This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Scotland"
(Added additional speaker for May event) (Tag: Visual edit) |
(Moved May event into the Past Events section.) (Tag: Visual edit) |
||
Line 7: | Line 7: | ||
== Upcoming Events == | == Upcoming Events == | ||
+ | |||
+ | Signup to the chapter mailing list to be informed of upcoming events. | ||
+ | |||
+ | == Past Events == | ||
=== Thursday, 18 May 2017 === | === Thursday, 18 May 2017 === | ||
Line 38: | Line 42: | ||
TLS along with PKI often seems to be some sort of black magic which is supposed to make you secure. This talk will attempt to help explain the key parts of TLS breaking it down to be easy to understand. This talk will also cover common mistakes which are made when implementing TLS. | TLS along with PKI often seems to be some sort of black magic which is supposed to make you secure. This talk will attempt to help explain the key parts of TLS breaking it down to be easy to understand. This talk will also cover common mistakes which are made when implementing TLS. | ||
− | |||
− | |||
=== Friday, 3 March 2017 === | === Friday, 3 March 2017 === |
Revision as of 21:16, 19 May 2017
OWASP Scotland
Welcome to the Scotland chapter homepage. The chapter leaders are Sean Wright and Rob Jansson.
Participation
OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.
Sponsorship/Membership
to this chapter or become a local chapter supporter. Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member?
Local News
Best way to keep up to date with meet-ups and the like is subscribe to the mailing list (Link above)
Upcoming Events
Signup to the chapter mailing list to be informed of upcoming events.
Past Events
Thursday, 18 May 2017
Good news! Edinburgh University is kindly providing us with meeting space for the next OWASP Scotland chapter meeting. We have an excellent talk lined up by Boglarka on MFA and a second speaker should be confirmed in the near future. If you are attending please register so we can keep an eye on the numbers.
Time: 18:30
Location: Ground floor main lecture room,
Informatics Forum,
10 CrichtonStreet,
Edinburgh,
EH8 9AB
To attend, please register here for the event:https://owasp-scotland-chapter-meeting-may-2017-tickets.eventbrite.co.uk
Twice the pride, double the fall – why 2FA / MFA isn’t the cure we all thought it was.
Speaker: Boglarka Ronto
The security industry has been preaching the mantra of MFA for almost a decade. Indeed, many implementations have surfaced, some better than others, with all of these intending to add to the level of security of an existing solution (i.e. external logon interface).
The trust in such services appears to be unquestioned: companies are looking for cheap, simple and easily manageable solutions and rarely consider the actual level of security associated with the product of their choice.
This talk discusses ways of testing MFA solutions and includes a few case studies of broken and poor MFA implementations, including one which allowed SMS validation to be bypassed completely at an application level (no physical proximity or cloned phones required).
TLS Demystified
Speaker: Sean Wright
TLS along with PKI often seems to be some sort of black magic which is supposed to make you secure. This talk will attempt to help explain the key parts of TLS breaking it down to be easy to understand. This talk will also cover common mistakes which are made when implementing TLS.
Friday, 3 March 2017
Virtual event kicking off the year for the Scotland chapter.
Time: 12:00
Event Signup: https://www.eventbrite.co.uk/e/owasp-scotland-chapter-meeting-march-2017-tickets-32070062420
The following talks will be given:
Penetration testing: a beginners paradise.
Ever wondered how to go from getting a certificate in penetration testing, or some tinkering in your spare time actually doing it as a full time job? Come and get answers as Andrew Scott (Head of Security Testing for an international bank) spills the beans. How did he get into testing, what other ways in are there? How do you sell yourself to prospective employers and make sure you are ready to do what they want to pay you for, not just what you want to do.
CSRF - Imitation is The Best Form of Flattery
Despite appearing at number 8 in the OWASP Top 10 list (2013 version), CSRF vulnerabilities are still prevalent in a multitude of applications. What is CSRF? And why is this the case? What can be done to mitigate it? Sean Wright (Lead Security Engineer at security MSP) will give you the details to those very questions and more.
Sponsors
The OWASP Scotland chapter now has a sponsor which is Sopra Group