This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

OWASP Delhi April 2016 Meeting - April 23rd, 2016

From OWASP
Jump to: navigation, search

April 2016 meet on 23rd April, 2016 (Saturday) - 10:45 AM IST

Note – OWASP Delhi chapter meets are free and open to everyone. Prior registrations are mandatory in order to be allowed to attend the meet.

For Registration/RSVP please visit - http://bit.ly/1S8wijX

Session Details/Agenda:

10:45 AM - 11:00 AM: News Bytes by Arpit Maheshwari

11:00 AM - 11:15 AM: Introduction

11:15 AM - 12:30 PM: Cloud Security & Best Practices in AWS by Ankit Giri

Abstract: - Few instances of breach in cloud (AWS)
- Account compromise via leak of AWS Keys on GitHub
- SSRF attack
- Publicly accessible S3 Bucket, folders and files
- How Jenkins (CI)can lead to disaster
- Best practices to protect AWS account from unauthorized access and usage

12:30 PM - 12:50 PM: Tea/Coffee/Networking Break

01:00 PM – 02:15 PM: Secrets of Google VRP. The bug hunter's guide to sending great bugs by Krzysztof Kotowicz, Google Security Team (Remote - Switzerland)

Abstract: Did you ever want to know how a CSRF may be more dangerous than a stack buffer overflow? Are you curious what makes a bug critical? Have you ever wondered why Google Security Bot doesn't pay for open redirects, and not every XSS is the same? During this workshop, you'll get to know the answer to those questions - and all other secrets of the Google VRP too. You'll see how Google Security Team evaluates the incoming vulnerability reports, what do we focus on, and how to make our day by sending us a great bug. Several examples of vulnerabilities sent to our VRP will be presented - both successful submissions and rejected ones. We'll talk extensively about the differences between those to help you find and report the bugs worth your time. We'll discuss various OWASP Top 10 vulnerability types and how do they relate to Google VRP rules. Come to the workshop, talk to us and learn how to become one of the top bughunters!"

02:00 PM - 2:15 PM: Feedback and Topic Discussion for Next Month

When: 23rd April, 2016 (Saturday) - 10:45 AM IST

Where: Airtel Center
Plot No 16,
Udyog Vihar Phase IV,
Gurgaon, Haryana 122001

How to Reach Venue: Auto available from IFFCO Chowk/MG Road Metro Station ( Airtel Office location is Atlas Chowk)

Nearest Metro Stations: 1. IFFCO Chowk Metro Station

2. MG Road Metro Station

3. Belvedere Towers Metro Station (Gurgaon Rapid Metro)

Google Maps - http://bit.ly/1G6eCCG

Retrieved from "https://wiki.owasp.org/index.php?title=OWASP_Delhi_April_2016_Meeting_-_April_23rd,_2016&oldid=216565"