This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Manchester"
(→Next Meeting) |
|||
Line 10: | Line 10: | ||
'''Wednesday 26th April''' at ThoughtWorks, City Tower, Manchester | '''Wednesday 26th April''' at ThoughtWorks, City Tower, Manchester | ||
− | + | This event will be hosted by [https://www.thoughtworks.com/ ThoughtWorks] at their newly refurbished City Tower offices right in the heart of the city. ThoughtWorks will also be providing the pizza; beer sponsors will be announced shortly (or else we're all going thirsty!) | |
− | + | Confirmed Speakers: | |
− | A full schedule for the event will be posted here shortly. | + | '''Alex Haynes - I found a Vulnerability!''' |
+ | |||
+ | The talk will cover vulnerability disclosure and the pitfalls to avoid both as a security researcher and as a company exposed to vulnerabilities. We'll also cover different types of disclosure programs like Bugcrowd and Hackerone, and the advantages and disadvantages of each. The Grey market will get a brief look and of course we'll talk about vulnerabilities. Lots and lots of vulnerabilities. | ||
+ | |||
+ | '''Tim Fletcher - Distributed Policy Enforcement with OpenSSH Certificates''' | ||
+ | |||
+ | OpenSSH is installed on nearly every virtual machine, physical server and many IoT devices. OpenSSH is a critical systems administration tool used to manage everything from the server in the shed to continent spanning collections of systems. | ||
+ | |||
+ | Logging in to OpenSSH quickly and security is normally done with keys, sometimes using strong passwords and hardware key storage all too often left lying about on laptops. | ||
+ | |||
+ | Managing the list of keys and permissions for an organisation of more than a handful of people rapidly gets challenging, tracking who has used which key to do what even more so. | ||
+ | |||
+ | Using the CA feature of OpenSSH it is possible to remove all this complexity, and leverage OpenSSH to enforce your central policies and provide you with strong audit trails. | ||
+ | |||
+ | The talk will cover the technical aspects of what can be done with SSH certificates and the implementation for SSH certificates for an IoT focused business. The management server the business uses will be released shortly before the talk as an OSS project during the FLOSSUK Conference in March. | ||
+ | |||
+ | A full schedule for the event and a link for tickets will be posted here shortly. | ||
+ | |||
+ | |||
+ | |||
+ | We're interested in hearing from anyone who may be willing/able to talk, host or sponsor future OWASP Manchester events. If you think you can help please let one of the [[Manchester#Chapter_Leaders|Chapter Leaders]] know. | ||
= Upcoming Events = | = Upcoming Events = |
Revision as of 20:46, 5 February 2017
OWASP Manchester
Welcome to the Manchester chapter homepage. This UK chapter was started in 2011, having grown out of the successful Leeds_UK chapter.
You can follow @OwaspMcr on Twitter and view some of the chapter meeting videos on YouTube.
Participation
OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.
Sponsorship/Membership
to this chapter or become a local chapter supporter. Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member?
Wednesday 26th April at ThoughtWorks, City Tower, Manchester
This event will be hosted by ThoughtWorks at their newly refurbished City Tower offices right in the heart of the city. ThoughtWorks will also be providing the pizza; beer sponsors will be announced shortly (or else we're all going thirsty!)
Confirmed Speakers:
Alex Haynes - I found a Vulnerability!
The talk will cover vulnerability disclosure and the pitfalls to avoid both as a security researcher and as a company exposed to vulnerabilities. We'll also cover different types of disclosure programs like Bugcrowd and Hackerone, and the advantages and disadvantages of each. The Grey market will get a brief look and of course we'll talk about vulnerabilities. Lots and lots of vulnerabilities.
Tim Fletcher - Distributed Policy Enforcement with OpenSSH Certificates
OpenSSH is installed on nearly every virtual machine, physical server and many IoT devices. OpenSSH is a critical systems administration tool used to manage everything from the server in the shed to continent spanning collections of systems.
Logging in to OpenSSH quickly and security is normally done with keys, sometimes using strong passwords and hardware key storage all too often left lying about on laptops.
Managing the list of keys and permissions for an organisation of more than a handful of people rapidly gets challenging, tracking who has used which key to do what even more so.
Using the CA feature of OpenSSH it is possible to remove all this complexity, and leverage OpenSSH to enforce your central policies and provide you with strong audit trails.
The talk will cover the technical aspects of what can be done with SSH certificates and the implementation for SSH certificates for an IoT focused business. The management server the business uses will be released shortly before the talk as an OSS project during the FLOSSUK Conference in March.
A full schedule for the event and a link for tickets will be posted here shortly.
We're interested in hearing from anyone who may be willing/able to talk, host or sponsor future OWASP Manchester events. If you think you can help please let one of the Chapter Leaders know.
Mid/Late Summer 2017
The next event will be in July or August - watch this space for further details.
2016 Dates
2015 Dates
2014 Dates
2013 Dates
2012 Dates
2011 Dates
24th August As part of the Leeds Chapter
22nd June As part of the Leeds Chapter
2010 Dates
8th December As part of the Leeds Chapter
The chapter leaders are:
- Simon Ward
- Andy Hornsby-Jones
- Dominic Chell
- Daniel Pollard
- Nikola Milosevic
- Stuart Walker
- Joe Carter
We are actively seeking more chapter leaders - please get in touch if you would like to become one!
We are looking for organizations to sponsor the Manchester chapter.
You can sponsor the chapter for one year at the following levels:
- £300 Silver
- £600 Gold
- £1200 Platinum
You can also sponsor a meeting by hosting the event or donating £100.
If you are interested in sponsoring the chapter then please get in touch with one of the chapter leaders.
Other related organizations in the Manchester area:
- BCS Manchester
- GeekUp
- MadLab
- Manchester Free Software
- Manchester Linux Users Group
- Northern UK Security Group
- North West Tester Gathering
- Security BSides Manchester
Please get in touch with one of the chapter leaders to get your organization listed here.
And feel free to use the Manchester mailing list to publicise related events.