|
|
| (87 intermediate revisions by 9 users not shown) |
| Line 1: |
Line 1: |
| − | {{Chapter Template|chaptername=Leeds UK|extra= | + | {{Inactive Chapter}} |
| − | | |
| − | This is a new chapter and we are looking for enthusiatic new members to make this one of the best OWASP chapters. We are hoping to accumalate a good proportion of subject matter experts who will in turn be able to provide guidance and presentations for the benefit of all chapter members. So please join the mailing list and contribute.
| |
| − | | |
| − | Details of your chapter Board members can be found here [[Leeds_UK_chapter_leaders]]
| |
| − | | |
| − | | |
| − | | |
| − | | |
| | | | |
| | + | {{Chapter Template|chaptername=Leeds UK|extra=The chapter leader position is '''OPEN'''. |
| | |mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Leeds_UK|emailarchives=http://lists.owasp.org/pipermail/owasp-Leeds_UK}} | | |mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Leeds_UK|emailarchives=http://lists.owasp.org/pipermail/owasp-Leeds_UK}} |
| − |
| |
| − | <paypal>Leeds_UK</paypal>
| |
| − |
| |
| − |
| |
| − | == 2010 Planned Meetings ==
| |
| − |
| |
| − | June 16th
| |
| − |
| |
| − | September 15th
| |
| − |
| |
| − | December 8th
| |
| − |
| |
| − | == Next Meeting ==
| |
| − | '''Date:''' Wednesday 17th March
| |
| − |
| |
| − | '''Location:''' Novotel Leeds, 4 Whitehall quay, Leeds, LS1 4HR
| |
| − |
| |
| − | '''Schedule:'''
| |
| − |
| |
| − | '''18:00 for 18:15 start'''
| |
| − |
| |
| − | '''18:15 - 18:30'''
| |
| − |
| |
| − | OWASP Chapter introduction. OWASP values. Chapter information.
| |
| − |
| |
| − | OWASP Leeds Chapter Board
| |
| − |
| |
| − | '''18:30 - 19:00'''
| |
| − |
| |
| − | Introduction to DVWA (Damn Vulnerable Web Application)
| |
| − |
| |
| − | Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and aid teachers/students to teach/learn web application security in a class room environment. More information regarding Ryan and DVWA can be found on his personal blog http://www.ethicalhack3r.co.uk or on the official DVWA homepage http://www.dvwa.co.uk/
| |
| − |
| |
| − | Ryan Dewhurst - Lead developer and creator of DVWA
| |
| − |
| |
| − | '''19:00 - 19:45'''
| |
| − |
| |
| − | Empirical Software Security Assurance
| |
| − |
| |
| − | ‘Empirical Software Security Assurance’ that compares and contrasts the approach to application security taken by 9 leading European companies along with practical tips that can be applied to any organisation regardless of scale.
| |
| − |
| |
| − | David Anumudu - Software Security Consultant for Fortify Software EMEA
| |
| − |
| |
| − |
| |
| − | '''19:45 - 20:30''' - (if time permits)
| |
| − |
| |
| − | Attacking Web Services
| |
| − |
| |
| − | Companies worldwide are deploying SOA infrastructure using web services both in intranet and extranet environments. While web services offer many advantages over traditional alternatives they are often over looked when it comes to security. This presentation hopes to educate the audience about web services and their potential vulnerabilities. Also included (technology gremlins permitting) will be some attack vector demonstrations.
| |
| − |
| |
| − | Jason Alexander - OWASP Leeds Board Member.
| |
| − |
| |
| − | '''20:30'''
| |
| − |
| |
| − | Finish/Networking
| |
| − |
| |
| − | Don't forget to RSVP via the eventbrite website. http://www.eventbrite.com/event/604010612
| |
| − |
| |
| − | == Past Events ==
| |
| − |
| |
| − |
| |
| − | '''Date:''' 14th October 6:00pm
| |
| − |
| |
| − | '''Location:''' Leeds Novotel, 4 Whitehall, Whitehall Quay, Leeds, LSI 4HR.
| |
| − |
| |
| − | '''Schedule:'''
| |
| − |
| |
| − | 6:00pm - 6:15pm Registration & refreshments
| |
| − |
| |
| − | 6:15pm - 6:30pm OWASP Leeds Chapter Presentation - Jason Alexander
| |
| − |
| |
| − | ''Introduction to OWASP and its charter. Leeds Chapter details.''
| |
| − |
| |
| − | 6:30pm - 7:30pm "The right way to secure Oracle" - Pete Finnigan
| |
| − |
| |
| − | ''The talk covers the process of securing an Oracle deatabase but with a proper focus to the task rather than simply following a checklist. A checklist is fine for general hardening but not for securing data as there is no method to ensure that the data that must be protected has indeed been protected.''
| |
| − |
| |
| − | 7:30pm - 8:30pm "SQL Injection - how far does the rabbit hole go? " - Justin clarke
| |
| − |
| |
| − | ''SQL Injection has been around for over 10 years, and yet it is still to this day not truly understood by many security professionals and developers. With the recent mass attacks against sites across the world it has again come to the fore of vulnerabilities under the spotlight, however many consider it to only be a data access issue, or parameterized queries to be a panacea. Explore some of the deeper, darker danger areas of SQL Injection, hybrid attacks, and exploiting obscure database functionality, and what we could possibly expect to see next out of this venerable application security issue.''
| |
| − |
| |
| − |
| |
| − | '''Speaker Bio's'''
| |
| − |
| |
| − | ''Jason Alexander''
| |
| − |
| |
| − | Currently a Security Specialist working for the NHS Technology Office. Jason has over 8 years of information security experience in a variety of business and public sectors from ISP's to goverment. Jason has a keen interest in web application and web services security and is the Leeds Chapter Leader.
| |
| − |
| |
| − | ''Pete Finningan''
| |
| − |
| |
| − | Pete Finnigan specialises in the Security of Oracle databases. Pete has been interested in Oracle Security for many years and more recently in generally database security. Pete has also written the book "Oracle Security Step-by-step" and has produced many papers on the subject of oracle security. Pete has also produced a number of security tools that can aid in securing a database. More information can be found at Pete's web site http://www.petefinnigan.com
| |
| − |
| |
| − | ''Justin Clarke''
| |
| − |
| |
| − | Justin has over 12 years experience in testing the security of networks, web applications and wireless networks for large financial, retail and technology clients from all around the globe. Justin is a contributing author to a number of security books and is the lead author of the book "SQL Injection Attacks and Defense" as well as a speaker at many conferences including Black Hat USA, RSA, SANS and OWASP. He is the author of the open source SQLBrute blind SQL injection exploitation tool, and is the chapter leader for the London chapter of OWASP. More information regarding Justin can be found on his company website http://www.gdssecurity.com/
| |
| | | | |
| | | | |
| | | | |
| − | [[Category:United Kingdom]] | + | [[Category:OWASP Chapter]] |
Welcome to the Leeds UK chapter homepage. The chapter leader position is OPEN.
to this chapter or become a local chapter supporter.
Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? 
