OWASP NL Monthly Meetup - Revision history

Joren: /* Upcoming Meetups */ June 18, 2019 added

2019-06-03T17:09:56Z

‎Upcoming Meetups: June 18, 2019 added

Knoblochmartin: added slides Jack - january 17th

2019-01-28T11:50:17Z

added slides Jack - january 17th

Knoblochmartin: added links to recordings January 17th

2019-01-28T11:36:30Z

added links to recordings January 17th

Knoblochmartin: beautified

2019-01-02T14:37:13Z

beautified

Knoblochmartin: added meetup january 17 2019

2019-01-02T14:18:55Z

added meetup january 17 2019

Knoblochmartin: fixed correct file riccardo

2018-10-04T12:01:13Z

fixed correct file riccardo

Knoblochmartin: fixed mix up presentation links

2018-10-04T11:16:49Z

fixed mix up presentation links

Knoblochmartin: added recoding and slides

2018-10-04T10:10:41Z

added recoding and slides

Knoblochmartin: updated 2nd talk

2018-09-12T08:11:35Z

updated 2nd talk

Joren: /* September 27, 2018 */ Information added

2018-09-07T18:32:45Z

‎September 27, 2018: Information added

@@ Line 7: / Line 7: @@
 Dates / Locations:
 =Upcoming Meetups=
 =Past Meetups=

← Older revision		Revision as of 11:50, 28 January 2019
Line 32:		Line 32:

	The goal of this presentation is to arm software developers and security architects with reference architecture guidance that can be used in any cloud native environment. The topics we’ll cover include multi-tenancy considerations, authentication, authorization, encryption, and more. We will focus on newer cloud native architecture patterns as well as some classic software design patterns that are still applicable. At the end of this presentation, you’ll have a greater understanding of cloud native security design at an architectural level and you’ll be eager to begin white-boarding your ideas.		The goal of this presentation is to arm software developers and security architects with reference architecture guidance that can be used in any cloud native environment. The topics we’ll cover include multi-tenancy considerations, authentication, authorization, encryption, and more. We will focus on newer cloud native architecture patterns as well as some classic software design patterns that are still applicable. At the end of this presentation, you’ll have a greater understanding of cloud native security design at an architectural level and you’ll be eager to begin white-boarding your ideas.
		+	:[[Media:OWASP Netherlands - Running at Light Speed - 20190117.pdf \| Download the presentation as PDF]]
	:[https://www.youtube.com/watch?v=EWHi8KgOZpw&authuser=1 Link to the recording]		:[https://www.youtube.com/watch?v=EWHi8KgOZpw&authuser=1 Link to the recording]

@@ Line 7: / Line 7: @@
 Dates / Locations:
 =Upcoming Meetups=
 == January 17, 2019==
 https://www.meetup.com/OWASP-Chapter-Netherlands-Meetup/events/257707239/
@@ Line 23: / Line 25: @@
 '''Machine Learning vs. Cryptocoin Miners:''' <br/>
 With the advent of cryptocurrencies as a prevalent economic entity, attackers have begun turning compromised boxes and environments into cash via cryptocoin mining. This has given rise for the necessity to detect compromised environments by analyzing network traffic logs for evidence of cryptocoin miners operating within a given network. In this talk, I'll be reviewing various ML and statistical analysis techniques leveraged against VPC Flow Logs for this very purpose. It will not be a deep dive of the math involved, but instead a general discussion of these techniques and why I chose them.
 '''Running at Light Speed: Cloud Native Security Patterns'''<br/>
@@ Line 28: / Line 32: @@
 The goal of this presentation is to arm software developers and security architects with reference architecture guidance that can be used in any cloud native environment. The topics we’ll cover include multi-tenancy considerations, authentication, authorization, encryption, and more. We will focus on newer cloud native architecture patterns as well as some classic software design patterns that are still applicable. At the end of this presentation, you’ll have a greater understanding of cloud native security design at an architectural level and you’ll be eager to begin white-boarding your ideas.
 Speakers info:
@@ Line 33: / Line 38: @@
 Jack Mannino is the CEO of nVisium. Passionate about security and impossible to keep away from a keyboard, his expertise spans over 15 years of building, breaking, and securing software. Jack founded nVisium in 2009, and since then has helped the world's largest software teams enhance security across their software portfolios. He has spoken at conferences globally on topics such as secure design, mobile application security, and cloud-native security.
 ==September 27, 2018==
 https://www.meetup.com/OWASP-Chapter-Netherlands-Meetup/events/250034921/

@@ Line 10: / Line 10: @@
 https://www.meetup.com/OWASP-Chapter-Netherlands-Meetup/events/257707239/
-:30 - 19:00 Dinner
+:18:30 - 19:00 Dinner
-:00 - 19:15 Welcome, OWASP update
+:19:00 - 19:15 Welcome, OWASP update
-:15 - 20:00   Machine Learning vs. Cryptocoin Miners by Jonn Callahan
+:19:15 - 20:00   Machine Learning vs. Cryptocoin Miners by Jonn Callahan
-:00 - 2-:15: Break
+:20:00 - 2-:15: Break
-:15 - 21:00 Running at Light Speed: Cloud Native Security Patterns by Jack Mannino
+:20:15 - 21:00 Running at Light Speed: Cloud Native Security Patterns by Jack Mannino
-:00 - Closing
+:21:00 - Closing
-Machine Learning vs. Cryptocoin Miners:
+; Xebia
 With the advent of cryptocurrencies as a prevalent economic entity, attackers have begun turning compromised boxes and environments into cash via cryptocoin mining. This has given rise for the necessity to detect compromised environments by analyzing network traffic logs for evidence of cryptocoin miners operating within a given network. In this talk, I'll be reviewing various ML and statistical analysis techniques leveraged against VPC Flow Logs for this very purpose. It will not be a deep dive of the math involved, but instead a general discussion of these techniques and why I chose them.
-Running at Light Speed: Cloud Native Security Patterns
+'''Running at Light Speed: Cloud Native Security Patterns'''<br/>
 No matter how fast you ship software, a good design is critical to security. Cloud native systems are no exception. Containerized microservices running on distributed management and orchestration platforms, bring new challenges to address as well as classic software problems that we’ve been dealing with for years. Secure software design patterns can be used to model security controls at different trust boundaries within your architecture, providing security in a repeatable and consumable way. Using patterns such as the Service Mesh or Ambassador pattern lets us focus on proper security control placement and lifting security outside of the core services we’ve traditionally bolted security onto later.

@@ Line 7: / Line 7: @@
 Dates / Locations:
 =Upcoming Meetups=
 ==September 27, 2018==
 https://www.meetup.com/OWASP-Chapter-Netherlands-Meetup/events/250034921/
@@ Line 52: / Line 75: @@
 coding languages. Riccardo also has expertise on implementing security test automation in CI/CD pipelines and is a project leader of the OWASP Security knowledge framework.
 ==June 28, 2018==
 https://www.meetup.com/OWASP-Chapter-Netherlands-Meetup/events/250034898/

@@ Line 13: / Line 13: @@
 :19:00 - 19:15 Welcome, OWASP update
 :19:15 - 20:00 Serverless Security – Functions-as-a-Service (FaaS) by Niels Tanis - [https://youtu.be/c5ZHPc_yG4g Video] - [[Media:OWASP-meetup 20180927 - WhenServerlessMetSecurity - Niels Tanis.pdf | PDF]]
-:20:15 - 21:00 Building a security test automation framework by Riccardo ten Cate - [https://youtu.be/xWe816PXll4 Video] - [[Media: OWASP-meetup 20180927 -Building a security test automation framework - Riccardo ten Cate.pdf | PDF]]
+:20:15 - 21:00 Building a security test automation framework by Riccardo ten Cate - [https://youtu.be/xWe816PXll4 Video] - [[Media: OWASP-meetup 20180927 - Building a security test automation framework - Riccardo ten Cate.pdf | PDF]]
 :21:00 - Closing