This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Switzerland"
Schattenbaum (talk | contribs) (Tag: Visual edit) |
Schattenbaum (talk | contribs) (Tag: Visual edit) |
||
| Line 29: | Line 29: | ||
[https://netnea.com Christian Folini] is a partner at netnea AG in Berne, Switzerland. He holds a PhD in medieval history and enjoys defending castles across Europe. Unfortunately, defending medieval castles is no big business anymore and Christian turned to defending web servers which he thinks equally challenging. With his background in humanities, Christian is able to bridge the gap between techies and non-techies. He brings more than ten years experience in this role, specialising in Apache / ModSecurity configuration, DDoS defense and threat modeling. | [https://netnea.com Christian Folini] is a partner at netnea AG in Berne, Switzerland. He holds a PhD in medieval history and enjoys defending castles across Europe. Unfortunately, defending medieval castles is no big business anymore and Christian turned to defending web servers which he thinks equally challenging. With his background in humanities, Christian is able to bridge the gap between techies and non-techies. He brings more than ten years experience in this role, specialising in Apache / ModSecurity configuration, DDoS defense and threat modeling. | ||
| − | Christian is a frequent committer to the OWASP ModSecurity Core Rules project, vice president of Swiss Cyber Experts (a public private partnership), program chair of the Swiss | + | Christian is a frequent committer to the OWASP ModSecurity Core Rules project, vice president of Swiss Cyber Experts (a public private partnership), program chair of the Swiss Cyber Storm conference and many other things. |
=== When === | === When === | ||
Revision as of 19:07, 17 July 2017
Welcome to the Home Page of the OWASP Switzerland Chapter.
- The chapter leader is Sven Vetsch supported by Robert Schneider and Antonio Fontes. Please contact us with any questions regarding the chapter.
- Please join us on Meetup and/or subscribe to our (low-traffic) mailing list for meeting announcements and other news related to OWASP in Switzerland.
If you're living in the French speaking part of Switzerland, please also visit the OWASP Geneva chapter for more information.
We'd like to invite you to our next OWASP Switzerland meeting. If you want to attend, please make sure to register for the event through the Meetup registration. Seats are limited.
Introducing the OWASP ModSecurity Core Rule Set 3.0
Topic
The CRS is a set of generic attack detection rules for use with ModSecurity or compatible web application firewalls that saw a new major release in November 2016 (3.0 -> CRS3). CRS is the 1st line of defense against web application attacks like those summarized in the OWASP Top Ten and all with a minimum of false alerts.
This talk demonstrates the installation of the rule set and introduces the most important groups of rules. It covers key concepts like anomaly scoring and thresholds, paranoia levels, stricter siblings and the sampling mode. The important handling of false positives is also covered as well as pre-defined lists of rule exclusions for popular web applications helping to avoid false positives.
Speaker
Christian Folini is a partner at netnea AG in Berne, Switzerland. He holds a PhD in medieval history and enjoys defending castles across Europe. Unfortunately, defending medieval castles is no big business anymore and Christian turned to defending web servers which he thinks equally challenging. With his background in humanities, Christian is able to bridge the gap between techies and non-techies. He brings more than ten years experience in this role, specialising in Apache / ModSecurity configuration, DDoS defense and threat modeling.
Christian is a frequent committer to the OWASP ModSecurity Core Rules project, vice president of Swiss Cyber Experts (a public private partnership), program chair of the Swiss Cyber Storm conference and many other things.
When
Wednesday, August 16th 2017
Where
Tbd: but in Zürich ;)
Agenda
17:30 - Doors will open
18:00 - Welcome and short introduction
18:20 - Talk and Q&A
19:30 - Dinner
Who
As usual, all of our meetings are open to everyone and free of charge.
Afterwards
If you still would like to grab a bite afterwards, simply stay a little longer after the meeting and we will form up a group of hungry and discussion-friendly people. ;)
To make sure you are not going to miss any of our upcoming events, please join us on us on Meetup and/or subscribe to our (low-traffic) mailing list.
Monday, October 16th 2017 - DevOps
| Date | Info | Speaker | Host | Slides | Event | Topic |
|---|---|---|---|---|---|---|
| 2016-10-04 |  |
 |
 |
 |
Chapter Meeting | Bug Bounty programs in Switzerland? |
| 2016-06-07 | |
|
|
|
Chapter Meeting | XSSI - The Tale of a Fameless but Widespread Vulnerability |
| 2015-12-15 | |
|
|
|
Chapter Meeting | Top X OAuth 2 Hacks Reliable log data transfer: about syslog, logstash and log data signing |
| 2015-10-14 | |
|
|
|
Chapter Meeting | Application Security Testing by Static Code Analysis |
| 2015-08-19 | |
|
|
Chapter Meeting | BarCamp | |
| 2015-06-17 | |
|
|
|
Chapter Meeting | XSLT Processing Security and Server Side Request Forgeries |
| 2015-04-15 | |
|
|
|
Chapter Meeting | Android apps in sheep's clothing |
| 2015-02-18 | |
|
|
|
Chapter Meeting | Abusing JSONP with Rosetta Flash |
| 2014-12-10 | |
|
|
Chapter Meeting | OWASP Switzerland Fondue | |
| 2014-11-12 | |
|
|
|
Chapter Meeting | Living on the Edge - Advanced ModSecurity to Save Your Ass |
| 2014-08-20 | |
|
|
|
Chapter Meeting | (Client-Side) Flash Security |
| 2014-06-17 | |
|
|
|
Chapter Meeting | XSS and beyond |
| 2014-04-09 | |
|
|
|
Chapter Meeting | SSL/TLS jungle - bringing light into the cipher forest |
| 2014-02-19 | |
|
|
|
Chapter Meeting | S-SDLC – Ready for the Cloud? |
| 2013-12-17 | |
|
|
Chapter Meeting | Annual Review & Outlook | |
| 2013-10-22 | |
|
|
|
Chapter Meeting | Advances in secure (ASP).NET development – Break the hacker's spirit |
| 2013-10-22 | |
|
|
|
Chapter Meeting | Node.js Security |
| 2013-04-09 | |
|
|
Chapter Meeting | Tools (not) to use | |
| 2012-09-19 | |
|
|
Security-Zone | OWASP Top 10 Mobile Risks | |
| 2012-06-12 | |
|
|
Chapter Meeting | Reversing Android Apps | |
| 2012-02-14 | |
|
|
Chapter Meeting | Analysis of the RSA Security Breach | |
| 2011-12-13 | |
|
|
Chapter Meeting | AppSec - Why is it important | |
| 2011-12-13 | |
|
|
Chapter Meeting | Dangers of Firefox Add-On's | |
| 2011-10-11 | |
|
|
Chapter Meeting | Presentation of the OWASP Top 10 & a hands-on session | |
| 2011-08-09 | |
|
|
Chapter Meeting | Foundation of OWASP Switzerland Association | |
| 2011-06-14 | |
|
|
|
Chapter Meeting | Automatic CRL updates for the Apache Web server |
| 2011-06-14 | |
|
|
|
Chapter Meeting | New Standards and upcoming Technologies in Browser Security (Slides by Tobias Gondrom) |
| 2011-05-12 | |
|
|
Swiss Cyber Storm III | Do you know OWASP? | |
| 2011-04-12 | |
|
|
|
Chapter Meeting | ASP.NET & ViewState Security |
| 2010-04-12 | |
|
|
Chapter Meeting | Usability vs. Security | |
| 2010-04-12 | |
|
|
Chapter Meeting | 2-factor authentication for mobile devices: a secure and practical approach | |
| 2009-06-25 | |
 |
|
Chapter Meeting | Benefits of a security API such as ESAPI | |
| 2009-06-25 | |
|
|
Chapter Meeting | Advanced SQL injection exploitation to operating system full control | |
| 2009-04-07 | |
|
|
Chapter Meeting | Open security architecture (www.opensecurityarchitecture.org) | |
| 2009-04-07 | |
|
|
Chapter Meeting | XSRF and JSON hijacking & a hands-on session | |
| 2008-09-08 | |
|
|
Chapter Meeting | Quality of services for web applications (Hands-On Workshop) | |
| 2008-09-08 | |
|
|
Chapter Meeting | XML Security (Hands-On Workshop) | |
| 2008-09-08 | |
|
|
Chapter Meeting | ISC2/Application security | |
| 2008-04-01 | |
|
|
Global OWASP Week | Taking Apache access logs to the next level | |
| 2008-04-01 | |
|
|
Global OWASP Week | Implementing an Application Security Lifecycle programme | |
| 2008-04-01 | |
|
|
Global OWASP Week | WebAppSec the Big Picture | |
| 2007-12-11 | |
|
|
Chapter Meeting | Certified Secure Web | |
| 2007-12-11 | |
|
|
Chapter Meeting | Secure Development Life Cycle | |
| 2007-12-11 | |
|
|
Chapter Meeting | Securing my Assets (Presentation & Demo) | |
| 2007-09-20 | |
|
|
Security-Zone | OWASP Testing Guide | |
| 2007-09-19 | |
|
|
Security-Zone | OWASP Top 10 | |
| 2007-07-24 | |
|
|
Chapter Meeting | OWASP - An Overview | |
| 2007-07-24 | |
|
|
|
Chapter Meeting | Dependability for Java Mobile Code |
| 2007-07-24 | |
|
|
Chapter Meeting | OWASP Top 10 (Demo) | |
| 2007-04-26 | |
|
|
Chapter Meeting | Risk metrics | |
| 2007-02-12 | |
|
|
|
Chapter Meeting | XSS-Worms |
| 2006-11-11 | |
Chapter Meeting | OWASP Switzerland Chapter Kick-Off Meeting |
OWASP Chapter meetings are free and open. Our chapter's meetings are informal and encourage open discussion of all aspects of application security. Anyone in our area interested in application security is welcome to attend. We encourage attendees to give short presentations about specific topics.
Our main topics are:
- DevOps
- Security testing
- Secure development
- Hacking
- Secure Architectures
If you would like to give a presentation (make sure that you have read and understood the speaker agreement), or have any questions about the OWASP Switzerland Chapter, send an email to Robert Schneider.
Help us to make application security visible and become a supporter of the OWASP or our Chapter in Switzerland. All information about becoming a member/sponsor can be found here.
If your company is interested in supporting us directly, please contact Sven Vetsch to talk about the following sponsoring possibilities.
- Chapter Supporter
- Single Meeting Supporter
- Facility Sponsor
- Organization Supporters (allocating 40% of your annual donation to our Chapter)
Here you can find material related to the OWASP Switzerland Chapter.
OWASP Switzerland bylaws (in German)
Download bylaws
OWASP Switzerland Update Presentation (December 13th 2011)
Download Presentation
|
|
