This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Delhi NCR"
(Jan meet updated) (Tag: Visual edit) |
(Feb meet page details updated) (Tag: Visual edit) |
||
| Line 30: | Line 30: | ||
= '''Upcoming Meeting/Event(s)''' = | = '''Upcoming Meeting/Event(s)''' = | ||
| − | + | February 2018 meet on February '''24, 2018 (Saturday) - 11:00 am''' | |
'''Note''' - OWASP Delhi chapter meets are free and open to everyone. Prior registrations are mandatory in order to be allowed to attend the meetup | '''Note''' - OWASP Delhi chapter meets are free and open to everyone. Prior registrations are mandatory in order to be allowed to attend the meetup | ||
| Line 36: | Line 36: | ||
'''Note''' - This is a combined meetup with null Delhi Chapter | '''Note''' - This is a combined meetup with null Delhi Chapter | ||
| − | For '''Registration/RSVP''' please click [https://null.co.in/events/ | + | For '''Registration/RSVP''' please click [https://null.co.in/events/420-delhi-null-delhi-meet-24-february-2018-combined-null-owasp-meet Here] |
'''Session Details/Agenda:''' | '''Session Details/Agenda:''' | ||
---------------------- | ---------------------- | ||
| − | '''11: | + | '''11:15 am - 11:30 am:''' Introductions & Chapter Updates |
| − | '''11: | + | '''11:30 am - 11:45 am:''' InfoSec News Bytes |
| − | '''11: | + | '''11:45 am - 12:30 pm:''' WiFi Security Beyond Password Cracking by '''Mohit Kumar Rajain''' |
| − | '''12:30 pm - 12: | + | '''12:30 pm - 12:50 am:''' Tea/Coffee/Networking Break |
| − | ''' | + | '''01:00 pm - 01:50 pm:''' AppSec Testing Beyond Pen Test by '''Bhushan Gupta''' |
| − | ''' | + | '''02:00 pm - 02:15 pm:''' Feedback and Topic Discussion for Next Month |
| − | '''When:''' | + | '''When:''' February 24th, 2018 (Saturday) - 11:00 am (Please be on time) |
| − | '''Where:''' | + | '''Where:''' Sapient |
| − | + | Unitech Infospace SEZ | |
| − | + | Tower-B (Unit 1 Cafeteria), Building No-8 | |
| − | + | Sector 21, | |
| − | + | Old Delhi - Gurgaon Road | |
| − | + | Dundahera, Gurgaon 122016 | |
| − | + | Haryana, India | |
| − | + | '''How to reach venue:''' Take Rapid Metro from Sikanderpur Metro station to Vodafone Belvedere Towers (2nd Stop). A free shuttle operates from the entry gate of the metro station to Udyog Vihar every 5 minutes. It drops at exit gate no. 2 of Infospace. The shuttle takes around 15 minutes to reach the venue. | |
| + | '''Nearest Landmark:''' Trident Hotel.(Straight from Trident Hotel towards Dundahera Village and left from T Point, Unitech building will be on the right. RBS and Amdocs offices are in the same complex.) | ||
| + | |||
| + | '''Nearest Metro Stations:''' | ||
| + | |||
| + | · IndusIand Bank Cyber City Rapid Metro Station | ||
| + | |||
| + | · MG Road Metro Station | ||
| + | |||
| + | · Sikanderpur Metro Station | ||
| + | |||
| + | Important Note - Please carry an ID proof along with you which will be required for Security check | ||
| + | |||
| + | '''<br> | ||
| + | Talk Details:''' | ||
| + | |||
| + | '''AppSec Testing Beyond Pen Test by Bhushan Gupta''' | ||
| + | |||
| + | '''Abstract:''' Web application security has a broad scope that spans from network communication to browser behaviors to backend applications and finally to database servers. Validating security of all these components can be a daunting task and take a considerable effort. Penetration is the most prevalent testing method used today for validating web application security. The question is, “does it cover all the basis?” Penetration testing is a black-box type testing that a QA engineer applies from the hacker’s perspective. While it provides a comfort level, it does not ensure that the application has been developed with security in mind and that it meets the three basic requirements of security namely, Confidentiality, Integrity, and Availability (CIA). The CIA framework builds intrinsic security and thus ensures an increased confidence level. This framework should be complemented with the penetration testing. | ||
| + | |||
| + | This talk focuses on how to align the security validation of a web application with the three basic elements of security namely, Confidentiality, Integrity, and Availability (CIA). The test effectiveness can be achieved by analyzing the requirements of each element and identifying the potential breaches that can compromise each element. The efficiency should be built by relating these breaches with the known OWASP Top 10 and other vulnerabilities and, leveraging that knowledge to identify the testing approach - static and dynamic throughout the SDLC. | ||
| + | |||
| + | '''Bio:''' Bhushan Gupta is a Principal consultant at Gupta Consulting LLC., Bhushan Gupta is passionate about development methods and tools that yield more secure web applications especially in the agile software development environment. As a researcher, he has a keen interest in understanding and applying fundamental principles and known methodologies to develop dependable and secure software solutions. His interests extend to Social Engineering and Attack Surface Analysis. Bhushan worked at Hewlett-Packard for 13 years in various roles including software quality lead, engineer, software process architect, and software productivity manager. He then developed a strong interest in web application security while working as a quality engineer for Nike Inc. Bhushan has been studying various facets of web application security and promoting how to apply common sense approach to build secure solutions. He is a certified Six Sigma Black Belt (HP and ASQ) and an adjunct faculty member at the Oregon Institute of Technology in Software Engineering. To learn more about Bhushan’s contributions to SDLC, visit www.bgupta.com | ||
| + | |||
| + | '''WiFi Security Beyond Password Cracking''' | ||
| + | |||
| + | '''Abstract:''' The speaker will demonstrate the following attacks on wifi networks: | ||
| + | |||
| + | 1. Packet injection in protocols such as DHCP, DNS, etc. | ||
| + | |||
| + | 2. Phishing wifi clients using captive portal | ||
| + | |||
| + | '''Bio:''' Mohit is a Network security Enthusiast and Final Year Btech ( ECE ) student @ NIT Delhi | ||
= '''Stay Updated''' = | = '''Stay Updated''' = | ||
Revision as of 19:37, 14 February 2018
About
The OWASP Delhi Chapter meetings are FREE and OPEN to anyone interested in learning more about information security. We conduct regular (mostly monthly) meetings covering Noida, Gurgaon, and Delhi region.
OWASP Delhi
Welcome to the Delhi chapter homepage. The chapter leaders are Vaibhav Gupta and Sandeep Singh
Participation
OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.
Sponsorship/Membership
to this chapter or become a local chapter supporter.
Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? 
Chapter Sponsors
Some of the organizations supporting OWASP Delhi/NCR chapter are below:
Adobe
Sapient
Bharti Airtel
Thought Works
null - the open Security community
For more information on how to support OWASP Delhi chapter in helping organize free and open security meets contact the chapter leaders
Become a Presenter
Submit your talk now for an upcoming OWASP Delhi/NCR Chapter Meeting
Join Discussions on Slack
Link to OWASP Delhi chapter Channel
In case you are not on slack, the registration URL is (requires email only): https://owasp.herokuapp.com
