsec.net/sites/default/files/Stratum%20Security-The%20New%20World%20of%20Smartphone%20Security-Shmoocon%202010.pdf here] <br />
<br />
2009-Q3 - Hacking the Smart Grid - Tony Flick - Presentation slides [http://www.owasp.org/images/d/df/HackingTheSmartGrid-OWASP_Tampa.pdf here] <br />
<br />
2009-Q2 - Open SAMM - Zate Berg - Presentation slides [https://www.owasp.org/images/c/c3/Software_Assurance_Maturity_Model.pdf here] <br />
<br />
2009-Q1 - XSS Anonymous Browser - Matt Flick - Presentation slides [https://www.owasp.org/images/b/bb/BlackHat-DC-09-Flick-XAB_Slides.pdf here] <br />
<br />
2008-Q4 - Google Code Search&nbsp;: The pitfalls of Copy/Paste - Tony Flick - Presentation slides [https://www.owasp.org/images/5/5b/GoogleCodeSearch.pdf here] <br />
<br />
[[Category:OWASP_Chapter]]<br />
[[Category:United States]]<br />
[[Category:Florida]]</div>Sunny Wearhttps://wiki.owasp.org/index.php?title=Tampa&diff=244261Tampa2018-10-15T19:26:01Z<p>Sunny Wear: added link for tickets to event</p>
<hr />
<div>{{Chapter Template|chaptername=Tampa|extra=Anyone in our area interested in information security is welcome to attend. Our meetings are informal and encourage open discussion of all aspects of application security. We invite attendees to give short presentations about specific topics. <br />
<br />
We have a mailing list at: https://lists.owasp.org/mailman/listinfo/owasp-tampa <br />
<br />
If you have any questions about the Tampa chapter, please send an email to the chapter leaders via the above mailing list:<br />
* [mailto:jon.singer@owasp.org Jonathan Singer] - Co-Leader<br />
* [mailto:sunny.wear@owasp.org Sunny Wear] - Co-Leader<br />
* Nestor Torres - Chapter Coordinator<br />
* Charlie Marval - Chapter Coordinator<br />
<br />
The Tampa chapter is sponsored by:<br />
We are looking for sponsors!<br />
<br />
Join the OWASP Tampa LinkedIn group [https://www.linkedin.com/groups/2897535/profile here]. <br />
<br />
Join the OWASP Tampa Facebook group [https://www.facebook.com/owasptampa/ here].<br />
<br />
A reminder that CISSPs can earn 1 CPE credit for every hour of attendance at OWASP meetings.<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-tampa|emailarchives=http://lists.owasp.org/pipermail/owasp-tampa}}<br />
<br />
== Next Meeting ==<br />
<br />
Date:<br />
<br />
* Friday, December 7, 2018 <br />
<br />
Time:<br />
<br />
* 11:30am - 1:00pm <br />
<br />
Description:<br />
<br />
* OWASP Tampa Chapter Q4 Meeting <br />
<br />
Location:<br />
* SecureSet Academy<br />
Tickets:<br />
<br />
* https://www.eventbrite.com/e/owasp-tampa-chapter-q4-lunch-n-learn-tickets-51422084840 <br />
<br />
== Presentation ==<br />
<br />
SPEAKERS: White Source Software: Gwen Krauss<br />
<br />
TOPIC: Tackling the Risks of Open Source Security: 5 Things You Need to Know<br />
<br />
DESCRIPTION: Open Source has become the key building block for application development in today's market, where companies are under constant pressure to accelerate time to market. The increasing adoption of open source components, however, has introduced new security challenges that most teams are not prepared to mitigate in their current posture. <br />
<br />
In this session, we will present best practices that security teams should implement in order to enable their developers to harness the power of open source without slowing them down or compromising on security.<br />
<br />
== Meeting Location ==<br />
<br />
Location:<br />
<br />
TBA<br />
<br />
== Presentation Archives ==<br />
<br />
2016-Q4 - Mark Villinski, Kaspersky - Unlock the Key to Repel Ransomware, Major General Oleg D. Kalugin, Formerly with KGB and author of "Spymaster", John Ford- Defend Trade Secrets Act of 2016, Steve Obeck, Tanium- Security Hygiene, Jeremy Rasmussen, Cybersecurity Director of Abacode - “Incident Response and Investigations: Tales from the Trenches”<br />
<br />
2016-Q3 - Red Team Operating in a modern environment - Jonathan Echavarria - Presentation Slides [https://www.owasp.org/images/4/4b/Red_Team_Operating_in_a_Modern_Environment.pdf here]<br />
<br />
2016-Q2 - OpenSAMM Software Assurance Maturity Model - Eoin Fitzpatrick - Presentation Slides [https://www.owasp.org/images/b/bd/OpenSAMM_Overview.pdf here]<br />
<br />
2016-Q1 - AppSec Pipeline: Application Security in a world of Agile Development, Continuous Change and DevOps - Doug Morato - Presentation Slides [https://www.owasp.org/images/e/ef/OWASP_Tampa_-_02_19_2016_-_AppSec_Pipeline.pdf here]<br />
<br />
2015-Q4 - Care & Feeding of Programmers-Addressing App Sec Gaps with Headers - Sunny Wear - Presentation Slides [https://www.owasp.org/images/d/d3/Care_%26_Feeding_of_Programmers_-Addressing_App_Sec_Gaps_with_Headers.pdf here]<br />
<br />
2015-Q4 - Secure Session Management - Brian Beaudry - Presentation Slides [http://www.slideshare.net/gpsec/secure-session-management here]<br />
<br />
OWASP Tampa Day 2014 - Shadow IT Does Not Have To Be Shady - Scott VanWart - Presentation Slides [https://www.owasp.org/images/b/b8/OTD_2014_-_Shadow-IT-Shady-FINAL.pdf here]<br />
<br />
OWASP Tampa Day 2014 - Offensive Mobile Forensics - Joey Peloquin - Presentation Slides [https://www.owasp.org/images/0/06/OTD_2014_-_OMF_GPS.pdf here]<br />
<br />
OWASP Tampa Day 2014 - OWASP Top 10 for MVC 4 and Greater - James Davis - Presentation Slides [https://www.owasp.org/images/c/cb/OTD_2014_-_OWASPTop10forMVC.pdf here]<br />
<br />
OWASP Tampa Day 2014 - Application Centric Mobile Application Security Model - Daniel Bender - Presentation Slides [https://www.owasp.org/images/4/42/OTD_2014_-_owasp-mobile.pdf here]<br />
<br />
OWASP Tampa Day 2014 - Intern down for what? - Tony Turner - Presentation Slides [https://www.owasp.org/images/0/05/InternDown4What_edit.pdf here]<br />
<br />
2014-Q3 - Do we really know the OWASP Top 10? - Jon Singer - Presentation Slides [https://www.owasp.org/images/3/34/Do_we_really_know_the_OWASP_Top_10.pdf here]<br />
<br />
2014-Q1 - Herding Cats - Carl Brothers - Presentation Slides [https://www.owasp.org/images/f/fc/Herding_Cats_-_OWASP%2C_Tampa_3-12-2014.pdf here]<br />
<br />
2014-Q1 - The Enemy Within - Ramece Cave - Presentation Slides [https://www.owasp.org/images/c/c2/TheEnemyWithin.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Securing Your Applications' Data With Web Application Firewalls - Dennis K. Usle - Presentation Slides [https://www.owasp.org/images/b/b7/Securing_your_Applications_%26_Data_With_Web_Application_Firewalls.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Bring Your Own Service - Doug Maul - Presentation Slides [https://www.owasp.org/images/e/e2/Bring_Your_Own_Service.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Design Consideration & Guiding Principles for Implementing Cloud Security - Bill Sterns - Presentation Slides [https://www.owasp.org/images/4/47/Design_considerations_and_Guiding_Principles_for_Implementing_Cloud_Security.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Let's Get Right To The Endpoint - Mel Pless - Presentation Slides [https://www.owasp.org/images/e/e5/Let%E2%80%99s_Get_Right_To_The_Endpoint.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Vulnerability Management That Works - Tony Turner - Presentation Slides [https://www.owasp.org/images/2/2f/Vulnerability_Management_That_Works.pdf here]<br />
<br />
2012-Q3 - Taming the B.E.A.S.T. - Richard Newman - Presentation Slides [https://www.owasp.org/images/1/10/Taming_the_B.E.A.S.T..pdf here]<br />
<br />
OWASP Tampa Day 2012 - Changing the Game - Jason Kent - Presentation Slides [https://www.owasp.org/images/0/04/OWASP_Changing_the_Game_-_Jason_Kent.pdf here]<br />
<br />
OWASP Tampa Day 2012 - MDM Technical Presentation - Keith Katz - Presentation Slides [https://www.owasp.org/images/a/a4/Zenprise_Technical_Presentation_-_Keith_Katz.pdf here]<br />
<br />
OWASP Tampa Day 2012 - Federated Identities in the Real World - Nathan Sargent - Presentation Slides [https://www.owasp.org/images/7/78/Federated_Identities_in_the_Real_World_-_Nathan_Sargent.pdf here]<br />
<br />
OWASP Tampa Day 2012 - Define and Optimize Your Approach to Application Security - Bruce Jenkins - Presentation Slides [https://www.owasp.org/images/8/8a/Define_and_Optimize_Your_Approach_to_Application_Security_-_Bruce_Jenkins.pdf here]<br />
<br />
OWASP Tampa Day 2012 - Anonymous: Lessons Learned - Bill Church - Presentation Slides [https://www.owasp.org/images/a/a1/Anonymous_-_Lessons_Learned_-_Bill_Church.pdf here]<br />
<br />
2012-Q1 - Protecting Against SQLi in Real-Time - Stuart Hancock - Presentation Slides [https://www.owasp.org/index.php/File:DBN-OWASP_Presentation.pdf here]<br />
<br />
2011-Q4 - How Not to Build Android Apps - Jack Mannino - Presentation Slides [https://www.owasp.org/images/8/86/HowNotToBuildAndroidApps2.pdf here]<br />
<br />
2011-Q4 - Behind Enemy Lines: Practical & Triage Approaches to Mobile Security Abroad - Justin Morehouse - Presentation Slides [http://www.slideshare.net/mascasa/behind-enemy-lines-practical-triage-approaches-to-mobile-security-abroad here] <br />
<br />
2011-Q3 - Hiding in Plain Sight - Ramece Cave - Presentation Slides [https://www.owasp.org/images/2/28/Hiding_in_Plain_Sight.pdf here] <br />
<br />
2011-Q3 - PCI Compliance 2.0 - Kate Mullin - Presentation Slides [https://www.owasp.org/images/6/67/PCI_Compliance_9_2011.pdf here] <br />
<br />
OWASP Tampa Day 2011 - PCI for Developers: Lessons from the Real World - Trevor Hawthorn - Presentation Slides [https://www.owasp.org/images/f/f7/OTD2011-TH.pdf here] <br />
<br />
OWASP Tampa Day 2011 - Top Website Vulnerabilities: Trends, Business Effects and How to Fight Them - Rinaldi Rampen - Presentation Slides [https://www.owasp.org/images/a/aa/OTD2011-RR.pdf here] <br />
<br />
OWASP Tampa Day 2011 - How to Defend the Universe from Evil-doers: A Guide for Software Developers and Security Teams - Bruce Jenkins - Presentation Slides [https://www.owasp.org/images/1/12/OTD2011-BJ.pdf here] <br />
<br />
OWASP Tampa Day 2011 - Analysis of Deadly Combination of XSS and CSRF - Sherif Koussa - Presentation Slides [https://www.owasp.org/images/8/8c/OTD2011-SK.pdf here] <br />
<br />
2011-Q1 - Real Lessons of Deploying Static Analysis in Development Groups - Jeff LoSapio - Presentation Slides [http://www.owasp.org/images/3/3b/TampaOWASP_March2011.pdf here] <br />
<br />
2011-Q1 - Intelligence Gathering for Penetration Testers: Opening Doors with Metadata - Chris Patten - Presentation Slides [http://www.owasp.org/images/a/ae/Intel_pen_owasp_Q1_2011.pdf here] <br />
<br />
2011-Q1 - Vulnerability Management in an IPv6 World - Richard Newman &amp; Brett McKinney - Presentation Slides [http://www.owasp.org/images/f/fa/Vulnerability_Scanning_in_an_IPv6_World.pdf here] <br />
<br />
2010-Q4 - Nessus Bridge for Metasploit - Zate Berg - Presentation Slides [http://www.scribd.com/doc/41173753/Nessus-Bridge-for-Metasploit here] <br />
<br />
2010-Q2 - Stealing Guests...The VMware Way - Justin Morehouse &amp; Tony Flick - Presentation slides [http://www.fyrmassociates.com/pdfs/Stealing_Guests_The_VMware_Way-ShmooCon2010.pdf here] <br />
<br />
2010-Q1 - The New World of Smartphone Security - Trevor Hawthorn - Presentation slides [http://www.stratumsec.net/sites/default/files/Stratum%20Security-The%20New%20World%20of%20Smartphone%20Security-Shmoocon%202010.pdf here] <br />
<br />
2009-Q3 - Hacking the Smart Grid - Tony Flick - Presentation slides [http://www.owasp.org/images/d/df/HackingTheSmartGrid-OWASP_Tampa.pdf here] <br />
<br />
2009-Q2 - Open SAMM - Zate Berg - Presentation slides [https://www.owasp.org/images/c/c3/Software_Assurance_Maturity_Model.pdf here] <br />
<br />
2009-Q1 - XSS Anonymous Browser - Matt Flick - Presentation slides [https://www.owasp.org/images/b/bb/BlackHat-DC-09-Flick-XAB_Slides.pdf here] <br />
<br />
2008-Q4 - Google Code Search&nbsp;: The pitfalls of Copy/Paste - Tony Flick - Presentation slides [https://www.owasp.org/images/5/5b/GoogleCodeSearch.pdf here] <br />
<br />
[[Category:OWASP_Chapter]]<br />
[[Category:United States]]<br />
[[Category:Florida]]</div>Sunny Wearhttps://wiki.owasp.org/index.php?title=Tampa&diff=244233Tampa2018-10-15T11:34:12Z<p>Sunny Wear: /* Meeting Location */ modify</p>
<hr />
<div>{{Chapter Template|chaptername=Tampa|extra=Anyone in our area interested in information security is welcome to attend. Our meetings are informal and encourage open discussion of all aspects of application security. We invite attendees to give short presentations about specific topics. <br />
<br />
We have a mailing list at: https://lists.owasp.org/mailman/listinfo/owasp-tampa <br />
<br />
If you have any questions about the Tampa chapter, please send an email to the chapter leaders via the above mailing list:<br />
* [mailto:jon.singer@owasp.org Jonathan Singer] - Co-Leader<br />
* [mailto:sunny.wear@owasp.org Sunny Wear] - Co-Leader<br />
* Nestor Torres - Chapter Coordinator<br />
* Charlie Marval - Chapter Coordinator<br />
<br />
The Tampa chapter is sponsored by:<br />
We are looking for sponsors!<br />
<br />
Join the OWASP Tampa LinkedIn group [https://www.linkedin.com/groups/2897535/profile here]. <br />
<br />
Join the OWASP Tampa Facebook group [https://www.facebook.com/owasptampa/ here].<br />
<br />
A reminder that CISSPs can earn 1 CPE credit for every hour of attendance at OWASP meetings.<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-tampa|emailarchives=http://lists.owasp.org/pipermail/owasp-tampa}}<br />
<br />
== Next Meeting ==<br />
<br />
Date:<br />
<br />
* Friday, December 7, 2018 <br />
<br />
Time:<br />
<br />
* 11:30am - 1:00pm <br />
<br />
Description:<br />
<br />
* OWASP Tampa Chapter Q4 Meeting <br />
<br />
Location:<br />
* TBA<br />
Tickets:<br />
<br />
* TBA<br />
<br />
== Presentation ==<br />
<br />
SPEAKERS: White Source Software: Gwen Krauss<br />
<br />
TOPIC: Tackling the Risks of Open Source Security: 5 Things You Need to Know<br />
<br />
DESCRIPTION: Open Source has become the key building block for application development in today's market, where companies are under constant pressure to accelerate time to market. The increasing adoption of open source components, however, has introduced new security challenges that most teams are not prepared to mitigate in their current posture. <br />
<br />
In this session, we will present best practices that security teams should implement in order to enable their developers to harness the power of open source without slowing them down or compromising on security.<br />
<br />
== Meeting Location ==<br />
<br />
Location:<br />
<br />
TBA<br />
<br />
== Presentation Archives ==<br />
<br />
2016-Q4 - Mark Villinski, Kaspersky - Unlock the Key to Repel Ransomware, Major General Oleg D. Kalugin, Formerly with KGB and author of "Spymaster", John Ford- Defend Trade Secrets Act of 2016, Steve Obeck, Tanium- Security Hygiene, Jeremy Rasmussen, Cybersecurity Director of Abacode - “Incident Response and Investigations: Tales from the Trenches”<br />
<br />
2016-Q3 - Red Team Operating in a modern environment - Jonathan Echavarria - Presentation Slides [https://www.owasp.org/images/4/4b/Red_Team_Operating_in_a_Modern_Environment.pdf here]<br />
<br />
2016-Q2 - OpenSAMM Software Assurance Maturity Model - Eoin Fitzpatrick - Presentation Slides [https://www.owasp.org/images/b/bd/OpenSAMM_Overview.pdf here]<br />
<br />
2016-Q1 - AppSec Pipeline: Application Security in a world of Agile Development, Continuous Change and DevOps - Doug Morato - Presentation Slides [https://www.owasp.org/images/e/ef/OWASP_Tampa_-_02_19_2016_-_AppSec_Pipeline.pdf here]<br />
<br />
2015-Q4 - Care & Feeding of Programmers-Addressing App Sec Gaps with Headers - Sunny Wear - Presentation Slides [https://www.owasp.org/images/d/d3/Care_%26_Feeding_of_Programmers_-Addressing_App_Sec_Gaps_with_Headers.pdf here]<br />
<br />
2015-Q4 - Secure Session Management - Brian Beaudry - Presentation Slides [http://www.slideshare.net/gpsec/secure-session-management here]<br />
<br />
OWASP Tampa Day 2014 - Shadow IT Does Not Have To Be Shady - Scott VanWart - Presentation Slides [https://www.owasp.org/images/b/b8/OTD_2014_-_Shadow-IT-Shady-FINAL.pdf here]<br />
<br />
OWASP Tampa Day 2014 - Offensive Mobile Forensics - Joey Peloquin - Presentation Slides [https://www.owasp.org/images/0/06/OTD_2014_-_OMF_GPS.pdf here]<br />
<br />
OWASP Tampa Day 2014 - OWASP Top 10 for MVC 4 and Greater - James Davis - Presentation Slides [https://www.owasp.org/images/c/cb/OTD_2014_-_OWASPTop10forMVC.pdf here]<br />
<br />
OWASP Tampa Day 2014 - Application Centric Mobile Application Security Model - Daniel Bender - Presentation Slides [https://www.owasp.org/images/4/42/OTD_2014_-_owasp-mobile.pdf here]<br />
<br />
OWASP Tampa Day 2014 - Intern down for what? - Tony Turner - Presentation Slides [https://www.owasp.org/images/0/05/InternDown4What_edit.pdf here]<br />
<br />
2014-Q3 - Do we really know the OWASP Top 10? - Jon Singer - Presentation Slides [https://www.owasp.org/images/3/34/Do_we_really_know_the_OWASP_Top_10.pdf here]<br />
<br />
2014-Q1 - Herding Cats - Carl Brothers - Presentation Slides [https://www.owasp.org/images/f/fc/Herding_Cats_-_OWASP%2C_Tampa_3-12-2014.pdf here]<br />
<br />
2014-Q1 - The Enemy Within - Ramece Cave - Presentation Slides [https://www.owasp.org/images/c/c2/TheEnemyWithin.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Securing Your Applications' Data With Web Application Firewalls - Dennis K. Usle - Presentation Slides [https://www.owasp.org/images/b/b7/Securing_your_Applications_%26_Data_With_Web_Application_Firewalls.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Bring Your Own Service - Doug Maul - Presentation Slides [https://www.owasp.org/images/e/e2/Bring_Your_Own_Service.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Design Consideration & Guiding Principles for Implementing Cloud Security - Bill Sterns - Presentation Slides [https://www.owasp.org/images/4/47/Design_considerations_and_Guiding_Principles_for_Implementing_Cloud_Security.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Let's Get Right To The Endpoint - Mel Pless - Presentation Slides [https://www.owasp.org/images/e/e5/Let%E2%80%99s_Get_Right_To_The_Endpoint.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Vulnerability Management That Works - Tony Turner - Presentation Slides [https://www.owasp.org/images/2/2f/Vulnerability_Management_That_Works.pdf here]<br />
<br />
2012-Q3 - Taming the B.E.A.S.T. - Richard Newman - Presentation Slides [https://www.owasp.org/images/1/10/Taming_the_B.E.A.S.T..pdf here]<br />
<br />
OWASP Tampa Day 2012 - Changing the Game - Jason Kent - Presentation Slides [https://www.owasp.org/images/0/04/OWASP_Changing_the_Game_-_Jason_Kent.pdf here]<br />
<br />
OWASP Tampa Day 2012 - MDM Technical Presentation - Keith Katz - Presentation Slides [https://www.owasp.org/images/a/a4/Zenprise_Technical_Presentation_-_Keith_Katz.pdf here]<br />
<br />
OWASP Tampa Day 2012 - Federated Identities in the Real World - Nathan Sargent - Presentation Slides [https://www.owasp.org/images/7/78/Federated_Identities_in_the_Real_World_-_Nathan_Sargent.pdf here]<br />
<br />
OWASP Tampa Day 2012 - Define and Optimize Your Approach to Application Security - Bruce Jenkins - Presentation Slides [https://www.owasp.org/images/8/8a/Define_and_Optimize_Your_Approach_to_Application_Security_-_Bruce_Jenkins.pdf here]<br />
<br />
OWASP Tampa Day 2012 - Anonymous: Lessons Learned - Bill Church - Presentation Slides [https://www.owasp.org/images/a/a1/Anonymous_-_Lessons_Learned_-_Bill_Church.pdf here]<br />
<br />
2012-Q1 - Protecting Against SQLi in Real-Time - Stuart Hancock - Presentation Slides [https://www.owasp.org/index.php/File:DBN-OWASP_Presentation.pdf here]<br />
<br />
2011-Q4 - How Not to Build Android Apps - Jack Mannino - Presentation Slides [https://www.owasp.org/images/8/86/HowNotToBuildAndroidApps2.pdf here]<br />
<br />
2011-Q4 - Behind Enemy Lines: Practical & Triage Approaches to Mobile Security Abroad - Justin Morehouse - Presentation Slides [http://www.slideshare.net/mascasa/behind-enemy-lines-practical-triage-approaches-to-mobile-security-abroad here] <br />
<br />
2011-Q3 - Hiding in Plain Sight - Ramece Cave - Presentation Slides [https://www.owasp.org/images/2/28/Hiding_in_Plain_Sight.pdf here] <br />
<br />
2011-Q3 - PCI Compliance 2.0 - Kate Mullin - Presentation Slides [https://www.owasp.org/images/6/67/PCI_Compliance_9_2011.pdf here] <br />
<br />
OWASP Tampa Day 2011 - PCI for Developers: Lessons from the Real World - Trevor Hawthorn - Presentation Slides [https://www.owasp.org/images/f/f7/OTD2011-TH.pdf here] <br />
<br />
OWASP Tampa Day 2011 - Top Website Vulnerabilities: Trends, Business Effects and How to Fight Them - Rinaldi Rampen - Presentation Slides [https://www.owasp.org/images/a/aa/OTD2011-RR.pdf here] <br />
<br />
OWASP Tampa Day 2011 - How to Defend the Universe from Evil-doers: A Guide for Software Developers and Security Teams - Bruce Jenkins - Presentation Slides [https://www.owasp.org/images/1/12/OTD2011-BJ.pdf here] <br />
<br />
OWASP Tampa Day 2011 - Analysis of Deadly Combination of XSS and CSRF - Sherif Koussa - Presentation Slides [https://www.owasp.org/images/8/8c/OTD2011-SK.pdf here] <br />
<br />
2011-Q1 - Real Lessons of Deploying Static Analysis in Development Groups - Jeff LoSapio - Presentation Slides [http://www.owasp.org/images/3/3b/TampaOWASP_March2011.pdf here] <br />
<br />
2011-Q1 - Intelligence Gathering for Penetration Testers: Opening Doors with Metadata - Chris Patten - Presentation Slides [http://www.owasp.org/images/a/ae/Intel_pen_owasp_Q1_2011.pdf here] <br />
<br />
2011-Q1 - Vulnerability Management in an IPv6 World - Richard Newman &amp; Brett McKinney - Presentation Slides [http://www.owasp.org/images/f/fa/Vulnerability_Scanning_in_an_IPv6_World.pdf here] <br />
<br />
2010-Q4 - Nessus Bridge for Metasploit - Zate Berg - Presentation Slides [http://www.scribd.com/doc/41173753/Nessus-Bridge-for-Metasploit here] <br />
<br />
2010-Q2 - Stealing Guests...The VMware Way - Justin Morehouse &amp; Tony Flick - Presentation slides [http://www.fyrmassociates.com/pdfs/Stealing_Guests_The_VMware_Way-ShmooCon2010.pdf here] <br />
<br />
2010-Q1 - The New World of Smartphone Security - Trevor Hawthorn - Presentation slides [http://www.stratumsec.net/sites/default/files/Stratum%20Security-The%20New%20World%20of%20Smartphone%20Security-Shmoocon%202010.pdf here] <br />
<br />
2009-Q3 - Hacking the Smart Grid - Tony Flick - Presentation slides [http://www.owasp.org/images/d/df/HackingTheSmartGrid-OWASP_Tampa.pdf here] <br />
<br />
2009-Q2 - Open SAMM - Zate Berg - Presentation slides [https://www.owasp.org/images/c/c3/Software_Assurance_Maturity_Model.pdf here] <br />
<br />
2009-Q1 - XSS Anonymous Browser - Matt Flick - Presentation slides [https://www.owasp.org/images/b/bb/BlackHat-DC-09-Flick-XAB_Slides.pdf here] <br />
<br />
2008-Q4 - Google Code Search&nbsp;: The pitfalls of Copy/Paste - Tony Flick - Presentation slides [https://www.owasp.org/images/5/5b/GoogleCodeSearch.pdf here] <br />
<br />
[[Category:OWASP_Chapter]]<br />
[[Category:United States]]<br />
[[Category:Florida]]</div>Sunny Wearhttps://wiki.owasp.org/index.php?title=Tampa&diff=244232Tampa2018-10-15T11:33:47Z<p>Sunny Wear: set up Q4 meeting</p>
<hr />
<div>{{Chapter Template|chaptername=Tampa|extra=Anyone in our area interested in information security is welcome to attend. Our meetings are informal and encourage open discussion of all aspects of application security. We invite attendees to give short presentations about specific topics. <br />
<br />
We have a mailing list at: https://lists.owasp.org/mailman/listinfo/owasp-tampa <br />
<br />
If you have any questions about the Tampa chapter, please send an email to the chapter leaders via the above mailing list:<br />
* [mailto:jon.singer@owasp.org Jonathan Singer] - Co-Leader<br />
* [mailto:sunny.wear@owasp.org Sunny Wear] - Co-Leader<br />
* Nestor Torres - Chapter Coordinator<br />
* Charlie Marval - Chapter Coordinator<br />
<br />
The Tampa chapter is sponsored by:<br />
We are looking for sponsors!<br />
<br />
Join the OWASP Tampa LinkedIn group [https://www.linkedin.com/groups/2897535/profile here]. <br />
<br />
Join the OWASP Tampa Facebook group [https://www.facebook.com/owasptampa/ here].<br />
<br />
A reminder that CISSPs can earn 1 CPE credit for every hour of attendance at OWASP meetings.<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-tampa|emailarchives=http://lists.owasp.org/pipermail/owasp-tampa}}<br />
<br />
== Next Meeting ==<br />
<br />
Date:<br />
<br />
* Friday, December 7, 2018 <br />
<br />
Time:<br />
<br />
* 11:30am - 1:00pm <br />
<br />
Description:<br />
<br />
* OWASP Tampa Chapter Q4 Meeting <br />
<br />
Location:<br />
* TBA<br />
Tickets:<br />
<br />
* TBA<br />
<br />
== Presentation ==<br />
<br />
SPEAKERS: White Source Software: Gwen Krauss<br />
<br />
TOPIC: Tackling the Risks of Open Source Security: 5 Things You Need to Know<br />
<br />
DESCRIPTION: Open Source has become the key building block for application development in today's market, where companies are under constant pressure to accelerate time to market. The increasing adoption of open source components, however, has introduced new security challenges that most teams are not prepared to mitigate in their current posture. <br />
<br />
In this session, we will present best practices that security teams should implement in order to enable their developers to harness the power of open source without slowing them down or compromising on security.<br />
<br />
== Meeting Location ==<br />
<br />
Location:<br />
<br />
WellCare<br />
<br />
8745 Henderson Road<br />
<br />
Tampa, FL 33634<br />
<br />
== Presentation Archives ==<br />
<br />
2016-Q4 - Mark Villinski, Kaspersky - Unlock the Key to Repel Ransomware, Major General Oleg D. Kalugin, Formerly with KGB and author of "Spymaster", John Ford- Defend Trade Secrets Act of 2016, Steve Obeck, Tanium- Security Hygiene, Jeremy Rasmussen, Cybersecurity Director of Abacode - “Incident Response and Investigations: Tales from the Trenches”<br />
<br />
2016-Q3 - Red Team Operating in a modern environment - Jonathan Echavarria - Presentation Slides [https://www.owasp.org/images/4/4b/Red_Team_Operating_in_a_Modern_Environment.pdf here]<br />
<br />
2016-Q2 - OpenSAMM Software Assurance Maturity Model - Eoin Fitzpatrick - Presentation Slides [https://www.owasp.org/images/b/bd/OpenSAMM_Overview.pdf here]<br />
<br />
2016-Q1 - AppSec Pipeline: Application Security in a world of Agile Development, Continuous Change and DevOps - Doug Morato - Presentation Slides [https://www.owasp.org/images/e/ef/OWASP_Tampa_-_02_19_2016_-_AppSec_Pipeline.pdf here]<br />
<br />
2015-Q4 - Care & Feeding of Programmers-Addressing App Sec Gaps with Headers - Sunny Wear - Presentation Slides [https://www.owasp.org/images/d/d3/Care_%26_Feeding_of_Programmers_-Addressing_App_Sec_Gaps_with_Headers.pdf here]<br />
<br />
2015-Q4 - Secure Session Management - Brian Beaudry - Presentation Slides [http://www.slideshare.net/gpsec/secure-session-management here]<br />
<br />
OWASP Tampa Day 2014 - Shadow IT Does Not Have To Be Shady - Scott VanWart - Presentation Slides [https://www.owasp.org/images/b/b8/OTD_2014_-_Shadow-IT-Shady-FINAL.pdf here]<br />
<br />
OWASP Tampa Day 2014 - Offensive Mobile Forensics - Joey Peloquin - Presentation Slides [https://www.owasp.org/images/0/06/OTD_2014_-_OMF_GPS.pdf here]<br />
<br />
OWASP Tampa Day 2014 - OWASP Top 10 for MVC 4 and Greater - James Davis - Presentation Slides [https://www.owasp.org/images/c/cb/OTD_2014_-_OWASPTop10forMVC.pdf here]<br />
<br />
OWASP Tampa Day 2014 - Application Centric Mobile Application Security Model - Daniel Bender - Presentation Slides [https://www.owasp.org/images/4/42/OTD_2014_-_owasp-mobile.pdf here]<br />
<br />
OWASP Tampa Day 2014 - Intern down for what? - Tony Turner - Presentation Slides [https://www.owasp.org/images/0/05/InternDown4What_edit.pdf here]<br />
<br />
2014-Q3 - Do we really know the OWASP Top 10? - Jon Singer - Presentation Slides [https://www.owasp.org/images/3/34/Do_we_really_know_the_OWASP_Top_10.pdf here]<br />
<br />
2014-Q1 - Herding Cats - Carl Brothers - Presentation Slides [https://www.owasp.org/images/f/fc/Herding_Cats_-_OWASP%2C_Tampa_3-12-2014.pdf here]<br />
<br />
2014-Q1 - The Enemy Within - Ramece Cave - Presentation Slides [https://www.owasp.org/images/c/c2/TheEnemyWithin.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Securing Your Applications' Data With Web Application Firewalls - Dennis K. Usle - Presentation Slides [https://www.owasp.org/images/b/b7/Securing_your_Applications_%26_Data_With_Web_Application_Firewalls.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Bring Your Own Service - Doug Maul - Presentation Slides [https://www.owasp.org/images/e/e2/Bring_Your_Own_Service.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Design Consideration & Guiding Principles for Implementing Cloud Security - Bill Sterns - Presentation Slides [https://www.owasp.org/images/4/47/Design_considerations_and_Guiding_Principles_for_Implementing_Cloud_Security.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Let's Get Right To The Endpoint - Mel Pless - Presentation Slides [https://www.owasp.org/images/e/e5/Let%E2%80%99s_Get_Right_To_The_Endpoint.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Vulnerability Management That Works - Tony Turner - Presentation Slides [https://www.owasp.org/images/2/2f/Vulnerability_Management_That_Works.pdf here]<br />
<br />
2012-Q3 - Taming the B.E.A.S.T. - Richard Newman - Presentation Slides [https://www.owasp.org/images/1/10/Taming_the_B.E.A.S.T..pdf here]<br />
<br />
OWASP Tampa Day 2012 - Changing the Game - Jason Kent - Presentation Slides [https://www.owasp.org/images/0/04/OWASP_Changing_the_Game_-_Jason_Kent.pdf here]<br />
<br />
OWASP Tampa Day 2012 - MDM Technical Presentation - Keith Katz - Presentation Slides [https://www.owasp.org/images/a/a4/Zenprise_Technical_Presentation_-_Keith_Katz.pdf here]<br />
<br />
OWASP Tampa Day 2012 - Federated Identities in the Real World - Nathan Sargent - Presentation Slides [https://www.owasp.org/images/7/78/Federated_Identities_in_the_Real_World_-_Nathan_Sargent.pdf here]<br />
<br />
OWASP Tampa Day 2012 - Define and Optimize Your Approach to Application Security - Bruce Jenkins - Presentation Slides [https://www.owasp.org/images/8/8a/Define_and_Optimize_Your_Approach_to_Application_Security_-_Bruce_Jenkins.pdf here]<br />
<br />
OWASP Tampa Day 2012 - Anonymous: Lessons Learned - Bill Church - Presentation Slides [https://www.owasp.org/images/a/a1/Anonymous_-_Lessons_Learned_-_Bill_Church.pdf here]<br />
<br />
2012-Q1 - Protecting Against SQLi in Real-Time - Stuart Hancock - Presentation Slides [https://www.owasp.org/index.php/File:DBN-OWASP_Presentation.pdf here]<br />
<br />
2011-Q4 - How Not to Build Android Apps - Jack Mannino - Presentation Slides [https://www.owasp.org/images/8/86/HowNotToBuildAndroidApps2.pdf here]<br />
<br />
2011-Q4 - Behind Enemy Lines: Practical & Triage Approaches to Mobile Security Abroad - Justin Morehouse - Presentation Slides [http://www.slideshare.net/mascasa/behind-enemy-lines-practical-triage-approaches-to-mobile-security-abroad here] <br />
<br />
2011-Q3 - Hiding in Plain Sight - Ramece Cave - Presentation Slides [https://www.owasp.org/images/2/28/Hiding_in_Plain_Sight.pdf here] <br />
<br />
2011-Q3 - PCI Compliance 2.0 - Kate Mullin - Presentation Slides [https://www.owasp.org/images/6/67/PCI_Compliance_9_2011.pdf here] <br />
<br />
OWASP Tampa Day 2011 - PCI for Developers: Lessons from the Real World - Trevor Hawthorn - Presentation Slides [https://www.owasp.org/images/f/f7/OTD2011-TH.pdf here] <br />
<br />
OWASP Tampa Day 2011 - Top Website Vulnerabilities: Trends, Business Effects and How to Fight Them - Rinaldi Rampen - Presentation Slides [https://www.owasp.org/images/a/aa/OTD2011-RR.pdf here] <br />
<br />
OWASP Tampa Day 2011 - How to Defend the Universe from Evil-doers: A Guide for Software Developers and Security Teams - Bruce Jenkins - Presentation Slides [https://www.owasp.org/images/1/12/OTD2011-BJ.pdf here] <br />
<br />
OWASP Tampa Day 2011 - Analysis of Deadly Combination of XSS and CSRF - Sherif Koussa - Presentation Slides [https://www.owasp.org/images/8/8c/OTD2011-SK.pdf here] <br />
<br />
2011-Q1 - Real Lessons of Deploying Static Analysis in Development Groups - Jeff LoSapio - Presentation Slides [http://www.owasp.org/images/3/3b/TampaOWASP_March2011.pdf here] <br />
<br />
2011-Q1 - Intelligence Gathering for Penetration Testers: Opening Doors with Metadata - Chris Patten - Presentation Slides [http://www.owasp.org/images/a/ae/Intel_pen_owasp_Q1_2011.pdf here] <br />
<br />
2011-Q1 - Vulnerability Management in an IPv6 World - Richard Newman &amp; Brett McKinney - Presentation Slides [http://www.owasp.org/images/f/fa/Vulnerability_Scanning_in_an_IPv6_World.pdf here] <br />
<br />
2010-Q4 - Nessus Bridge for Metasploit - Zate Berg - Presentation Slides [http://www.scribd.com/doc/41173753/Nessus-Bridge-for-Metasploit here] <br />
<br />
2010-Q2 - Stealing Guests...The VMware Way - Justin Morehouse &amp; Tony Flick - Presentation slides [http://www.fyrmassociates.com/pdfs/Stealing_Guests_The_VMware_Way-ShmooCon2010.pdf here] <br />
<br />
2010-Q1 - The New World of Smartphone Security - Trevor Hawthorn - Presentation slides [http://www.stratumsec.net/sites/default/files/Stratum%20Security-The%20New%20World%20of%20Smartphone%20Security-Shmoocon%202010.pdf here] <br />
<br />
2009-Q3 - Hacking the Smart Grid - Tony Flick - Presentation slides [http://www.owasp.org/images/d/df/HackingTheSmartGrid-OWASP_Tampa.pdf here] <br />
<br />
2009-Q2 - Open SAMM - Zate Berg - Presentation slides [https://www.owasp.org/images/c/c3/Software_Assurance_Maturity_Model.pdf here] <br />
<br />
2009-Q1 - XSS Anonymous Browser - Matt Flick - Presentation slides [https://www.owasp.org/images/b/bb/BlackHat-DC-09-Flick-XAB_Slides.pdf here] <br />
<br />
2008-Q4 - Google Code Search&nbsp;: The pitfalls of Copy/Paste - Tony Flick - Presentation slides [https://www.owasp.org/images/5/5b/GoogleCodeSearch.pdf here] <br />
<br />
[[Category:OWASP_Chapter]]<br />
[[Category:United States]]<br />
[[Category:Florida]]</div>Sunny Wearhttps://wiki.owasp.org/index.php?title=Tampa&diff=244231Tampa2018-10-15T11:30:10Z<p>Sunny Wear: added two chapter coordinators to our group</p>
<hr />
<div>{{Chapter Template|chaptername=Tampa|extra=Anyone in our area interested in information security is welcome to attend. Our meetings are informal and encourage open discussion of all aspects of application security. We invite attendees to give short presentations about specific topics. <br />
<br />
We have a mailing list at: https://lists.owasp.org/mailman/listinfo/owasp-tampa <br />
<br />
If you have any questions about the Tampa chapter, please send an email to the chapter leaders via the above mailing list:<br />
* [mailto:jon.singer@owasp.org Jonathan Singer] - Co-Leader<br />
* [mailto:sunny.wear@owasp.org Sunny Wear] - Co-Leader<br />
* Nestor Torres - Chapter Coordinator<br />
* Charlie Marval - Chapter Coordinator<br />
<br />
The Tampa chapter is sponsored by:<br />
We are looking for sponsors!<br />
<br />
Join the OWASP Tampa LinkedIn group [https://www.linkedin.com/groups/2897535/profile here]. <br />
<br />
Join the OWASP Tampa Facebook group [https://www.facebook.com/owasptampa/ here].<br />
<br />
A reminder that CISSPs can earn 1 CPE credit for every hour of attendance at OWASP meetings.<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-tampa|emailarchives=http://lists.owasp.org/pipermail/owasp-tampa}}<br />
<br />
== Next Meeting ==<br />
<br />
Date:<br />
<br />
* Friday, September 21, 2018 <br />
<br />
Time:<br />
<br />
* 8:00am - 3:00pm (All Day Event!!)<br />
<br />
Description:<br />
<br />
* OWASP Tampa Day 2018<br />
<br />
Tickets:<br />
<br />
* [https://www.eventbrite.com/e/owasp-tampa-day-2018-tickets-47283873338 https://owasp-tampa-Q2-18.eventbrite.com]<br />
<br />
== Presentations ==<br />
<br />
SPEAKERS: Matt Rose, Director Application Security Strategy, Checkmarx<br />
<br />
TOPIC: Putting the Sec in DevOps - Checkmarx<br />
<br />
BIO:<br />
<br />
Matt has over 18 years of software development, sales engineering management and consulting experience. During this time, Matt has helped some of the largest organizations in the world in a variety of industries, regions, and technical environments implement secure software development life cycles utilizing static analysis. Matt's extensive background in application security, object-oriented programming, multi-tier architecture design/implementation, and internet/intranet development has been key to many speaking engagements for organizations like OWASP, ISSA, and ISACA.<br />
<br />
== Meeting Location ==<br />
<br />
Location:<br />
<br />
WellCare<br />
<br />
8745 Henderson Road<br />
<br />
Tampa, FL 33634<br />
<br />
== Presentation Archives ==<br />
<br />
2016-Q4 - Mark Villinski, Kaspersky - Unlock the Key to Repel Ransomware, Major General Oleg D. Kalugin, Formerly with KGB and author of "Spymaster", John Ford- Defend Trade Secrets Act of 2016, Steve Obeck, Tanium- Security Hygiene, Jeremy Rasmussen, Cybersecurity Director of Abacode - “Incident Response and Investigations: Tales from the Trenches”<br />
<br />
2016-Q3 - Red Team Operating in a modern environment - Jonathan Echavarria - Presentation Slides [https://www.owasp.org/images/4/4b/Red_Team_Operating_in_a_Modern_Environment.pdf here]<br />
<br />
2016-Q2 - OpenSAMM Software Assurance Maturity Model - Eoin Fitzpatrick - Presentation Slides [https://www.owasp.org/images/b/bd/OpenSAMM_Overview.pdf here]<br />
<br />
2016-Q1 - AppSec Pipeline: Application Security in a world of Agile Development, Continuous Change and DevOps - Doug Morato - Presentation Slides [https://www.owasp.org/images/e/ef/OWASP_Tampa_-_02_19_2016_-_AppSec_Pipeline.pdf here]<br />
<br />
2015-Q4 - Care & Feeding of Programmers-Addressing App Sec Gaps with Headers - Sunny Wear - Presentation Slides [https://www.owasp.org/images/d/d3/Care_%26_Feeding_of_Programmers_-Addressing_App_Sec_Gaps_with_Headers.pdf here]<br />
<br />
2015-Q4 - Secure Session Management - Brian Beaudry - Presentation Slides [http://www.slideshare.net/gpsec/secure-session-management here]<br />
<br />
OWASP Tampa Day 2014 - Shadow IT Does Not Have To Be Shady - Scott VanWart - Presentation Slides [https://www.owasp.org/images/b/b8/OTD_2014_-_Shadow-IT-Shady-FINAL.pdf here]<br />
<br />
OWASP Tampa Day 2014 - Offensive Mobile Forensics - Joey Peloquin - Presentation Slides [https://www.owasp.org/images/0/06/OTD_2014_-_OMF_GPS.pdf here]<br />
<br />
OWASP Tampa Day 2014 - OWASP Top 10 for MVC 4 and Greater - James Davis - Presentation Slides [https://www.owasp.org/images/c/cb/OTD_2014_-_OWASPTop10forMVC.pdf here]<br />
<br />
OWASP Tampa Day 2014 - Application Centric Mobile Application Security Model - Daniel Bender - Presentation Slides [https://www.owasp.org/images/4/42/OTD_2014_-_owasp-mobile.pdf here]<br />
<br />
OWASP Tampa Day 2014 - Intern down for what? - Tony Turner - Presentation Slides [https://www.owasp.org/images/0/05/InternDown4What_edit.pdf here]<br />
<br />
2014-Q3 - Do we really know the OWASP Top 10? - Jon Singer - Presentation Slides [https://www.owasp.org/images/3/34/Do_we_really_know_the_OWASP_Top_10.pdf here]<br />
<br />
2014-Q1 - Herding Cats - Carl Brothers - Presentation Slides [https://www.owasp.org/images/f/fc/Herding_Cats_-_OWASP%2C_Tampa_3-12-2014.pdf here]<br />
<br />
2014-Q1 - The Enemy Within - Ramece Cave - Presentation Slides [https://www.owasp.org/images/c/c2/TheEnemyWithin.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Securing Your Applications' Data With Web Application Firewalls - Dennis K. Usle - Presentation Slides [https://www.owasp.org/images/b/b7/Securing_your_Applications_%26_Data_With_Web_Application_Firewalls.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Bring Your Own Service - Doug Maul - Presentation Slides [https://www.owasp.org/images/e/e2/Bring_Your_Own_Service.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Design Consideration & Guiding Principles for Implementing Cloud Security - Bill Sterns - Presentation Slides [https://www.owasp.org/images/4/47/Design_considerations_and_Guiding_Principles_for_Implementing_Cloud_Security.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Let's Get Right To The Endpoint - Mel Pless - Presentation Slides [https://www.owasp.org/images/e/e5/Let%E2%80%99s_Get_Right_To_The_Endpoint.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Vulnerability Management That Works - Tony Turner - Presentation Slides [https://www.owasp.org/images/2/2f/Vulnerability_Management_That_Works.pdf here]<br />
<br />
2012-Q3 - Taming the B.E.A.S.T. - Richard Newman - Presentation Slides [https://www.owasp.org/images/1/10/Taming_the_B.E.A.S.T..pdf here]<br />
<br />
OWASP Tampa Day 2012 - Changing the Game - Jason Kent - Presentation Slides [https://www.owasp.org/images/0/04/OWASP_Changing_the_Game_-_Jason_Kent.pdf here]<br />
<br />
OWASP Tampa Day 2012 - MDM Technical Presentation - Keith Katz - Presentation Slides [https://www.owasp.org/images/a/a4/Zenprise_Technical_Presentation_-_Keith_Katz.pdf here]<br />
<br />
OWASP Tampa Day 2012 - Federated Identities in the Real World - Nathan Sargent - Presentation Slides [https://www.owasp.org/images/7/78/Federated_Identities_in_the_Real_World_-_Nathan_Sargent.pdf here]<br />
<br />
OWASP Tampa Day 2012 - Define and Optimize Your Approach to Application Security - Bruce Jenkins - Presentation Slides [https://www.owasp.org/images/8/8a/Define_and_Optimize_Your_Approach_to_Application_Security_-_Bruce_Jenkins.pdf here]<br />
<br />
OWASP Tampa Day 2012 - Anonymous: Lessons Learned - Bill Church - Presentation Slides [https://www.owasp.org/images/a/a1/Anonymous_-_Lessons_Learned_-_Bill_Church.pdf here]<br />
<br />
2012-Q1 - Protecting Against SQLi in Real-Time - Stuart Hancock - Presentation Slides [https://www.owasp.org/index.php/File:DBN-OWASP_Presentation.pdf here]<br />
<br />
2011-Q4 - How Not to Build Android Apps - Jack Mannino - Presentation Slides [https://www.owasp.org/images/8/86/HowNotToBuildAndroidApps2.pdf here]<br />
<br />
2011-Q4 - Behind Enemy Lines: Practical & Triage Approaches to Mobile Security Abroad - Justin Morehouse - Presentation Slides [http://www.slideshare.net/mascasa/behind-enemy-lines-practical-triage-approaches-to-mobile-security-abroad here] <br />
<br />
2011-Q3 - Hiding in Plain Sight - Ramece Cave - Presentation Slides [https://www.owasp.org/images/2/28/Hiding_in_Plain_Sight.pdf here] <br />
<br />
2011-Q3 - PCI Compliance 2.0 - Kate Mullin - Presentation Slides [https://www.owasp.org/images/6/67/PCI_Compliance_9_2011.pdf here] <br />
<br />
OWASP Tampa Day 2011 - PCI for Developers: Lessons from the Real World - Trevor Hawthorn - Presentation Slides [https://www.owasp.org/images/f/f7/OTD2011-TH.pdf here] <br />
<br />
OWASP Tampa Day 2011 - Top Website Vulnerabilities: Trends, Business Effects and How to Fight Them - Rinaldi Rampen - Presentation Slides [https://www.owasp.org/images/a/aa/OTD2011-RR.pdf here] <br />
<br />
OWASP Tampa Day 2011 - How to Defend the Universe from Evil-doers: A Guide for Software Developers and Security Teams - Bruce Jenkins - Presentation Slides [https://www.owasp.org/images/1/12/OTD2011-BJ.pdf here] <br />
<br />
OWASP Tampa Day 2011 - Analysis of Deadly Combination of XSS and CSRF - Sherif Koussa - Presentation Slides [https://www.owasp.org/images/8/8c/OTD2011-SK.pdf here] <br />
<br />
2011-Q1 - Real Lessons of Deploying Static Analysis in Development Groups - Jeff LoSapio - Presentation Slides [http://www.owasp.org/images/3/3b/TampaOWASP_March2011.pdf here] <br />
<br />
2011-Q1 - Intelligence Gathering for Penetration Testers: Opening Doors with Metadata - Chris Patten - Presentation Slides [http://www.owasp.org/images/a/ae/Intel_pen_owasp_Q1_2011.pdf here] <br />
<br />
2011-Q1 - Vulnerability Management in an IPv6 World - Richard Newman &amp; Brett McKinney - Presentation Slides [http://www.owasp.org/images/f/fa/Vulnerability_Scanning_in_an_IPv6_World.pdf here] <br />
<br />
2010-Q4 - Nessus Bridge for Metasploit - Zate Berg - Presentation Slides [http://www.scribd.com/doc/41173753/Nessus-Bridge-for-Metasploit here] <br />
<br />
2010-Q2 - Stealing Guests...The VMware Way - Justin Morehouse &amp; Tony Flick - Presentation slides [http://www.fyrmassociates.com/pdfs/Stealing_Guests_The_VMware_Way-ShmooCon2010.pdf here] <br />
<br />
2010-Q1 - The New World of Smartphone Security - Trevor Hawthorn - Presentation slides [http://www.stratumsec.net/sites/default/files/Stratum%20Security-The%20New%20World%20of%20Smartphone%20Security-Shmoocon%202010.pdf here] <br />
<br />
2009-Q3 - Hacking the Smart Grid - Tony Flick - Presentation slides [http://www.owasp.org/images/d/df/HackingTheSmartGrid-OWASP_Tampa.pdf here] <br />
<br />
2009-Q2 - Open SAMM - Zate Berg - Presentation slides [https://www.owasp.org/images/c/c3/Software_Assurance_Maturity_Model.pdf here] <br />
<br />
2009-Q1 - XSS Anonymous Browser - Matt Flick - Presentation slides [https://www.owasp.org/images/b/bb/BlackHat-DC-09-Flick-XAB_Slides.pdf here] <br />
<br />
2008-Q4 - Google Code Search&nbsp;: The pitfalls of Copy/Paste - Tony Flick - Presentation slides [https://www.owasp.org/images/5/5b/GoogleCodeSearch.pdf here] <br />
<br />
[[Category:OWASP_Chapter]]<br />
[[Category:United States]]<br />
[[Category:Florida]]</div>Sunny Wearhttps://wiki.owasp.org/index.php?title=Tampa&diff=242058Tampa2018-07-23T14:02:17Z<p>Sunny Wear: /* Presentations */</p>
<hr />
<div>{{Chapter Template|chaptername=Tampa|extra=Anyone in our area interested in information security is welcome to attend. Our meetings are informal and encourage open discussion of all aspects of application security. We invite attendees to give short presentations about specific topics. <br />
<br />
We have a mailing list at: https://lists.owasp.org/mailman/listinfo/owasp-tampa <br />
<br />
If you have any questions about the Tampa chapter, please send an email to the chapter leaders via the above mailing list:<br />
* [mailto:jon.singer@owasp.org Jonathan Singer]<br />
* [mailto:sunny.wear@owasp.org Sunny Wear]<br />
<br />
The Tampa chapter is sponsored by:<br />
We are looking for sponsors!<br />
<br />
Join the OWASP Tampa LinkedIn group [https://www.linkedin.com/groups/2897535/profile here]. <br />
<br />
Join the OWASP Tampa Facebook group [https://www.facebook.com/owasptampa/ here].<br />
<br />
A reminder that CISSPs can earn 1 CPE credit for every hour of attendance at OWASP meetings.<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-tampa|emailarchives=http://lists.owasp.org/pipermail/owasp-tampa}}<br />
<br />
== Next Meeting ==<br />
<br />
Date:<br />
<br />
* Friday, September 21, 2018 <br />
<br />
Time:<br />
<br />
* 8:00am - 3:00pm (All Day Event!!)<br />
<br />
Description:<br />
<br />
* OWASP Tampa Day 2018<br />
<br />
Tickets:<br />
<br />
* [https://www.eventbrite.com/e/owasp-tampa-day-2018-tickets-47283873338 https://owasp-tampa-Q2-18.eventbrite.com]<br />
<br />
== Presentations ==<br />
<br />
SPEAKERS: Matt Rose, Director Application Security Strategy, Checkmarx<br />
<br />
TOPIC: Putting the Sec in DevOps - Checkmarx<br />
<br />
BIO:<br />
<br />
Matt has over 18 years of software development, sales engineering management and consulting experience. During this time, Matt has helped some of the largest organizations in the world in a variety of industries, regions, and technical environments implement secure software development life cycles utilizing static analysis. Matt's extensive background in application security, object-oriented programming, multi-tier architecture design/implementation, and internet/intranet development has been key to many speaking engagements for organizations like OWASP, ISSA, and ISACA.<br />
<br />
== Meeting Location ==<br />
<br />
Location:<br />
<br />
WellCare<br />
<br />
8745 Henderson Road<br />
<br />
Tampa, FL 33634<br />
<br />
== Presentation Archives ==<br />
<br />
2016-Q4 - Mark Villinski, Kaspersky - Unlock the Key to Repel Ransomware, Major General Oleg D. Kalugin, Formerly with KGB and author of "Spymaster", John Ford- Defend Trade Secrets Act of 2016, Steve Obeck, Tanium- Security Hygiene, Jeremy Rasmussen, Cybersecurity Director of Abacode - “Incident Response and Investigations: Tales from the Trenches”<br />
<br />
2016-Q3 - Red Team Operating in a modern environment - Jonathan Echavarria - Presentation Slides [https://www.owasp.org/images/4/4b/Red_Team_Operating_in_a_Modern_Environment.pdf here]<br />
<br />
2016-Q2 - OpenSAMM Software Assurance Maturity Model - Eoin Fitzpatrick - Presentation Slides [https://www.owasp.org/images/b/bd/OpenSAMM_Overview.pdf here]<br />
<br />
2016-Q1 - AppSec Pipeline: Application Security in a world of Agile Development, Continuous Change and DevOps - Doug Morato - Presentation Slides [https://www.owasp.org/images/e/ef/OWASP_Tampa_-_02_19_2016_-_AppSec_Pipeline.pdf here]<br />
<br />
2015-Q4 - Care & Feeding of Programmers-Addressing App Sec Gaps with Headers - Sunny Wear - Presentation Slides [https://www.owasp.org/images/d/d3/Care_%26_Feeding_of_Programmers_-Addressing_App_Sec_Gaps_with_Headers.pdf here]<br />
<br />
2015-Q4 - Secure Session Management - Brian Beaudry - Presentation Slides [http://www.slideshare.net/gpsec/secure-session-management here]<br />
<br />
OWASP Tampa Day 2014 - Shadow IT Does Not Have To Be Shady - Scott VanWart - Presentation Slides [https://www.owasp.org/images/b/b8/OTD_2014_-_Shadow-IT-Shady-FINAL.pdf here]<br />
<br />
OWASP Tampa Day 2014 - Offensive Mobile Forensics - Joey Peloquin - Presentation Slides [https://www.owasp.org/images/0/06/OTD_2014_-_OMF_GPS.pdf here]<br />
<br />
OWASP Tampa Day 2014 - OWASP Top 10 for MVC 4 and Greater - James Davis - Presentation Slides [https://www.owasp.org/images/c/cb/OTD_2014_-_OWASPTop10forMVC.pdf here]<br />
<br />
OWASP Tampa Day 2014 - Application Centric Mobile Application Security Model - Daniel Bender - Presentation Slides [https://www.owasp.org/images/4/42/OTD_2014_-_owasp-mobile.pdf here]<br />
<br />
OWASP Tampa Day 2014 - Intern down for what? - Tony Turner - Presentation Slides [https://www.owasp.org/images/0/05/InternDown4What_edit.pdf here]<br />
<br />
2014-Q3 - Do we really know the OWASP Top 10? - Jon Singer - Presentation Slides [https://www.owasp.org/images/3/34/Do_we_really_know_the_OWASP_Top_10.pdf here]<br />
<br />
2014-Q1 - Herding Cats - Carl Brothers - Presentation Slides [https://www.owasp.org/images/f/fc/Herding_Cats_-_OWASP%2C_Tampa_3-12-2014.pdf here]<br />
<br />
2014-Q1 - The Enemy Within - Ramece Cave - Presentation Slides [https://www.owasp.org/images/c/c2/TheEnemyWithin.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Securing Your Applications' Data With Web Application Firewalls - Dennis K. Usle - Presentation Slides [https://www.owasp.org/images/b/b7/Securing_your_Applications_%26_Data_With_Web_Application_Firewalls.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Bring Your Own Service - Doug Maul - Presentation Slides [https://www.owasp.org/images/e/e2/Bring_Your_Own_Service.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Design Consideration & Guiding Principles for Implementing Cloud Security - Bill Sterns - Presentation Slides [https://www.owasp.org/images/4/47/Design_considerations_and_Guiding_Principles_for_Implementing_Cloud_Security.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Let's Get Right To The Endpoint - Mel Pless - Presentation Slides [https://www.owasp.org/images/e/e5/Let%E2%80%99s_Get_Right_To_The_Endpoint.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Vulnerability Management That Works - Tony Turner - Presentation Slides [https://www.owasp.org/images/2/2f/Vulnerability_Management_That_Works.pdf here]<br />
<br />
2012-Q3 - Taming the B.E.A.S.T. - Richard Newman - Presentation Slides [https://www.owasp.org/images/1/10/Taming_the_B.E.A.S.T..pdf here]<br />
<br />
OWASP Tampa Day 2012 - Changing the Game - Jason Kent - Presentation Slides [https://www.owasp.org/images/0/04/OWASP_Changing_the_Game_-_Jason_Kent.pdf here]<br />
<br />
OWASP Tampa Day 2012 - MDM Technical Presentation - Keith Katz - Presentation Slides [https://www.owasp.org/images/a/a4/Zenprise_Technical_Presentation_-_Keith_Katz.pdf here]<br />
<br />
OWASP Tampa Day 2012 - Federated Identities in the Real World - Nathan Sargent - Presentation Slides [https://www.owasp.org/images/7/78/Federated_Identities_in_the_Real_World_-_Nathan_Sargent.pdf here]<br />
<br />
OWASP Tampa Day 2012 - Define and Optimize Your Approach to Application Security - Bruce Jenkins - Presentation Slides [https://www.owasp.org/images/8/8a/Define_and_Optimize_Your_Approach_to_Application_Security_-_Bruce_Jenkins.pdf here]<br />
<br />
OWASP Tampa Day 2012 - Anonymous: Lessons Learned - Bill Church - Presentation Slides [https://www.owasp.org/images/a/a1/Anonymous_-_Lessons_Learned_-_Bill_Church.pdf here]<br />
<br />
2012-Q1 - Protecting Against SQLi in Real-Time - Stuart Hancock - Presentation Slides [https://www.owasp.org/index.php/File:DBN-OWASP_Presentation.pdf here]<br />
<br />
2011-Q4 - How Not to Build Android Apps - Jack Mannino - Presentation Slides [https://www.owasp.org/images/8/86/HowNotToBuildAndroidApps2.pdf here]<br />
<br />
2011-Q4 - Behind Enemy Lines: Practical & Triage Approaches to Mobile Security Abroad - Justin Morehouse - Presentation Slides [http://www.slideshare.net/mascasa/behind-enemy-lines-practical-triage-approaches-to-mobile-security-abroad here] <br />
<br />
2011-Q3 - Hiding in Plain Sight - Ramece Cave - Presentation Slides [https://www.owasp.org/images/2/28/Hiding_in_Plain_Sight.pdf here] <br />
<br />
2011-Q3 - PCI Compliance 2.0 - Kate Mullin - Presentation Slides [https://www.owasp.org/images/6/67/PCI_Compliance_9_2011.pdf here] <br />
<br />
OWASP Tampa Day 2011 - PCI for Developers: Lessons from the Real World - Trevor Hawthorn - Presentation Slides [https://www.owasp.org/images/f/f7/OTD2011-TH.pdf here] <br />
<br />
OWASP Tampa Day 2011 - Top Website Vulnerabilities: Trends, Business Effects and How to Fight Them - Rinaldi Rampen - Presentation Slides [https://www.owasp.org/images/a/aa/OTD2011-RR.pdf here] <br />
<br />
OWASP Tampa Day 2011 - How to Defend the Universe from Evil-doers: A Guide for Software Developers and Security Teams - Bruce Jenkins - Presentation Slides [https://www.owasp.org/images/1/12/OTD2011-BJ.pdf here] <br />
<br />
OWASP Tampa Day 2011 - Analysis of Deadly Combination of XSS and CSRF - Sherif Koussa - Presentation Slides [https://www.owasp.org/images/8/8c/OTD2011-SK.pdf here] <br />
<br />
2011-Q1 - Real Lessons of Deploying Static Analysis in Development Groups - Jeff LoSapio - Presentation Slides [http://www.owasp.org/images/3/3b/TampaOWASP_March2011.pdf here] <br />
<br />
2011-Q1 - Intelligence Gathering for Penetration Testers: Opening Doors with Metadata - Chris Patten - Presentation Slides [http://www.owasp.org/images/a/ae/Intel_pen_owasp_Q1_2011.pdf here] <br />
<br />
2011-Q1 - Vulnerability Management in an IPv6 World - Richard Newman &amp; Brett McKinney - Presentation Slides [http://www.owasp.org/images/f/fa/Vulnerability_Scanning_in_an_IPv6_World.pdf here] <br />
<br />
2010-Q4 - Nessus Bridge for Metasploit - Zate Berg - Presentation Slides [http://www.scribd.com/doc/41173753/Nessus-Bridge-for-Metasploit here] <br />
<br />
2010-Q2 - Stealing Guests...The VMware Way - Justin Morehouse &amp; Tony Flick - Presentation slides [http://www.fyrmassociates.com/pdfs/Stealing_Guests_The_VMware_Way-ShmooCon2010.pdf here] <br />
<br />
2010-Q1 - The New World of Smartphone Security - Trevor Hawthorn - Presentation slides [http://www.stratumsec.net/sites/default/files/Stratum%20Security-The%20New%20World%20of%20Smartphone%20Security-Shmoocon%202010.pdf here] <br />
<br />
2009-Q3 - Hacking the Smart Grid - Tony Flick - Presentation slides [http://www.owasp.org/images/d/df/HackingTheSmartGrid-OWASP_Tampa.pdf here] <br />
<br />
2009-Q2 - Open SAMM - Zate Berg - Presentation slides [https://www.owasp.org/images/c/c3/Software_Assurance_Maturity_Model.pdf here] <br />
<br />
2009-Q1 - XSS Anonymous Browser - Matt Flick - Presentation slides [https://www.owasp.org/images/b/bb/BlackHat-DC-09-Flick-XAB_Slides.pdf here] <br />
<br />
2008-Q4 - Google Code Search&nbsp;: The pitfalls of Copy/Paste - Tony Flick - Presentation slides [https://www.owasp.org/images/5/5b/GoogleCodeSearch.pdf here] <br />
<br />
[[Category:OWASP_Chapter]]<br />
[[Category:United States]]<br />
[[Category:Florida]]</div>Sunny Wearhttps://wiki.owasp.org/index.php?title=Tampa&diff=241929Tampa2018-07-17T10:16:18Z<p>Sunny Wear: /* Next Meeting */</p>
<hr />
<div>{{Chapter Template|chaptername=Tampa|extra=Anyone in our area interested in information security is welcome to attend. Our meetings are informal and encourage open discussion of all aspects of application security. We invite attendees to give short presentations about specific topics. <br />
<br />
We have a mailing list at: https://lists.owasp.org/mailman/listinfo/owasp-tampa <br />
<br />
If you have any questions about the Tampa chapter, please send an email to the chapter leaders via the above mailing list:<br />
* [mailto:jon.singer@owasp.org Jonathan Singer]<br />
* [mailto:sunny.wear@owasp.org Sunny Wear]<br />
<br />
The Tampa chapter is sponsored by:<br />
We are looking for sponsors!<br />
<br />
Join the OWASP Tampa LinkedIn group [https://www.linkedin.com/groups/2897535/profile here]. <br />
<br />
Join the OWASP Tampa Facebook group [https://www.facebook.com/owasptampa/ here].<br />
<br />
A reminder that CISSPs can earn 1 CPE credit for every hour of attendance at OWASP meetings.<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-tampa|emailarchives=http://lists.owasp.org/pipermail/owasp-tampa}}<br />
<br />
== Next Meeting ==<br />
<br />
Date:<br />
<br />
* Friday, September 21, 2018 <br />
<br />
Time:<br />
<br />
* 8:00am - 3:00pm (All Day Event!!)<br />
<br />
Description:<br />
<br />
* OWASP Tampa Day 2018<br />
<br />
Tickets:<br />
<br />
* [https://www.eventbrite.com/e/owasp-tampa-day-2018-tickets-47283873338 https://owasp-tampa-Q2-18.eventbrite.com]<br />
<br />
== Presentations ==<br />
<br />
SPEAKERS: Matt Rose, Director Application Security Strategy, Checkmarx<br />
<br />
TOPIC: TBD<br />
<br />
BIO:<br />
<br />
Matt has over 18 years of software development, sales engineering management and consulting experience. During this time, Matt has helped some of the largest organizations in the world in a variety of industries, regions, and technical environments implement secure software development life cycles utilizing static analysis. Matt's extensive background in application security, object-oriented programming, multi-tier architecture design/implementation, and internet/intranet development has been key to many speaking engagements for organizations like OWASP, ISSA, and ISACA.<br />
<br />
== Meeting Location ==<br />
<br />
Location:<br />
<br />
WellCare<br />
<br />
8745 Henderson Road<br />
<br />
Tampa, FL 33634<br />
<br />
== Presentation Archives ==<br />
<br />
2016-Q4 - Mark Villinski, Kaspersky - Unlock the Key to Repel Ransomware, Major General Oleg D. Kalugin, Formerly with KGB and author of "Spymaster", John Ford- Defend Trade Secrets Act of 2016, Steve Obeck, Tanium- Security Hygiene, Jeremy Rasmussen, Cybersecurity Director of Abacode - “Incident Response and Investigations: Tales from the Trenches”<br />
<br />
2016-Q3 - Red Team Operating in a modern environment - Jonathan Echavarria - Presentation Slides [https://www.owasp.org/images/4/4b/Red_Team_Operating_in_a_Modern_Environment.pdf here]<br />
<br />
2016-Q2 - OpenSAMM Software Assurance Maturity Model - Eoin Fitzpatrick - Presentation Slides [https://www.owasp.org/images/b/bd/OpenSAMM_Overview.pdf here]<br />
<br />
2016-Q1 - AppSec Pipeline: Application Security in a world of Agile Development, Continuous Change and DevOps - Doug Morato - Presentation Slides [https://www.owasp.org/images/e/ef/OWASP_Tampa_-_02_19_2016_-_AppSec_Pipeline.pdf here]<br />
<br />
2015-Q4 - Care & Feeding of Programmers-Addressing App Sec Gaps with Headers - Sunny Wear - Presentation Slides [https://www.owasp.org/images/d/d3/Care_%26_Feeding_of_Programmers_-Addressing_App_Sec_Gaps_with_Headers.pdf here]<br />
<br />
2015-Q4 - Secure Session Management - Brian Beaudry - Presentation Slides [http://www.slideshare.net/gpsec/secure-session-management here]<br />
<br />
OWASP Tampa Day 2014 - Shadow IT Does Not Have To Be Shady - Scott VanWart - Presentation Slides [https://www.owasp.org/images/b/b8/OTD_2014_-_Shadow-IT-Shady-FINAL.pdf here]<br />
<br />
OWASP Tampa Day 2014 - Offensive Mobile Forensics - Joey Peloquin - Presentation Slides [https://www.owasp.org/images/0/06/OTD_2014_-_OMF_GPS.pdf here]<br />
<br />
OWASP Tampa Day 2014 - OWASP Top 10 for MVC 4 and Greater - James Davis - Presentation Slides [https://www.owasp.org/images/c/cb/OTD_2014_-_OWASPTop10forMVC.pdf here]<br />
<br />
OWASP Tampa Day 2014 - Application Centric Mobile Application Security Model - Daniel Bender - Presentation Slides [https://www.owasp.org/images/4/42/OTD_2014_-_owasp-mobile.pdf here]<br />
<br />
OWASP Tampa Day 2014 - Intern down for what? - Tony Turner - Presentation Slides [https://www.owasp.org/images/0/05/InternDown4What_edit.pdf here]<br />
<br />
2014-Q3 - Do we really know the OWASP Top 10? - Jon Singer - Presentation Slides [https://www.owasp.org/images/3/34/Do_we_really_know_the_OWASP_Top_10.pdf here]<br />
<br />
2014-Q1 - Herding Cats - Carl Brothers - Presentation Slides [https://www.owasp.org/images/f/fc/Herding_Cats_-_OWASP%2C_Tampa_3-12-2014.pdf here]<br />
<br />
2014-Q1 - The Enemy Within - Ramece Cave - Presentation Slides [https://www.owasp.org/images/c/c2/TheEnemyWithin.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Securing Your Applications' Data With Web Application Firewalls - Dennis K. Usle - Presentation Slides [https://www.owasp.org/images/b/b7/Securing_your_Applications_%26_Data_With_Web_Application_Firewalls.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Bring Your Own Service - Doug Maul - Presentation Slides [https://www.owasp.org/images/e/e2/Bring_Your_Own_Service.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Design Consideration & Guiding Principles for Implementing Cloud Security - Bill Sterns - Presentation Slides [https://www.owasp.org/images/4/47/Design_considerations_and_Guiding_Principles_for_Implementing_Cloud_Security.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Let's Get Right To The Endpoint - Mel Pless - Presentation Slides [https://www.owasp.org/images/e/e5/Let%E2%80%99s_Get_Right_To_The_Endpoint.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Vulnerability Management That Works - Tony Turner - Presentation Slides [https://www.owasp.org/images/2/2f/Vulnerability_Management_That_Works.pdf here]<br />
<br />
2012-Q3 - Taming the B.E.A.S.T. - Richard Newman - Presentation Slides [https://www.owasp.org/images/1/10/Taming_the_B.E.A.S.T..pdf here]<br />
<br />
OWASP Tampa Day 2012 - Changing the Game - Jason Kent - Presentation Slides [https://www.owasp.org/images/0/04/OWASP_Changing_the_Game_-_Jason_Kent.pdf here]<br />
<br />
OWASP Tampa Day 2012 - MDM Technical Presentation - Keith Katz - Presentation Slides [https://www.owasp.org/images/a/a4/Zenprise_Technical_Presentation_-_Keith_Katz.pdf here]<br />
<br />
OWASP Tampa Day 2012 - Federated Identities in the Real World - Nathan Sargent - Presentation Slides [https://www.owasp.org/images/7/78/Federated_Identities_in_the_Real_World_-_Nathan_Sargent.pdf here]<br />
<br />
OWASP Tampa Day 2012 - Define and Optimize Your Approach to Application Security - Bruce Jenkins - Presentation Slides [https://www.owasp.org/images/8/8a/Define_and_Optimize_Your_Approach_to_Application_Security_-_Bruce_Jenkins.pdf here]<br />
<br />
OWASP Tampa Day 2012 - Anonymous: Lessons Learned - Bill Church - Presentation Slides [https://www.owasp.org/images/a/a1/Anonymous_-_Lessons_Learned_-_Bill_Church.pdf here]<br />
<br />
2012-Q1 - Protecting Against SQLi in Real-Time - Stuart Hancock - Presentation Slides [https://www.owasp.org/index.php/File:DBN-OWASP_Presentation.pdf here]<br />
<br />
2011-Q4 - How Not to Build Android Apps - Jack Mannino - Presentation Slides [https://www.owasp.org/images/8/86/HowNotToBuildAndroidApps2.pdf here]<br />
<br />
2011-Q4 - Behind Enemy Lines: Practical & Triage Approaches to Mobile Security Abroad - Justin Morehouse - Presentation Slides [http://www.slideshare.net/mascasa/behind-enemy-lines-practical-triage-approaches-to-mobile-security-abroad here] <br />
<br />
2011-Q3 - Hiding in Plain Sight - Ramece Cave - Presentation Slides [https://www.owasp.org/images/2/28/Hiding_in_Plain_Sight.pdf here] <br />
<br />
2011-Q3 - PCI Compliance 2.0 - Kate Mullin - Presentation Slides [https://www.owasp.org/images/6/67/PCI_Compliance_9_2011.pdf here] <br />
<br />
OWASP Tampa Day 2011 - PCI for Developers: Lessons from the Real World - Trevor Hawthorn - Presentation Slides [https://www.owasp.org/images/f/f7/OTD2011-TH.pdf here] <br />
<br />
OWASP Tampa Day 2011 - Top Website Vulnerabilities: Trends, Business Effects and How to Fight Them - Rinaldi Rampen - Presentation Slides [https://www.owasp.org/images/a/aa/OTD2011-RR.pdf here] <br />
<br />
OWASP Tampa Day 2011 - How to Defend the Universe from Evil-doers: A Guide for Software Developers and Security Teams - Bruce Jenkins - Presentation Slides [https://www.owasp.org/images/1/12/OTD2011-BJ.pdf here] <br />
<br />
OWASP Tampa Day 2011 - Analysis of Deadly Combination of XSS and CSRF - Sherif Koussa - Presentation Slides [https://www.owasp.org/images/8/8c/OTD2011-SK.pdf here] <br />
<br />
2011-Q1 - Real Lessons of Deploying Static Analysis in Development Groups - Jeff LoSapio - Presentation Slides [http://www.owasp.org/images/3/3b/TampaOWASP_March2011.pdf here] <br />
<br />
2011-Q1 - Intelligence Gathering for Penetration Testers: Opening Doors with Metadata - Chris Patten - Presentation Slides [http://www.owasp.org/images/a/ae/Intel_pen_owasp_Q1_2011.pdf here] <br />
<br />
2011-Q1 - Vulnerability Management in an IPv6 World - Richard Newman &amp; Brett McKinney - Presentation Slides [http://www.owasp.org/images/f/fa/Vulnerability_Scanning_in_an_IPv6_World.pdf here] <br />
<br />
2010-Q4 - Nessus Bridge for Metasploit - Zate Berg - Presentation Slides [http://www.scribd.com/doc/41173753/Nessus-Bridge-for-Metasploit here] <br />
<br />
2010-Q2 - Stealing Guests...The VMware Way - Justin Morehouse &amp; Tony Flick - Presentation slides [http://www.fyrmassociates.com/pdfs/Stealing_Guests_The_VMware_Way-ShmooCon2010.pdf here] <br />
<br />
2010-Q1 - The New World of Smartphone Security - Trevor Hawthorn - Presentation slides [http://www.stratumsec.net/sites/default/files/Stratum%20Security-The%20New%20World%20of%20Smartphone%20Security-Shmoocon%202010.pdf here] <br />
<br />
2009-Q3 - Hacking the Smart Grid - Tony Flick - Presentation slides [http://www.owasp.org/images/d/df/HackingTheSmartGrid-OWASP_Tampa.pdf here] <br />
<br />
2009-Q2 - Open SAMM - Zate Berg - Presentation slides [https://www.owasp.org/images/c/c3/Software_Assurance_Maturity_Model.pdf here] <br />
<br />
2009-Q1 - XSS Anonymous Browser - Matt Flick - Presentation slides [https://www.owasp.org/images/b/bb/BlackHat-DC-09-Flick-XAB_Slides.pdf here] <br />
<br />
2008-Q4 - Google Code Search&nbsp;: The pitfalls of Copy/Paste - Tony Flick - Presentation slides [https://www.owasp.org/images/5/5b/GoogleCodeSearch.pdf here] <br />
<br />
[[Category:OWASP_Chapter]]<br />
[[Category:United States]]<br />
[[Category:Florida]]</div>Sunny Wearhttps://wiki.owasp.org/index.php?title=Tampa&diff=238718Tampa2018-03-19T11:33:25Z<p>Sunny Wear: /* Next Meeting */</p>
<hr />
<div>{{Chapter Template|chaptername=Tampa|extra=Anyone in our area interested in information security is welcome to attend. Our meetings are informal and encourage open discussion of all aspects of application security. We invite attendees to give short presentations about specific topics. <br />
<br />
We have a mailing list at: https://lists.owasp.org/mailman/listinfo/owasp-tampa <br />
<br />
If you have any questions about the Tampa chapter, please send an email to the chapter leaders via the above mailing list:<br />
* [mailto:jon.singer@owasp.org Jonathan Singer]<br />
* [mailto:sunny.wear@owasp.org Sunny Wear]<br />
<br />
The Tampa chapter is sponsored by:<br />
We are looking for sponsors!<br />
<br />
Join the OWASP Tampa LinkedIn group [https://www.linkedin.com/groups/2897535/profile here]. <br />
<br />
Join the OWASP Tampa Facebook group [https://www.facebook.com/owasptampa/ here].<br />
<br />
A reminder that CISSPs can earn 1 CPE credit for every hour of attendance at OWASP meetings.<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-tampa|emailarchives=http://lists.owasp.org/pipermail/owasp-tampa}}<br />
<br />
== Next Meeting ==<br />
<br />
Date:<br />
<br />
* Friday, May 4th, 2018<br />
<br />
Time:<br />
<br />
* 11:30am - 1:00pm<br />
<br />
Description:<br />
<br />
* OWASP Tampa Q2-2018 Meeting<br />
<br />
Tickets:<br />
<br />
* <nowiki>https://owasp-tampa-Q2-18.eventbrite.com</nowiki><br />
<br />
== Presentations ==<br />
<br />
SPEAKERS:<br />
<br />
TBD<br />
<br />
Topic: TBD<br />
<br />
== Meeting Location ==<br />
<br />
Location:<br />
<br />
Concerto Cloud Services<br />
<br />
4830 W Kennedy Blvd Suite 350 33609, Tampa, FL 33609<br />
<br />
== Presentation Archives ==<br />
<br />
2016-Q4 - Mark Villinski, Kaspersky - Unlock the Key to Repel Ransomware, Major General Oleg D. Kalugin, Formerly with KGB and author of "Spymaster", John Ford- Defend Trade Secrets Act of 2016, Steve Obeck, Tanium- Security Hygiene, Jeremy Rasmussen, Cybersecurity Director of Abacode - “Incident Response and Investigations: Tales from the Trenches”<br />
<br />
2016-Q3 - Red Team Operating in a modern environment - Jonathan Echavarria - Presentation Slides [https://www.owasp.org/images/4/4b/Red_Team_Operating_in_a_Modern_Environment.pdf here]<br />
<br />
2016-Q2 - OpenSAMM Software Assurance Maturity Model - Eoin Fitzpatrick - Presentation Slides [https://www.owasp.org/images/b/bd/OpenSAMM_Overview.pdf here]<br />
<br />
2016-Q1 - AppSec Pipeline: Application Security in a world of Agile Development, Continuous Change and DevOps - Doug Morato - Presentation Slides [https://www.owasp.org/images/e/ef/OWASP_Tampa_-_02_19_2016_-_AppSec_Pipeline.pdf here]<br />
<br />
2015-Q4 - Care & Feeding of Programmers-Addressing App Sec Gaps with Headers - Sunny Wear - Presentation Slides [https://www.owasp.org/images/d/d3/Care_%26_Feeding_of_Programmers_-Addressing_App_Sec_Gaps_with_Headers.pdf here]<br />
<br />
2015-Q4 - Secure Session Management - Brian Beaudry - Presentation Slides [http://www.slideshare.net/gpsec/secure-session-management here]<br />
<br />
OWASP Tampa Day 2014 - Shadow IT Does Not Have To Be Shady - Scott VanWart - Presentation Slides [https://www.owasp.org/images/b/b8/OTD_2014_-_Shadow-IT-Shady-FINAL.pdf here]<br />
<br />
OWASP Tampa Day 2014 - Offensive Mobile Forensics - Joey Peloquin - Presentation Slides [https://www.owasp.org/images/0/06/OTD_2014_-_OMF_GPS.pdf here]<br />
<br />
OWASP Tampa Day 2014 - OWASP Top 10 for MVC 4 and Greater - James Davis - Presentation Slides [https://www.owasp.org/images/c/cb/OTD_2014_-_OWASPTop10forMVC.pdf here]<br />
<br />
OWASP Tampa Day 2014 - Application Centric Mobile Application Security Model - Daniel Bender - Presentation Slides [https://www.owasp.org/images/4/42/OTD_2014_-_owasp-mobile.pdf here]<br />
<br />
OWASP Tampa Day 2014 - Intern down for what? - Tony Turner - Presentation Slides [https://www.owasp.org/images/0/05/InternDown4What_edit.pdf here]<br />
<br />
2014-Q3 - Do we really know the OWASP Top 10? - Jon Singer - Presentation Slides [https://www.owasp.org/images/3/34/Do_we_really_know_the_OWASP_Top_10.pdf here]<br />
<br />
2014-Q1 - Herding Cats - Carl Brothers - Presentation Slides [https://www.owasp.org/images/f/fc/Herding_Cats_-_OWASP%2C_Tampa_3-12-2014.pdf here]<br />
<br />
2014-Q1 - The Enemy Within - Ramece Cave - Presentation Slides [https://www.owasp.org/images/c/c2/TheEnemyWithin.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Securing Your Applications' Data With Web Application Firewalls - Dennis K. Usle - Presentation Slides [https://www.owasp.org/images/b/b7/Securing_your_Applications_%26_Data_With_Web_Application_Firewalls.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Bring Your Own Service - Doug Maul - Presentation Slides [https://www.owasp.org/images/e/e2/Bring_Your_Own_Service.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Design Consideration & Guiding Principles for Implementing Cloud Security - Bill Sterns - Presentation Slides [https://www.owasp.org/images/4/47/Design_considerations_and_Guiding_Principles_for_Implementing_Cloud_Security.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Let's Get Right To The Endpoint - Mel Pless - Presentation Slides [https://www.owasp.org/images/e/e5/Let%E2%80%99s_Get_Right_To_The_Endpoint.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Vulnerability Management That Works - Tony Turner - Presentation Slides [https://www.owasp.org/images/2/2f/Vulnerability_Management_That_Works.pdf here]<br />
<br />
2012-Q3 - Taming the B.E.A.S.T. - Richard Newman - Presentation Slides [https://www.owasp.org/images/1/10/Taming_the_B.E.A.S.T..pdf here]<br />
<br />
OWASP Tampa Day 2012 - Changing the Game - Jason Kent - Presentation Slides [https://www.owasp.org/images/0/04/OWASP_Changing_the_Game_-_Jason_Kent.pdf here]<br />
<br />
OWASP Tampa Day 2012 - MDM Technical Presentation - Keith Katz - Presentation Slides [https://www.owasp.org/images/a/a4/Zenprise_Technical_Presentation_-_Keith_Katz.pdf here]<br />
<br />
OWASP Tampa Day 2012 - Federated Identities in the Real World - Nathan Sargent - Presentation Slides [https://www.owasp.org/images/7/78/Federated_Identities_in_the_Real_World_-_Nathan_Sargent.pdf here]<br />
<br />
OWASP Tampa Day 2012 - Define and Optimize Your Approach to Application Security - Bruce Jenkins - Presentation Slides [https://www.owasp.org/images/8/8a/Define_and_Optimize_Your_Approach_to_Application_Security_-_Bruce_Jenkins.pdf here]<br />
<br />
OWASP Tampa Day 2012 - Anonymous: Lessons Learned - Bill Church - Presentation Slides [https://www.owasp.org/images/a/a1/Anonymous_-_Lessons_Learned_-_Bill_Church.pdf here]<br />
<br />
2012-Q1 - Protecting Against SQLi in Real-Time - Stuart Hancock - Presentation Slides [https://www.owasp.org/index.php/File:DBN-OWASP_Presentation.pdf here]<br />
<br />
2011-Q4 - How Not to Build Android Apps - Jack Mannino - Presentation Slides [https://www.owasp.org/images/8/86/HowNotToBuildAndroidApps2.pdf here]<br />
<br />
2011-Q4 - Behind Enemy Lines: Practical & Triage Approaches to Mobile Security Abroad - Justin Morehouse - Presentation Slides [http://www.slideshare.net/mascasa/behind-enemy-lines-practical-triage-approaches-to-mobile-security-abroad here] <br />
<br />
2011-Q3 - Hiding in Plain Sight - Ramece Cave - Presentation Slides [https://www.owasp.org/images/2/28/Hiding_in_Plain_Sight.pdf here] <br />
<br />
2011-Q3 - PCI Compliance 2.0 - Kate Mullin - Presentation Slides [https://www.owasp.org/images/6/67/PCI_Compliance_9_2011.pdf here] <br />
<br />
OWASP Tampa Day 2011 - PCI for Developers: Lessons from the Real World - Trevor Hawthorn - Presentation Slides [https://www.owasp.org/images/f/f7/OTD2011-TH.pdf here] <br />
<br />
OWASP Tampa Day 2011 - Top Website Vulnerabilities: Trends, Business Effects and How to Fight Them - Rinaldi Rampen - Presentation Slides [https://www.owasp.org/images/a/aa/OTD2011-RR.pdf here] <br />
<br />
OWASP Tampa Day 2011 - How to Defend the Universe from Evil-doers: A Guide for Software Developers and Security Teams - Bruce Jenkins - Presentation Slides [https://www.owasp.org/images/1/12/OTD2011-BJ.pdf here] <br />
<br />
OWASP Tampa Day 2011 - Analysis of Deadly Combination of XSS and CSRF - Sherif Koussa - Presentation Slides [https://www.owasp.org/images/8/8c/OTD2011-SK.pdf here] <br />
<br />
2011-Q1 - Real Lessons of Deploying Static Analysis in Development Groups - Jeff LoSapio - Presentation Slides [http://www.owasp.org/images/3/3b/TampaOWASP_March2011.pdf here] <br />
<br />
2011-Q1 - Intelligence Gathering for Penetration Testers: Opening Doors with Metadata - Chris Patten - Presentation Slides [http://www.owasp.org/images/a/ae/Intel_pen_owasp_Q1_2011.pdf here] <br />
<br />
2011-Q1 - Vulnerability Management in an IPv6 World - Richard Newman &amp; Brett McKinney - Presentation Slides [http://www.owasp.org/images/f/fa/Vulnerability_Scanning_in_an_IPv6_World.pdf here] <br />
<br />
2010-Q4 - Nessus Bridge for Metasploit - Zate Berg - Presentation Slides [http://www.scribd.com/doc/41173753/Nessus-Bridge-for-Metasploit here] <br />
<br />
2010-Q2 - Stealing Guests...The VMware Way - Justin Morehouse &amp; Tony Flick - Presentation slides [http://www.fyrmassociates.com/pdfs/Stealing_Guests_The_VMware_Way-ShmooCon2010.pdf here] <br />
<br />
2010-Q1 - The New World of Smartphone Security - Trevor Hawthorn - Presentation slides [http://www.stratumsec.net/sites/default/files/Stratum%20Security-The%20New%20World%20of%20Smartphone%20Security-Shmoocon%202010.pdf here] <br />
<br />
2009-Q3 - Hacking the Smart Grid - Tony Flick - Presentation slides [http://www.owasp.org/images/d/df/HackingTheSmartGrid-OWASP_Tampa.pdf here] <br />
<br />
2009-Q2 - Open SAMM - Zate Berg - Presentation slides [https://www.owasp.org/images/c/c3/Software_Assurance_Maturity_Model.pdf here] <br />
<br />
2009-Q1 - XSS Anonymous Browser - Matt Flick - Presentation slides [https://www.owasp.org/images/b/bb/BlackHat-DC-09-Flick-XAB_Slides.pdf here] <br />
<br />
2008-Q4 - Google Code Search&nbsp;: The pitfalls of Copy/Paste - Tony Flick - Presentation slides [https://www.owasp.org/images/5/5b/GoogleCodeSearch.pdf here] <br />
<br />
[[Category:OWASP_Chapter]]<br />
[[Category:United States]]<br />
[[Category:Florida]]</div>Sunny Wearhttps://wiki.owasp.org/index.php?title=Tampa&diff=238163Tampa2018-02-27T11:06:41Z<p>Sunny Wear: updated for Q1 meeting</p>
<hr />
<div>{{Chapter Template|chaptername=Tampa|extra=Anyone in our area interested in information security is welcome to attend. Our meetings are informal and encourage open discussion of all aspects of application security. We invite attendees to give short presentations about specific topics. <br />
<br />
We have a mailing list at: https://lists.owasp.org/mailman/listinfo/owasp-tampa <br />
<br />
If you have any questions about the Tampa chapter, please send an email to the chapter leaders via the above mailing list:<br />
* [mailto:jon.singer@owasp.org Jonathan Singer]<br />
* [mailto:sunny.wear@owasp.org Sunny Wear]<br />
<br />
The Tampa chapter is sponsored by:<br />
We are looking for sponsors!<br />
<br />
Join the OWASP Tampa LinkedIn group [https://www.linkedin.com/groups/2897535/profile here]. <br />
<br />
Join the OWASP Tampa Facebook group [https://www.facebook.com/owasptampa/ here].<br />
<br />
A reminder that CISSPs can earn 1 CPE credit for every hour of attendance at OWASP meetings.<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-tampa|emailarchives=http://lists.owasp.org/pipermail/owasp-tampa}}<br />
<br />
== Next Meeting ==<br />
<br />
Date:<br />
<br />
* Friday, March 9th, 2018<br />
<br />
Time:<br />
<br />
* 11:30am - 1:00pm<br />
<br />
Description:<br />
<br />
* OWASP Tampa Q1-2018 Meeting<br />
<br />
Tickets:<br />
<br />
* https://www.eventbrite.com/e/owasp-tampa-chapter-q1-lunch-n-learn-tickets-42967621312<br />
<br />
== Presentations ==<br />
<br />
SPEAKERS:<br />
<br />
Doug Logan of Cyber Ninjas<br />
<br />
Topic: User Enumeration and Timing-based Attacks<br />
<br />
== Meeting Location ==<br />
<br />
Location:<br />
<br />
SecureSet<br />
<br />
[https://goo.gl/maps/Nb1pmkxS9Um 1403 E 9th Ave, Tampa, FL 33605]<br />
<br />
== Presentation Archives ==<br />
<br />
2016-Q4 - Mark Villinski, Kaspersky - Unlock the Key to Repel Ransomware, Major General Oleg D. Kalugin, Formerly with KGB and author of "Spymaster", John Ford- Defend Trade Secrets Act of 2016, Steve Obeck, Tanium- Security Hygiene, Jeremy Rasmussen, Cybersecurity Director of Abacode - “Incident Response and Investigations: Tales from the Trenches”<br />
<br />
2016-Q3 - Red Team Operating in a modern environment - Jonathan Echavarria - Presentation Slides [https://www.owasp.org/images/4/4b/Red_Team_Operating_in_a_Modern_Environment.pdf here]<br />
<br />
2016-Q2 - OpenSAMM Software Assurance Maturity Model - Eoin Fitzpatrick - Presentation Slides [https://www.owasp.org/images/b/bd/OpenSAMM_Overview.pdf here]<br />
<br />
2016-Q1 - AppSec Pipeline: Application Security in a world of Agile Development, Continuous Change and DevOps - Doug Morato - Presentation Slides [https://www.owasp.org/images/e/ef/OWASP_Tampa_-_02_19_2016_-_AppSec_Pipeline.pdf here]<br />
<br />
2015-Q4 - Care & Feeding of Programmers-Addressing App Sec Gaps with Headers - Sunny Wear - Presentation Slides [https://www.owasp.org/images/d/d3/Care_%26_Feeding_of_Programmers_-Addressing_App_Sec_Gaps_with_Headers.pdf here]<br />
<br />
2015-Q4 - Secure Session Management - Brian Beaudry - Presentation Slides [http://www.slideshare.net/gpsec/secure-session-management here]<br />
<br />
OWASP Tampa Day 2014 - Shadow IT Does Not Have To Be Shady - Scott VanWart - Presentation Slides [https://www.owasp.org/images/b/b8/OTD_2014_-_Shadow-IT-Shady-FINAL.pdf here]<br />
<br />
OWASP Tampa Day 2014 - Offensive Mobile Forensics - Joey Peloquin - Presentation Slides [https://www.owasp.org/images/0/06/OTD_2014_-_OMF_GPS.pdf here]<br />
<br />
OWASP Tampa Day 2014 - OWASP Top 10 for MVC 4 and Greater - James Davis - Presentation Slides [https://www.owasp.org/images/c/cb/OTD_2014_-_OWASPTop10forMVC.pdf here]<br />
<br />
OWASP Tampa Day 2014 - Application Centric Mobile Application Security Model - Daniel Bender - Presentation Slides [https://www.owasp.org/images/4/42/OTD_2014_-_owasp-mobile.pdf here]<br />
<br />
OWASP Tampa Day 2014 - Intern down for what? - Tony Turner - Presentation Slides [https://www.owasp.org/images/0/05/InternDown4What_edit.pdf here]<br />
<br />
2014-Q3 - Do we really know the OWASP Top 10? - Jon Singer - Presentation Slides [https://www.owasp.org/images/3/34/Do_we_really_know_the_OWASP_Top_10.pdf here]<br />
<br />
2014-Q1 - Herding Cats - Carl Brothers - Presentation Slides [https://www.owasp.org/images/f/fc/Herding_Cats_-_OWASP%2C_Tampa_3-12-2014.pdf here]<br />
<br />
2014-Q1 - The Enemy Within - Ramece Cave - Presentation Slides [https://www.owasp.org/images/c/c2/TheEnemyWithin.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Securing Your Applications' Data With Web Application Firewalls - Dennis K. Usle - Presentation Slides [https://www.owasp.org/images/b/b7/Securing_your_Applications_%26_Data_With_Web_Application_Firewalls.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Bring Your Own Service - Doug Maul - Presentation Slides [https://www.owasp.org/images/e/e2/Bring_Your_Own_Service.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Design Consideration & Guiding Principles for Implementing Cloud Security - Bill Sterns - Presentation Slides [https://www.owasp.org/images/4/47/Design_considerations_and_Guiding_Principles_for_Implementing_Cloud_Security.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Let's Get Right To The Endpoint - Mel Pless - Presentation Slides [https://www.owasp.org/images/e/e5/Let%E2%80%99s_Get_Right_To_The_Endpoint.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Vulnerability Management That Works - Tony Turner - Presentation Slides [https://www.owasp.org/images/2/2f/Vulnerability_Management_That_Works.pdf here]<br />
<br />
2012-Q3 - Taming the B.E.A.S.T. - Richard Newman - Presentation Slides [https://www.owasp.org/images/1/10/Taming_the_B.E.A.S.T..pdf here]<br />
<br />
OWASP Tampa Day 2012 - Changing the Game - Jason Kent - Presentation Slides [https://www.owasp.org/images/0/04/OWASP_Changing_the_Game_-_Jason_Kent.pdf here]<br />
<br />
OWASP Tampa Day 2012 - MDM Technical Presentation - Keith Katz - Presentation Slides [https://www.owasp.org/images/a/a4/Zenprise_Technical_Presentation_-_Keith_Katz.pdf here]<br />
<br />
OWASP Tampa Day 2012 - Federated Identities in the Real World - Nathan Sargent - Presentation Slides [https://www.owasp.org/images/7/78/Federated_Identities_in_the_Real_World_-_Nathan_Sargent.pdf here]<br />
<br />
OWASP Tampa Day 2012 - Define and Optimize Your Approach to Application Security - Bruce Jenkins - Presentation Slides [https://www.owasp.org/images/8/8a/Define_and_Optimize_Your_Approach_to_Application_Security_-_Bruce_Jenkins.pdf here]<br />
<br />
OWASP Tampa Day 2012 - Anonymous: Lessons Learned - Bill Church - Presentation Slides [https://www.owasp.org/images/a/a1/Anonymous_-_Lessons_Learned_-_Bill_Church.pdf here]<br />
<br />
2012-Q1 - Protecting Against SQLi in Real-Time - Stuart Hancock - Presentation Slides [https://www.owasp.org/index.php/File:DBN-OWASP_Presentation.pdf here]<br />
<br />
2011-Q4 - How Not to Build Android Apps - Jack Mannino - Presentation Slides [https://www.owasp.org/images/8/86/HowNotToBuildAndroidApps2.pdf here]<br />
<br />
2011-Q4 - Behind Enemy Lines: Practical & Triage Approaches to Mobile Security Abroad - Justin Morehouse - Presentation Slides [http://www.slideshare.net/mascasa/behind-enemy-lines-practical-triage-approaches-to-mobile-security-abroad here] <br />
<br />
2011-Q3 - Hiding in Plain Sight - Ramece Cave - Presentation Slides [https://www.owasp.org/images/2/28/Hiding_in_Plain_Sight.pdf here] <br />
<br />
2011-Q3 - PCI Compliance 2.0 - Kate Mullin - Presentation Slides [https://www.owasp.org/images/6/67/PCI_Compliance_9_2011.pdf here] <br />
<br />
OWASP Tampa Day 2011 - PCI for Developers: Lessons from the Real World - Trevor Hawthorn - Presentation Slides [https://www.owasp.org/images/f/f7/OTD2011-TH.pdf here] <br />
<br />
OWASP Tampa Day 2011 - Top Website Vulnerabilities: Trends, Business Effects and How to Fight Them - Rinaldi Rampen - Presentation Slides [https://www.owasp.org/images/a/aa/OTD2011-RR.pdf here] <br />
<br />
OWASP Tampa Day 2011 - How to Defend the Universe from Evil-doers: A Guide for Software Developers and Security Teams - Bruce Jenkins - Presentation Slides [https://www.owasp.org/images/1/12/OTD2011-BJ.pdf here] <br />
<br />
OWASP Tampa Day 2011 - Analysis of Deadly Combination of XSS and CSRF - Sherif Koussa - Presentation Slides [https://www.owasp.org/images/8/8c/OTD2011-SK.pdf here] <br />
<br />
2011-Q1 - Real Lessons of Deploying Static Analysis in Development Groups - Jeff LoSapio - Presentation Slides [http://www.owasp.org/images/3/3b/TampaOWASP_March2011.pdf here] <br />
<br />
2011-Q1 - Intelligence Gathering for Penetration Testers: Opening Doors with Metadata - Chris Patten - Presentation Slides [http://www.owasp.org/images/a/ae/Intel_pen_owasp_Q1_2011.pdf here] <br />
<br />
2011-Q1 - Vulnerability Management in an IPv6 World - Richard Newman &amp; Brett McKinney - Presentation Slides [http://www.owasp.org/images/f/fa/Vulnerability_Scanning_in_an_IPv6_World.pdf here] <br />
<br />
2010-Q4 - Nessus Bridge for Metasploit - Zate Berg - Presentation Slides [http://www.scribd.com/doc/41173753/Nessus-Bridge-for-Metasploit here] <br />
<br />
2010-Q2 - Stealing Guests...The VMware Way - Justin Morehouse &amp; Tony Flick - Presentation slides [http://www.fyrmassociates.com/pdfs/Stealing_Guests_The_VMware_Way-ShmooCon2010.pdf here] <br />
<br />
2010-Q1 - The New World of Smartphone Security - Trevor Hawthorn - Presentation slides [http://www.stratumsec.net/sites/default/files/Stratum%20Security-The%20New%20World%20of%20Smartphone%20Security-Shmoocon%202010.pdf here] <br />
<br />
2009-Q3 - Hacking the Smart Grid - Tony Flick - Presentation slides [http://www.owasp.org/images/d/df/HackingTheSmartGrid-OWASP_Tampa.pdf here] <br />
<br />
2009-Q2 - Open SAMM - Zate Berg - Presentation slides [https://www.owasp.org/images/c/c3/Software_Assurance_Maturity_Model.pdf here] <br />
<br />
2009-Q1 - XSS Anonymous Browser - Matt Flick - Presentation slides [https://www.owasp.org/images/b/bb/BlackHat-DC-09-Flick-XAB_Slides.pdf here] <br />
<br />
2008-Q4 - Google Code Search&nbsp;: The pitfalls of Copy/Paste - Tony Flick - Presentation slides [https://www.owasp.org/images/5/5b/GoogleCodeSearch.pdf here] <br />
<br />
[[Category:OWASP_Chapter]]<br />
[[Category:United States]]<br />
[[Category:Florida]]</div>Sunny Wearhttps://wiki.owasp.org/index.php?title=User:Sunny_Wear&diff=238162User:Sunny Wear2018-02-27T11:03:32Z<p>Sunny Wear: bio</p>
<hr />
<div>Sunny Wear is a Security Architect and Web Security Pentester for FIS, a large financial services company. She is responsible for providing secure designs and software throughout the entire lifecycle as well as performing pententration testing against web and mobile applications. Sunny has more than 20 years of hands-on software programming, architecture and security experience. She is currently working on her Doctor's degree in Cybersecurity, is a published author and has served an an instructor for many application security training courses. She regularly speaks at global conferences including Hackfest.ca, BSides Tampa and Atlantic Security Conference.</div>Sunny Wearhttps://wiki.owasp.org/index.php?title=Tampa&diff=234493Tampa2017-10-19T21:09:38Z<p>Sunny Wear: /* Next Meeting */</p>
<hr />
<div>{{Chapter Template|chaptername=Tampa|extra=Anyone in our area interested in information security is welcome to attend. Our meetings are informal and encourage open discussion of all aspects of application security. We invite attendees to give short presentations about specific topics. <br />
<br />
We have a mailing list at: https://lists.owasp.org/mailman/listinfo/owasp-tampa <br />
<br />
If you have any questions about the Tampa chapter, please send an email to the chapter leaders via the above mailing list:<br />
* [mailto:jon.singer@owasp.org Jonathan Singer]<br />
* [mailto:sunny.wear@owasp.org Sunny Wear]<br />
<br />
The Tampa chapter is sponsored by:<br />
We are looking for sponsors!<br />
<br />
Join the OWASP Tampa LinkedIn group [https://www.linkedin.com/groups/2897535/profile here]. <br />
<br />
Join the OWASP Tampa Facebook group [https://www.facebook.com/owasptampa/ here].<br />
<br />
A reminder that CISSPs can earn 1 CPE credit for every hour of attendance at OWASP meetings.<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-tampa|emailarchives=http://lists.owasp.org/pipermail/owasp-tampa}}<br />
<br />
== Next Meeting ==<br />
<br />
Date:<br />
<br />
* December 8th, 2017<br />
<br />
Time:<br />
<br />
* 11:30am - 1:00pm<br />
<br />
Description:<br />
<br />
* OWASP Tampa Q4-2017 Meeting<br />
<br />
Tickets:<br />
<br />
* https://owasp-tampa-q4-2017.eventbrite.com/<br />
<br />
== Presentations ==<br />
<br />
SPEAKERS:<br />
<br />
3 Lightning Talks on Current Events:<br />
<br />
a) Hacking the Sabbath - Jon Singer<br />
<br />
b) Equifax Hack - Sunny Wear<br />
<br />
c) WPA2 Hack - TBD<br />
<br />
== Meeting Location ==<br />
<br />
Location:<br />
<br />
SecureSet<br />
<br />
[https://goo.gl/maps/Nb1pmkxS9Um 1403 E 9th Ave, Tampa, FL 33605]<br />
<br />
== Presentation Archives ==<br />
<br />
2016-Q4 - Mark Villinski, Kaspersky - Unlock the Key to Repel Ransomware, Major General Oleg D. Kalugin, Formerly with KGB and author of "Spymaster", John Ford- Defend Trade Secrets Act of 2016, Steve Obeck, Tanium- Security Hygiene, Jeremy Rasmussen, Cybersecurity Director of Abacode - “Incident Response and Investigations: Tales from the Trenches”<br />
<br />
2016-Q3 - Red Team Operating in a modern environment - Jonathan Echavarria - Presentation Slides [https://www.owasp.org/images/4/4b/Red_Team_Operating_in_a_Modern_Environment.pdf here]<br />
<br />
2016-Q2 - OpenSAMM Software Assurance Maturity Model - Eoin Fitzpatrick - Presentation Slides [https://www.owasp.org/images/b/bd/OpenSAMM_Overview.pdf here]<br />
<br />
2016-Q1 - AppSec Pipeline: Application Security in a world of Agile Development, Continuous Change and DevOps - Doug Morato - Presentation Slides [https://www.owasp.org/images/e/ef/OWASP_Tampa_-_02_19_2016_-_AppSec_Pipeline.pdf here]<br />
<br />
2015-Q4 - Care & Feeding of Programmers-Addressing App Sec Gaps with Headers - Sunny Wear - Presentation Slides [https://www.owasp.org/images/d/d3/Care_%26_Feeding_of_Programmers_-Addressing_App_Sec_Gaps_with_Headers.pdf here]<br />
<br />
2015-Q4 - Secure Session Management - Brian Beaudry - Presentation Slides [http://www.slideshare.net/gpsec/secure-session-management here]<br />
<br />
OWASP Tampa Day 2014 - Shadow IT Does Not Have To Be Shady - Scott VanWart - Presentation Slides [https://www.owasp.org/images/b/b8/OTD_2014_-_Shadow-IT-Shady-FINAL.pdf here]<br />
<br />
OWASP Tampa Day 2014 - Offensive Mobile Forensics - Joey Peloquin - Presentation Slides [https://www.owasp.org/images/0/06/OTD_2014_-_OMF_GPS.pdf here]<br />
<br />
OWASP Tampa Day 2014 - OWASP Top 10 for MVC 4 and Greater - James Davis - Presentation Slides [https://www.owasp.org/images/c/cb/OTD_2014_-_OWASPTop10forMVC.pdf here]<br />
<br />
OWASP Tampa Day 2014 - Application Centric Mobile Application Security Model - Daniel Bender - Presentation Slides [https://www.owasp.org/images/4/42/OTD_2014_-_owasp-mobile.pdf here]<br />
<br />
OWASP Tampa Day 2014 - Intern down for what? - Tony Turner - Presentation Slides [https://www.owasp.org/images/0/05/InternDown4What_edit.pdf here]<br />
<br />
2014-Q3 - Do we really know the OWASP Top 10? - Jon Singer - Presentation Slides [https://www.owasp.org/images/3/34/Do_we_really_know_the_OWASP_Top_10.pdf here]<br />
<br />
2014-Q1 - Herding Cats - Carl Brothers - Presentation Slides [https://www.owasp.org/images/f/fc/Herding_Cats_-_OWASP%2C_Tampa_3-12-2014.pdf here]<br />
<br />
2014-Q1 - The Enemy Within - Ramece Cave - Presentation Slides [https://www.owasp.org/images/c/c2/TheEnemyWithin.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Securing Your Applications' Data With Web Application Firewalls - Dennis K. Usle - Presentation Slides [https://www.owasp.org/images/b/b7/Securing_your_Applications_%26_Data_With_Web_Application_Firewalls.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Bring Your Own Service - Doug Maul - Presentation Slides [https://www.owasp.org/images/e/e2/Bring_Your_Own_Service.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Design Consideration & Guiding Principles for Implementing Cloud Security - Bill Sterns - Presentation Slides [https://www.owasp.org/images/4/47/Design_considerations_and_Guiding_Principles_for_Implementing_Cloud_Security.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Let's Get Right To The Endpoint - Mel Pless - Presentation Slides [https://www.owasp.org/images/e/e5/Let%E2%80%99s_Get_Right_To_The_Endpoint.pdf here]<br />
<br />
OWASP Tampa Day 2013 - Vulnerability Management That Works - Tony Turner - Presentation Slides [https://www.owasp.org/images/2/2f/Vulnerability_Management_That_Works.pdf here]<br />
<br />
2012-Q3 - Taming the B.E.A.S.T. - Richard Newman - Presentation Slides [https://www.owasp.org/images/1/10/Taming_the_B.E.A.S.T..pdf here]<br />
<br />
OWASP Tampa Day 2012 - Changing the Game - Jason Kent - Presentation Slides [https://www.owasp.org/images/0/04/OWASP_Changing_the_Game_-_Jason_Kent.pdf here]<br />
<br />
OWASP Tampa Day 2012 - MDM Technical Presentation - Keith Katz - Presentation Slides [https://www.owasp.org/images/a/a4/Zenprise_Technical_Presentation_-_Keith_Katz.pdf here]<br />
<br />
OWASP Tampa Day 2012 - Federated Identities in the Real World - Nathan Sargent - Presentation Slides [https://www.owasp.org/images/7/78/Federated_Identities_in_the_Real_World_-_Nathan_Sargent.pdf here]<br />
<br />
OWASP Tampa Day 2012 - Define and Optimize Your Approach to Application Security - Bruce Jenkins - Presentation Slides [https://www.owasp.org/images/8/8a/Define_and_Optimize_Your_Approach_to_Application_Security_-_Bruce_Jenkins.pdf here]<br />
<br />
OWASP Tampa Day 2012 - Anonymous: Lessons Learned - Bill Church - Presentation Slides [https://www.owasp.org/images/a/a1/Anonymous_-_Lessons_Learned_-_Bill_Church.pdf here]<br />
<br />
2012-Q1 - Protecting Against SQLi in Real-Time - Stuart Hancock - Presentation Slides [https://www.owasp.org/index.php/File:DBN-OWASP_Presentation.pdf here]<br />
<br />
2011-Q4 - How Not to Build Android Apps - Jack Mannino - Presentation Slides [https://www.owasp.org/images/8/86/HowNotToBuildAndroidApps2.pdf here]<br />
<br />
2011-Q4 - Behind Enemy Lines: Practical & Triage Approaches to Mobile Security Abroad - Justin Morehouse - Presentation Slides [http://www.slideshare.net/mascasa/behind-enemy-lines-practical-triage-approaches-to-mobile-security-abroad here] <br />
<br />
2011-Q3 - Hiding in Plain Sight - Ramece Cave - Presentation Slides [https://www.owasp.org/images/2/28/Hiding_in_Plain_Sight.pdf here] <br />
<br />
2011-Q3 - PCI Compliance 2.0 - Kate Mullin - Presentation Slides [https://www.owasp.org/images/6/67/PCI_Compliance_9_2011.pdf here] <br />
<br />
OWASP Tampa Day 2011 - PCI for Developers: Lessons from the Real World - Trevor Hawthorn - Presentation Slides [https://www.owasp.org/images/f/f7/OTD2011-TH.pdf here] <br />
<br />
OWASP Tampa Day 2011 - Top Website Vulnerabilities: Trends, Business Effects and How to Fight Them - Rinaldi Rampen - Presentation Slides [https://www.owasp.org/images/a/aa/OTD2011-RR.pdf here] <br />
<br />
OWASP Tampa Day 2011 - How to Defend the Universe from Evil-doers: A Guide for Software Developers and Security Teams - Bruce Jenkins - Presentation Slides [https://www.owasp.org/images/1/12/OTD2011-BJ.pdf here] <br />
<br />
OWASP Tampa Day 2011 - Analysis of Deadly Combination of XSS and CSRF - Sherif Koussa - Presentation Slides [https://www.owasp.org/images/8/8c/OTD2011-SK.pdf here] <br />
<br />
2011-Q1 - Real Lessons of Deploying Static Analysis in Development Groups - Jeff LoSapio - Presentation Slides [http://www.owasp.org/images/3/3b/TampaOWASP_March2011.pdf here] <br />
<br />
2011-Q1 - Intelligence Gathering for Penetration Testers: Opening Doors with Metadata - Chris Patten - Presentation Slides [http://www.owasp.org/images/a/ae/Intel_pen_owasp_Q1_2011.pdf here] <br />
<br />
2011-Q1 - Vulnerability Management in an IPv6 World - Richard Newman &amp; Brett McKinney - Presentation Slides [http://www.owasp.org/images/f/fa/Vulnerability_Scanning_in_an_IPv6_World.pdf here] <br />
<br />
2010-Q4 - Nessus Bridge for Metasploit - Zate Berg - Presentation Slides [http://www.scribd.com/doc/41173753/Nessus-Bridge-for-Metasploit here] <br />
<br />
2010-Q2 - Stealing Guests...The VMware Way - Justin Morehouse &amp; Tony Flick - Presentation slides [http://www.fyrmassociates.com/pdfs/Stealing_Guests_The_VMware_Way-ShmooCon2010.pdf here] <br />
<br />
2010-Q1 - The New World of Smartphone Security - Trevor Hawthorn - Presentation slides [http://www.stratumsec.net/sites/default/files/Stratum%20Security-The%20New%20World%20of%20Smartphone%20Security-Shmoocon%202010.pdf here] <br />
<br />
2009-Q3 - Hacking the Smart Grid - Tony Flick - Presentation slides [http://www.owasp.org/images/d/df/HackingTheSmartGrid-OWASP_Tampa.pdf here] <br />
<br />
2009-Q2 - Open SAMM - Zate Berg - Presentation slides [https://www.owasp.org/images/c/c3/Software_Assurance_Maturity_Model.pdf here] <br />
<br />
2009-Q1 - XSS Anonymous Browser - Matt Flick - Presentation slides [https://www.owasp.org/images/b/bb/BlackHat-DC-09-Flick-XAB_Slides.pdf here] <br />
<br />
2008-Q4 - Google Code Search&nbsp;: The pitfalls of Copy/Paste - Tony Flick - Presentation slides [https://www.owasp.org/images/5/5b/GoogleCodeSearch.pdf here] <br />
<br />
[[Category:OWASP_Chapter]]<br />
[[Category:United States]]<br />
[[Category:Florida]]</div>Sunny Wear