This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Cambridge"

From OWASP
Jump to: navigation, search
(Added 1st speaker slides for 4th April - Leum Dunn)
(Local News)
Line 5: Line 5:
 
==='''Local News'''===
 
==='''Local News'''===
  
'''OWASP Cambridge Chapter “Goats, Droids and Software Chains” Seminar'''
+
'''OWASP Cambridge Chapter Secure Coding Tournament and Seminar Event'''  
  
Tuesday 4th April 2017 17:30 20:30, Lord Ashcroft Building (LAB003), Anglia Ruskin University, Cambridge.
+
Tuesday 12th September 2017 17:00 21:00, Coslett Building COS404/405 & COS124, Anglia Ruskin University, Cambridge.
  
Hosted by the Department of Computing & Technology, Anglia Ruskin University & OWASP (Open Web Application Security Project) Cambridge Chapter
+
Hosted by the Cyber Security & Networking Research Group (Department of Computing & Technology), Anglia Ruskin University & OWASP (Open Web Application Security Project) Cambridge Chapter
  
Buffet & Refreshments kindly sponsored by Sonatype.
+
Secure Code Warrior kindly sponsoring tournament and T-Shirt/Hoodies as Prizes.
  
'''Präsentation'''
+
OWASP Cambridge sponsoring the Beer, OWASP Swag and Other Prizes
  
'''Guest speaker: Bruce Mayhew, OWASP Webgoat Project Leader & Director of Security Research, Sonatype.''' 
+
Pizza kindly sponsored by Anglia Ruskin and Others TBD
  
'''Biography - Bruce Mayhew'''
+
'''OWASP Cambridge – Secure Coding Tournament'''
  
Bruce is the OWASP Project Lead for Webgoat, one of the authors of the SANS GIAC Java Security Certification Exam, and is Director of Security Research and Development at Sonatype with over 20 years of software development experience, 13 years of which have been focused on application security. He has performed code-level security assessments for hundreds of applications, created application security programs and training curriculums for large institutions, and has been a Web Application Security Course instructor for the SANS Institute. Previous roles include IBM with a focus on Static Analysis following the acquisition of Ounce Labs where he was Director for Advanced Security Research.
+
Compete against your peers to become the ‘Secure Code Warrior.
  
'''Abstract – “Webgoat”'''
+
'''''OWASP Cambridge Secure Coding Champion 2017.'''''
  
In Depth Technical overview of OWASP WebGoat, a deliberately insecure web application designed to teach web application security and provide an understanding of security issues by exploiting real vulnerabilities, including Open Source libraries - the project started 10 years ago and has had over 1,000,000 downloads. There are currently over 30 lessons, including those dealing with issues such as Cross-site Scripting (XSS), Access Control, Thread Safety, Hidden Form Field Manipulation, Parameter Manipulation, Weak Session Cookies, Blind SQL Injection, Numeric SQL Injection, String SQL Injection, Web Services and Fail Open Authentication.
+
'''Secure Coding tournament – what is it all about?'''
  
'''Guest Speaker:  Leum Dunn CISSP C|EH CISMP MBCS, Redacted'''
+
Join this live interactive tournament which is sure to be a fun, challenging learning experience for all.  Whether you are eager to prove your web application AppSec knowledge of the OWASP Top 10 and more…. and watch as you climb to the top of the leaderboard or simply want to learn more about how to code more securely – everyone is welcome and there will be prizes / SWAG for the winner(s). 
  
'''Biography:''' Leum Dunn
+
Participants are presented with any of three kinds of vulnerable code challenges - identify the problem, locate the insecure code, and fix the vulnerability. Gamification helps
to make the exercise a fun, engaging and interactive experience. Participants can select from various software languages to complete the tournament, including:
  
Leum specialises in endpoint security and works for REDACTED in the East of England.
+
Java EE, Java Spring, C# MVC, C# WebForms, Ruby on Rails, Python Django & Node.Js.  
  
'''Abstract: “A day in the life of a script kiddie – pwning Android for the lulz”'''
+
'''Who should take part?'''
  
This informal talk aims to demonstrate the sort of access an attacker of only modest skill could get to an Android device. Useful to anyone with an interest in security or who is considering a BYOD policy for their company. Very little technical knowledge is required and Leum encourages questions throughout.
+
Any developer with an interest in secure coding!
  
'''Guest Speaker: Brian Fox, Chief Technical Officer, Sonatype'''
+
In past tournaments, developers from varying levels of experience, skill levels and various job roles have competed, but all have a common interest in security and the future of security.
  
'''Biography: Brian Fox'''
+
The aim of this event is to connect the OWASP Cambridge Chapter in a more open and engaging setting. Security experts will be on-hand to chat and help people during the event.
  
Brian is Chief Technical Officer at Sonatype. He has extensive open source experience as a member of the Apache Software Foundation and former Chair of the Apache Maven project. Brian was a direct contributor to the Maven ecosystem, including the maven-dependency-plugin and maven-enforcer-plugin. He has over 15 years of experience driving the vision behind, as well as developing and leading the development of software for organisations ranging from startups to large enterprises. Brian is a frequent speaker at national and regional events including Java User Groups and other development related conferences.
+
Guaranteed to be a fun and insightful evening!
  
'''Abstract – “Secure Supply Chains”'''
+
'''Why should I take part?'''
  
Today, more and more open source is consumed by developers. We saw last week when Apache disclosed the latest Struts2 vulnerability with a CVSS score of 9.8, that we need to ensure that we are consuming secure open source libraries in our software development processes - we should treat it as a supply chain. We studied the patterns and practices exhibited by 3,000 high-performance software development organisations, teams around the world are consuming BILLIONS of open source and third-party components. The good news: they are accelerating time to market. The bad news: 1 in 17 components they are using include known security vulnerabilities. This session aims to enlighten application security and development professionals by sharing results from the State of the Software Supply Chain Report -- a blend of public and proprietary data with expert research and analysis, specifically:
+
Becoming the first ever OWASP Cambridge Secure Code Champion should be enough to whet the appetite. However, there will also be prizes, pizza and beer on hand. It is a great opportunity to test your skill levels and have fun on the Secure Code Warrior platform, connect with like-minded folks interested in secure coding and get industry insight from Peter Lawrey’s keynote speech – all free of charge.
  
·      What our analysis of 25,000 applications reveals about the quality and security of software built with open source components?
+
'''Why is Secure Coding a big deal?'''
  
·      How organizations like Exxon, Capital One and Intuit are utilising the principles of software supply chain automation to improve application security?
+
If you look at some of the most significant breaches over the last four years, Capgemini, Amazon, Yahoo and more locally the NHS, the common attack vector was vulnerable code. The striking reality is that these were not zero day vulnerabilities with no immediate remediation’s, these attacks targeted known vulnerabilities with known remediation.
  
·      Why avoiding open source components over 3 years old might be a really good idea?
+
As companies move to more agile development, more and more code releases occur daily, if not, on an hourly basis. It is paramount that developers writing the code become the first line of defense. But, for this to happen, developers must build their secure coding skillset. Once a developer builds those skills, they will start to write less vulnerabilities and reduce the possible attack surface of their organisation. From an agility and cost point of view, if less vulnerabilities are included from the start of the SDLC, the organization can save money and precious time – truly enabling agile performance.
  
·      How to balance the need for speed with quality and security -- early in the development lifecycle?
+
'''Prizes:'''
  
Also listen to Brian talk about the struts 2 vulnerability announcement, how you can determine if you're affected, what you can do about it and how a secure supply chain would mitigate the risk.
+
1<sup>st</sup> Prize Raspberry Pi Kit, Hoodie & OWASP Swag (TBD)
 +
 
 +
2<sup>nd</sup> Prize Hoodie/T Shirt & OWASP Swag
 +
 
 +
Plus Other T-Shirts
 +
 
 +
Student 1<sup>st</sup> Prize
 +
 
 +
Free Entry to Cambridge Wireless’s “Inclusive Innovation Conference” 19<sup>th</sup> September at the Bradfield Centre, Cambridge Science Park (worth £75)
 +
 
 +
<nowiki>http://www.cambridgewireless.co.uk/InclusiveInnovation/</nowiki>
 +
 
 +
Many other Prizes!!
 +
 
 +
'''Please ensure you bring your laptop (not a tablet) to take part.'''
 +
 
 +
'''Presentation'''
 +
 
 +
'''Guest Speaker: Peter Lawrey – CEO at Higher Frequency Trading Ltd & Chronicle Software'''
 +
 
 +
'''Biography: Peter Lawrey'''  
 +
 
 +
 Peter Lawrey likes to inspire developers to improve the craftmanship of their solutions, engineer their systems for simplicity and performance, and enjoy their work more by being creative and innovative.
 +
 
 +
He has a popular blog “Vanilla Java” which gets 120K page views per months, is 3rd on StackOverflow.com for [Java] and 2nd for [concurrency], and is lead developer of the OpenHFT project which includes support for off heap memory, thread pinning and low latency persistence and IPC (as low as 100 nano-seconds)
 +
 
 +
'''Abstract – “Secure Coding Challenges ” TBC'''
  
 
'''Background'''
 
'''Background'''
  
 
OWASP (Open Web Application Security Project is a 501(c)(3) not-for-profit worldwide charitable organisation focused on improving the security of application software. Their mission is to make application security visible, so that people and organisations can make informed decisions about true application security risks.
 
OWASP (Open Web Application Security Project is a 501(c)(3) not-for-profit worldwide charitable organisation focused on improving the security of application software. Their mission is to make application security visible, so that people and organisations can make informed decisions about true application security risks.
 +
 +
The '''Cyber Security and Networking (CSN)''' research group has close working strategic relationships with industry, professional bodies, law enforcement, government agencies and academia in the delivery of operationally focused applied information and application security research.  We have strong international links with professional organizations such as OWASP, BCS, ISC2, IISP & the UK Cyber Security Forum amongst others. The primary aims of CSNRG are to help the UK and partner nations to tackle cybercrime, be more resilient to cyber-attacks and educate its users for a more secure cyberspace and operational business environment.  These will be achieved through the investigation of threats posed to information systems, understanding the impact of attacks and creation of cyber-based warning systems which include gathering threat intelligence, automate threat detection, alert users and neutralize attacks.  For network security we are researching securing the next generation of software defined infrastructures from the application API and control/data plane attacks. Other key work includes computer forensic analysis, digital evidence crime scenes and evidence visualisation as well as cyber educational approaches such as developing Capture the Flag (CTF) resources and application security programs.
  
 
The Department of Computing & Technology at Anglia Ruskin University is enhancing its curricula and capabilities in information security following its successful BSc(Hons) Information Security and Forensic Computing pathway. Establishing a joint professional networking group with OWASP concentrating on aspects of computing and application security is a key part of this enhancement. A key aim the department is working towards is developing a MSc Information Security specialising in Application Security and as part of this activity looking to develop and a local Information Security Student Society.
 
The Department of Computing & Technology at Anglia Ruskin University is enhancing its curricula and capabilities in information security following its successful BSc(Hons) Information Security and Forensic Computing pathway. Establishing a joint professional networking group with OWASP concentrating on aspects of computing and application security is a key part of this enhancement. A key aim the department is working towards is developing a MSc Information Security specialising in Application Security and as part of this activity looking to develop and a local Information Security Student Society.
Line 63: Line 91:
 
'''Agenda'''
 
'''Agenda'''
  
17:30 – 17:45 Welcome from the OWASP Cambridge Chapter Leader, Adrian Winckles, Course Leader in Information Security & Forensic Computing, Anglia Ruskin University
+
17:00 – 17:45: Pizza/Beer & Networking in COS 404/405
 +
 
 +
17:45 – 18:00: Welcome from the OWASP Cambridge Chapter Leader, Adrian Winckles, Course Leader in Information Security & Forensic Computing, Anglia Ruskin University
  
17:45 - 18:30 Talk from Bruce Mayhew, Sonatype & OWASP Project Leader “Webgoat"
+
18:00 – 18.45: Talk from Peter Lawrey CEO of Higher Frequency Trading Ltd & Chronicle Software
  
18:30 - 19:15 Talk from Leum Dunn, Redacted, “A day in the life of a script kiddie – pwning Android for the lulz”
+
18:45 – 19.00: Registration/on-boarding of participants to the SCW platform.
  
19:15 – 20:00 Talk from Brian Fox, Sonatype, “'''Secure Supply Chains”'''
+
19:00 – 21.00* Tournament
  
20:00 – 20:30 Refreshments & Networking in LAB006 (Kindly sponsored by Sonatype)
+
•15 minutes at end to wrap up and hand out prizes
  
 
'''Registration'''
 
'''Registration'''
  
To register for this free event, please register online at
+
To register for this free event, please register online [https://www.eventbrite.com/e/owasp-cambridge-chapter-securing-coding-tournament-and-seminar-event-tickets-37160302465 here]
 
 
<nowiki>https://www.eventbrite.com/e/owasp-cambridge-chapter-goats-droids-and-software-chains-seminar-tickets-32973431421</nowiki>
 
  
The meeting will be held in the Lord Ashcroft Building, Room LAB003 (Breakout Room LAB006 for networking & refreshments).
+
The networking and refreshments will be held in Coslett Building (Room COS404/405 on the 4<sup>th</sup> Floor) whilst the following talk and tournament will be held in the Coslett Building Large Lecture theatre, Room COS124
  
 
Please enter through the Helmore Building and ask at reception.
 
Please enter through the Helmore Building and ask at reception.
  
Anglia Ruskin University, Cambridge Campus
+
There will be a reception desk on the ground floor of Coslett Building
  
East Road
+
Anglia Ruskin University,
  
Cambridge CB1 1PT
+
Cambridge Campus
  
Get further information on travelling to the university.
+
East Road
  
<nowiki>http://www.anglia.ac.uk/ruskin/en/home/your_university/anglia_ruskin_campuses/ca</nowiki> mbridge_campus/find_cambridge.html
+
Cambridge
----
 
'''Planned dates for upcoming events'''
 
  
 +
CB1 1PT
  
Thursday 19th January 2017
+
Get further information on travelling to the university [http://www.anglia.ac.uk/ruskin/en/home/your_university/anglia_ruskin_campuses/ca&#x20;mbridge_campus/find_cambridge.html here] .
  
Wednesday 25th January 2017
+
To find the Cambridge East Road Campus please see the following [http://www.anglia.ac.uk/~/media/Files/campus-and-city-maps/cambridge-city-centre-map.pdf?la=en map]
  
Tuesday 7th February 2017
+
The Coslett building is at the rear of the campus, also accessible from the Mill Road entrance ([http://www.anglia.ac.uk/~/media/Files/campus-and-city-maps/cambridge-campus-map-jul2017.pdf?la=en see campus map]).
  
Tuesday 7th March 2017
+
----
 
+
'''Planned dates for upcoming events'''
Tuesday 4th April 2017
+
{| class="wikitable"
<!-- second tab -->
+
|Cambridge_OWASP  Event 20170927 - Secure Coding Challenge
 +
|11/09/2017
 +
|-
 +
|Cambridge_OWASP Event 20171010 - Web Application  Firewalls
 +
|03/10/2017
 +
|-
 +
|Cambridge_OWASP/BCS Cybercrime Forensics & Social Media  Forensics Day Event
 +
|11/10/2017
 +
|-
 +
|Cambridge_OWASP & BCS East Anglia Event - GDPR Evening
 +
|07/11/2017
 +
|-
 +
|Cambridge_OWASP & UK Cyber Security Forum GDPR Event  20171115
 +
|15/11/2017
 +
|-
 +
|Cambridge_OWASP Event 20171205
 +
|05/12/2017
 +
|-
 +
|Cambridge_OWASP & BCS Cybercrime Forensics/IoT Forensics  Security Day 20180110/11
 +
|10/01/2018 or 11/01/2018
 +
|-
 +
|Cambridge_OWASP & UK Cyber Security Forum Cyber Machine  Learning Day 20180118/19
 +
|18/01/2018,
 +
|-
 +
|Cambridge_OWASP Event
 +
|13/02/2018
 +
|-
 +
|Cambridge_OWASP Event
 +
|13/03/2018
 +
|-
 +
|Cambridge_OWASP Event
 +
|10/04/2018
 +
|-
 +
|Cambridge_OWASP Event
 +
|08/05/2018
 +
|}
  
 
= Past Events =
 
= Past Events =

Revision as of 14:15, 29 August 2017

OWASP Cambridge

Welcome to the Cambridge chapter homepage. The chapter leaders are Adrian Winckles and Steven van der Baan.


Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

Btn donate SM.gif to this chapter or become a local chapter supporter. Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG


Local News

OWASP Cambridge Chapter Secure Coding Tournament and Seminar Event

Tuesday 12th September 2017 17:00 – 21:00, Coslett Building COS404/405 & COS124, Anglia Ruskin University, Cambridge.

Hosted by the Cyber Security & Networking Research Group (Department of Computing & Technology), Anglia Ruskin University & OWASP (Open Web Application Security Project) Cambridge Chapter

Secure Code Warrior kindly sponsoring tournament and T-Shirt/Hoodies as Prizes.

OWASP Cambridge sponsoring the Beer, OWASP Swag and Other Prizes

Pizza kindly sponsored by Anglia Ruskin and Others TBD

OWASP Cambridge – Secure Coding Tournament

Compete against your peers to become the ‘Secure Code Warrior.’

OWASP Cambridge Secure Coding Champion 2017.

Secure Coding tournament – what is it all about?

Join this live interactive tournament which is sure to be a fun, challenging learning experience for all.  Whether you are eager to prove your web application AppSec knowledge of the OWASP Top 10 and more…. and watch as you climb to the top of the leaderboard or simply want to learn more about how to code more securely – everyone is welcome and there will be prizes / SWAG for the winner(s). 

Participants are presented with any of three kinds of vulnerable code challenges - identify the problem, locate the insecure code, and fix the vulnerability. Gamification helps
to make the exercise a fun, engaging and interactive experience. Participants can select from various software languages to complete the tournament, including:

Java EE, Java Spring, C# MVC, C# WebForms, Ruby on Rails, Python Django & Node.Js.

Who should take part?

Any developer with an interest in secure coding!

In past tournaments, developers from varying levels of experience, skill levels and various job roles have competed, but all have a common interest in security and the future of security.

The aim of this event is to connect the OWASP Cambridge Chapter in a more open and engaging setting. Security experts will be on-hand to chat and help people during the event.

Guaranteed to be a fun and insightful evening!

Why should I take part?

Becoming the first ever OWASP Cambridge Secure Code Champion should be enough to whet the appetite. However, there will also be prizes, pizza and beer on hand. It is a great opportunity to test your skill levels and have fun on the Secure Code Warrior platform, connect with like-minded folks interested in secure coding and get industry insight from Peter Lawrey’s keynote speech – all free of charge.

Why is Secure Coding a big deal?

If you look at some of the most significant breaches over the last four years, Capgemini, Amazon, Yahoo and more locally the NHS, the common attack vector was vulnerable code. The striking reality is that these were not zero day vulnerabilities with no immediate remediation’s, these attacks targeted known vulnerabilities with known remediation.

As companies move to more agile development, more and more code releases occur daily, if not, on an hourly basis. It is paramount that developers writing the code become the first line of defense. But, for this to happen, developers must build their secure coding skillset. Once a developer builds those skills, they will start to write less vulnerabilities and reduce the possible attack surface of their organisation. From an agility and cost point of view, if less vulnerabilities are included from the start of the SDLC, the organization can save money and precious time – truly enabling agile performance.

Prizes:

1st Prize Raspberry Pi Kit, Hoodie & OWASP Swag (TBD)

2nd Prize Hoodie/T Shirt & OWASP Swag

Plus Other T-Shirts

Student 1st Prize

Free Entry to Cambridge Wireless’s “Inclusive Innovation Conference” 19th September at the Bradfield Centre, Cambridge Science Park (worth £75)

http://www.cambridgewireless.co.uk/InclusiveInnovation/

Many other Prizes!!

Please ensure you bring your laptop (not a tablet) to take part.

Presentation

Guest Speaker: Peter Lawrey – CEO at Higher Frequency Trading Ltd & Chronicle Software

Biography: Peter Lawrey

 Peter Lawrey likes to inspire developers to improve the craftmanship of their solutions, engineer their systems for simplicity and performance, and enjoy their work more by being creative and innovative.

He has a popular blog “Vanilla Java” which gets 120K page views per months, is 3rd on StackOverflow.com for [Java] and 2nd for [concurrency], and is lead developer of the OpenHFT project which includes support for off heap memory, thread pinning and low latency persistence and IPC (as low as 100 nano-seconds)

Abstract – “Secure Coding Challenges ” TBC

Background

OWASP (Open Web Application Security Project is a 501(c)(3) not-for-profit worldwide charitable organisation focused on improving the security of application software. Their mission is to make application security visible, so that people and organisations can make informed decisions about true application security risks.

The Cyber Security and Networking (CSN) research group has close working strategic relationships with industry, professional bodies, law enforcement, government agencies and academia in the delivery of operationally focused applied information and application security research.  We have strong international links with professional organizations such as OWASP, BCS, ISC2, IISP & the UK Cyber Security Forum amongst others. The primary aims of CSNRG are to help the UK and partner nations to tackle cybercrime, be more resilient to cyber-attacks and educate its users for a more secure cyberspace and operational business environment.  These will be achieved through the investigation of threats posed to information systems, understanding the impact of attacks and creation of cyber-based warning systems which include gathering threat intelligence, automate threat detection, alert users and neutralize attacks.  For network security we are researching securing the next generation of software defined infrastructures from the application API and control/data plane attacks. Other key work includes computer forensic analysis, digital evidence crime scenes and evidence visualisation as well as cyber educational approaches such as developing Capture the Flag (CTF) resources and application security programs.

The Department of Computing & Technology at Anglia Ruskin University is enhancing its curricula and capabilities in information security following its successful BSc(Hons) Information Security and Forensic Computing pathway. Establishing a joint professional networking group with OWASP concentrating on aspects of computing and application security is a key part of this enhancement. A key aim the department is working towards is developing a MSc Information Security specialising in Application Security and as part of this activity looking to develop and a local Information Security Student Society.

Agenda

17:00 – 17:45: Pizza/Beer & Networking in COS 404/405

17:45 – 18:00: Welcome from the OWASP Cambridge Chapter Leader, Adrian Winckles, Course Leader in Information Security & Forensic Computing, Anglia Ruskin University

18:00 – 18.45: Talk from Peter Lawrey CEO of Higher Frequency Trading Ltd & Chronicle Software

18:45 – 19.00: Registration/on-boarding of participants to the SCW platform.

19:00 – 21.00* Tournament

•15 minutes at end to wrap up and hand out prizes

Registration

To register for this free event, please register online here

The networking and refreshments will be held in Coslett Building (Room COS404/405 on the 4th Floor) whilst the following talk and tournament will be held in the Coslett Building Large Lecture theatre, Room COS124

Please enter through the Helmore Building and ask at reception.

There will be a reception desk on the ground floor of Coslett Building

Anglia Ruskin University,

Cambridge Campus

East Road

Cambridge

CB1 1PT

Get further information on travelling to the university here .

To find the Cambridge East Road Campus please see the following map

The Coslett building is at the rear of the campus, also accessible from the Mill Road entrance (see campus map).

Planned dates for upcoming events

Cambridge_OWASP Event 20170927 - Secure Coding Challenge 11/09/2017
Cambridge_OWASP Event 20171010 - Web Application  Firewalls 03/10/2017
Cambridge_OWASP/BCS Cybercrime Forensics & Social Media Forensics Day Event 11/10/2017
Cambridge_OWASP & BCS East Anglia Event - GDPR Evening 07/11/2017
Cambridge_OWASP & UK Cyber Security Forum GDPR Event 20171115 15/11/2017
Cambridge_OWASP Event 20171205 05/12/2017
Cambridge_OWASP & BCS Cybercrime Forensics/IoT Forensics Security Day 20180110/11 10/01/2018 or 11/01/2018
Cambridge_OWASP & UK Cyber Security Forum Cyber Machine Learning Day 20180118/19 18/01/2018,
Cambridge_OWASP Event 13/02/2018
Cambridge_OWASP Event 13/03/2018
Cambridge_OWASP Event 10/04/2018
Cambridge_OWASP Event 08/05/2018
Date Name / Title Link
4 April 2017 Leum Dunn - Redacted presentation
7 March 2017 Andrew Thompson - Checkmarx presentation
7 March 2017 John Haine IoT Security Foundation (Chair) presentation
25 Jan 2017 Nick Alston CBE / PIER Chair presentation
25 Jan 2017 Mark Pearce/ 7Safe/PA Consulting presentation
25 Jan 2017 Martin Cassey / Nascenta presentation
25 Jan 2017 Paul Rowley FBCS / Havebury Housing Association presentation
25 Jan 2017 Laurence Kaleman / Legal Director, Olswang presentation
25 Jan 2017 Tony Drewitt / Head of Consultancy - IT Governance presentation
19 Jan 2017 Tony Drewitt / Head of Consultancy - IT Governance presentation
19 Jan 2017 Peter Yapp / NCSC Deputy Director - Incident Response presentation
19 Jan 2017 Martin Cassey / Nascenta presentation
10 Nov 2016 Graham Rymer / University of Cambridge
10 Nov 2016 Mark Wickenden
12 05 2016 Phil Cobley / Modern Policing & the Fight Against Cyber Crime presentation
12 05 2016 Jules Pagna Disso / Building a resilient ICS presentation
08 03 2016 Andrew Lee-Thorp / So you want to use a WebView? Android WebView: Attack and Defence
10 11 2015 Steve Lord / Trying (and failing) to secure the Internet of Things
John Mersh / Software and System Security: a life vest in the IoT ocean
10 Oct 2015 Sumit "sid" Siddharth / Some neat, new and ridiculous hacks from our vault
10 Feb 2015 Steven van der Baan / Web Application Security Testing with Burp Suite
2 December 2014 Colin Watson / OWASP Cornucopia
21 October 2014 Eireann Leverett presentation
1st April 2014 Ian Glover (CREST) / Overview of the CREST activities to professionalise the industry.
Yiannis Chrysanthou (KPMG) / Modern Password Cracking
Damien King (KPMG) / Filename Enumeration with TildeTool
12th November 2013 Paul Cain / Tracking Data using Forensics
12th November 2013 James Forshaw/ The Forger's Art: Exploiting XML Digital Signature Implementations presentation
5th March 2013 Sarantis Makoudis / Android (in)Security presentation
5th March 2013 Nikhil Sreekumar / Power On, Powershell presentation


Retrieved from "https://wiki.owasp.org/index.php?title=Cambridge&oldid=232740"