This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "New Zealand"
m (→Upcoming Event) |
John dileo (talk | contribs) |
||
(154 intermediate revisions by 10 users not shown) | |||
Line 1: | Line 1: | ||
− | + | __NOTOC__ | |
− | + | == OWASP New Zealand == | |
− | + | Welcome to the OWASP New Zealand chapter homepage. | |
− | + | The chapter leaders are [mailto:kim.carter@owasp.org Kim Carter] (Christchurch), [mailto:kirk.jackson@owasp.org Kirk Jackson] (Wellington), and [mailto:john.dileo@owasp.org John DiLeo] (Auckland). | |
− | == | + | === Keeping in Touch === |
− | ; | + | * Chapter Mailing List (Google Groups): [mailto:[email protected] [email protected]] - [https://groups.google.com/a/owasp.org/forum/#!forum/new-zealand-chapter/join Join the Group] |
+ | * [https://infosecnz.slack.com InfoSecNZ Workspace] on Slack - Be sure to join the #events channel for calendar notices (NOTE: By design, we do not maintain a separate Slack Workspace for the New Zealand chapter) | ||
+ | * Follow us on [https://www.twitter.com/owaspnz Twitter] (@owaspnz) | ||
+ | |||
+ | Some Global OWASP Resources: | ||
+ | * [https://groups.google.com/a/owasp.org/forum/?hl=en#!forumsearch/ Directory of OWASP's Google Groups] | ||
+ | * [https://owasp.slack.com OWASP Workspace] on Slack | ||
+ | |||
+ | == OWASP New Zealand Chapter Board == | ||
+ | |||
+ | We are always looking for additional board members to evangelise the OWASP mission, help with meetings, projects and initiatives. As we all know, it takes time/effort to run a chapter. Please contact us if you are interested in joining the NZ OWASP board, would like to volunteer to help out or create a new Meetup/event, or for any queries related to OWASP NZ. | ||
+ | |||
+ | <ul> | ||
+ | *<b>NZ Board Member (Leader - Christchurch)</b> [mailto:[email protected] Kim Carter] ([https://www.twitter.com/binarymist @binarymist]) | ||
+ | *<b>NZ Board Member (Leader - Auckland)</b> [mailto:[email protected] John DiLeo] ([https://www.twitter.com/gr4ybeard @gr4ybeard]) | ||
+ | *<b>NZ Board Member (Leader - Wellington)</b> [mailto:[email protected] Kirk Jackson] ([https://www.twitter.com/kirkj @kirkj]) | ||
+ | </ul> | ||
+ | |||
+ | <!-- | ||
+ | |||
+ | == Chapter Sponsors == | ||
+ | |||
+ | <table width="100%" border="0" cellspacing="0" cellpadding="0"> | ||
+ | <tr> | ||
+ | <td><center>[http://www.security-assessment.com https://www.owasp.org/images/a/a4/Security-assessment_com.jpeg]</center></td> | ||
+ | <td> </td> | ||
+ | <td> </td> | ||
+ | <td> </td> | ||
+ | </tr> | ||
+ | <tr> | ||
+ | <td><center>[http://www.security-assessment.com www.security-assessment.com]</center></td> | ||
+ | <td> </td> | ||
+ | <td> </td> | ||
+ | <td> </td> | ||
+ | </tr> | ||
+ | <tr> | ||
+ | <td><center>[http://www.touchpoint.co.nz https://www.owasp.org/images/d/d8/Touchpoint.jpg]</center></td> | ||
+ | <td> </td> | ||
+ | <td> </td> | ||
+ | <td> </td> | ||
+ | </tr> | ||
+ | <tr> | ||
+ | <td><center>[http://www.touchpoint.co.nz www.touchpoint.co.nz]</center></td> | ||
+ | <td> </td> | ||
+ | <td> </td> | ||
+ | <td> </td> | ||
+ | </tr> | ||
+ | <tr> | ||
+ | <td><center>[http://binarymist.io https://www.owasp.org/images/4/4c/BinaryMistLimited.png]</center></td> | ||
+ | <td> </td> | ||
+ | <td> </td> | ||
+ | <td> </td> | ||
+ | </tr> | ||
+ | <tr> | ||
+ | <td><center>[http://binarymist.io binarymist.io]</center></td> | ||
+ | <td> </td> | ||
+ | <td> </td> | ||
+ | <td> </td> | ||
+ | </tr> | ||
+ | </table> | ||
+ | |||
+ | --> | ||
+ | |||
+ | = Upcoming Events = | ||
+ | |||
+ | == Local Meetup Links == | ||
+ | |||
+ | * [https://www.meetup.com/OWASP-New-Zealand-Chapter-Auckland/ OWASP New Zealand Chapter-Auckland] | ||
+ | * [https://www.meetup.com/OWASP-New-Zealand-Chapter-Christchurch/ OWASP New Zealand Chapter-Christchurch] | ||
+ | * [https://www.meetup.com/OWASP-Wellington/ OWASP New Zealand Chapter-Wellington] | ||
+ | |||
+ | == ''' 2020 ''' == | ||
+ | |||
+ | [[File:NZDay 2020 web banner.jpg|x300px|frameless|link=https://www.owasp.org/index.php/OWASP_New_Zealand_Day_2020|Conference Web Banner-2020 OWASP NZ Day]]<br> | ||
+ | '''19 - 21 February 2020''' | ||
+ | |||
+ | [https://www.owasp.org/index.php/OWASP_New_Zealand_Day_2020 OWASP New Zealand Day 2020] - University of Auckland Business School | ||
+ | : One-day conference, with three tracks on Friday, 21 February - Registration is FREE | ||
+ | : Training sessions (half-day, one-day, or two-day) on Wednesday and Thursday, 19 - 20 February - Registration: $325 for half-day; $625 for one-day; $1250 for two-day (plus EventBrite fees) | ||
+ | |||
+ | == ''' 2019''' == | ||
+ | |||
+ | '''10 December 2019''' | ||
+ | |||
+ | [https://www.meetup.com/OWASP-New-Zealand-Chapter-Auckland/events/257141559/ Auckland Meetup] | ||
+ | : '''Top Ten Discussion:''' A7 - Cross-Site Scripting (XSS) - Led by John DiLeo | ||
+ | : '''Presentation:''' TBC | ||
+ | : '''Location:''' Orion Health, 181 Grafton Road, Grafton, Auckland | ||
+ | |||
+ | = Past Events = | ||
+ | |||
+ | == Past Events == | ||
+ | |||
+ | === 2019 === | ||
+ | |||
+ | '''8 October 2019''' | ||
+ | |||
+ | [https://www.meetup.com/OWASP-New-Zealand-Chapter-Auckland/events/257141543/ Auckland Meetup] | ||
+ | : '''Top Ten Discussion:''' A6 - Security Misconfiguration - Led by James Ting-Edwards | ||
+ | : '''Presentation:''' What's In a Name? Law of Agency and Domain Name Registrations - Judy Ting-Edwards | ||
+ | : '''Venue Host:''' Simon White | ||
+ | : '''Location:''' Middleware NZ, 104 Quay Street, CBD, Auckland | ||
+ | <hr /> | ||
+ | <div style="background-color: black;"> | ||
+ | [[File:Logo-security_ac_nz.png|x250px|frameless|link=https://security.ac.nz|Logo for security.ac.nz event]]<br /> | ||
+ | </div> | ||
+ | |||
+ | '''24 - 25 August 2019''' | ||
+ | |||
+ | OWASP NZ is proud to invite you to our first [https://security.ac.nz https://security.ac.nz] event. Please visit the [https://security.ac.nz website] for details. | ||
+ | : '''Registration:''' FREE | ||
+ | : '''Location:''' Maclaurin Lecture Theatres, Victoria University of Wellington | ||
+ | <hr /> | ||
+ | |||
+ | '''13 August 2019''' | ||
+ | |||
+ | [https://www.meetup.com/OWASP-New-Zealand-Chapter-Auckland/events/257141559/ Auckland Meetup] | ||
+ | : '''Top Ten Discussion:''' A9 - Using Components with Known Vulnerabilities - Led by John DiLeo | ||
+ | : '''Technical Discussion:''' Addressing Vulnerable Components with OWASP Projects and Tools - John DiLeo | ||
+ | : '''Location:''' Orion Health, 181 Grafton Road, Grafton, Auckland | ||
+ | <hr /> | ||
+ | |||
+ | '''10 August 2019''' | ||
+ | |||
+ | [https://www.meetup.com/OWASP-New-Zealand-Chapter-Auckland/events/262858250/ Auckland Training Day] | ||
+ | : '''Threat Modelling: Getting from None to Done''' - John DiLeo | ||
+ | : '''Registration:''' $125.00 (plus EventBrite fees), inclusive of morning and afternoon tea, lunch, and class materials | ||
+ | : '''Location:''' Orion Health, 181 Grafton Road, Grafton, Auckland | ||
+ | <hr /> | ||
+ | |||
+ | '''11 June 2019''' | ||
+ | |||
+ | [https://www.meetup.com/OWASP-New-Zealand-Chapter-Auckland/events/257141477/ Auckland Meetup] | ||
+ | : '''Top Ten Discussion:''' A5 - Broken Access Control - Led by John DiLeo | ||
+ | : '''Technical Topic:''' My Recent Adventures at OWASP Conferences - John DiLeo | ||
+ | : '''Location:''' Robert Walters, Level 9, 22 Fanshawe Street, CBD, Auckland | ||
+ | <hr /> | ||
+ | |||
+ | '''9 April 2019''' | ||
+ | |||
+ | [https://www.meetup.com/OWASP-New-Zealand-Chapter-Auckland/events/257141431/ Auckland Meetup] | ||
+ | : '''Top Ten Discussion:''' A4 - XML External Entities (XXE) - Led by John DiLeo | ||
+ | : '''Open Discussion:''' What do we want to do this year? | ||
+ | : '''Location:''' Orion Health, 181 Grafton Road, Grafton, Auckland | ||
+ | <hr /> | ||
+ | |||
+ | [https://www.owasp.org/index.php/OWASP_New_Zealand_Day_2019 https://www.owasp.org/images/e/e3/NZDay_2019_web_banner.jpg]<br> | ||
+ | '''21 - 22 February 2019''' | ||
+ | |||
+ | [https://www.owasp.org/index.php/OWASP_New_Zealand_Day_2019 OWASP New Zealand Day 2019] - University of Auckland Business School | ||
+ | : One-day conference, with two tracks on Friday, 22 February - Registration is FREE | ||
+ | : Training sessions (half-day or full-day) on Thursday, 21 February - Registration: $500 for full-day; $250 for half-day | ||
+ | <hr /> | ||
+ | |||
+ | === 2018 === | ||
+ | |||
+ | '''11 December 2018''' | ||
+ | |||
+ | [https://www.meetup.com/OWASP-New-Zealand-Chapter-Auckland/events/249448666/ Auckland Meetup] | ||
+ | : '''Top Ten Discussion:''' A2 - Broken Authentication - Led by John DiLeo | ||
+ | : '''Technical Topic:''' Some Thoughts on Threat Modelling - John DiLeo | ||
+ | : '''Location:''' Orion Health, [https://www.google.co.nz/maps/place/181+Grafton+Rd,+Grafton,+Auckland+1010 181 Grafton Road, Grafton, Auckland] | ||
+ | <hr /> | ||
+ | |||
+ | '''29 October 2018''' | ||
+ | |||
+ | [https://www.meetup.com/OWASP-Wellington/events/255158934/ Wellington Meetup] | ||
+ | : '''Presentation:''' Make the Cyber Safer with Multi-factor Authentication - Kevin Thomas | ||
+ | : '''Video:''' [https://www.youtube.com/watch?v=lAkw24tClvQ] | ||
+ | : '''Location:''' Wellington | ||
+ | <hr /> | ||
+ | |||
+ | '''9 October 2018''' | ||
+ | |||
+ | [https://www.meetup.com/OWASP-New-Zealand-Chapter-Auckland/events/255158934/ Auckland Meetup] | ||
+ | : '''Technical Topic:''' Integrating the Weakforced Security API - Steve Shipway, SMX Email | ||
+ | : '''Location:''' Cornerstone On-Demand, Level 1, 29 Union Street, Auckland | ||
+ | <hr /> | ||
+ | |||
+ | '''27 August 2018''' | ||
+ | |||
+ | [https://www.meetup.com/OWASP-Wellington/events/253077472/ Wellington Meetup] | ||
+ | : '''Presentation:''' Developer's guide to Deserialization Attack - Felix Shi | ||
+ | : '''Video:''' [https://www.youtube.com/watch?v=Gi-Pk255Jyw] | ||
+ | : '''Location:''' Wellington | ||
+ | <hr /> | ||
+ | |||
+ | '''14 August 2018''' | ||
+ | |||
+ | [https://www.meetup.com/OWASP-New-Zealand-Chapter-Auckland/events/249448651/ Auckland Meetup] | ||
+ | : '''Top Ten Discussion:''' A3 - Sensitive Data Exposure - Led by John DiLeo | ||
+ | : '''Presentation:''' Web Application Penetration Testing Demo - Shofe Miraz | ||
+ | : '''Location:''' Orion Health, [https://www.google.co.nz/maps/place/181+Grafton+Rd,+Grafton,+Auckland+1010 181 Grafton Road, Grafton, Auckland] | ||
+ | <hr /> | ||
+ | |||
+ | '''12 June 2018''' | ||
+ | |||
+ | [https://www.meetup.com/OWASP-New-Zealand-Chapter-Auckland/events/mcvvmpyxgbnb/ Auckland Meetup] | ||
+ | : '''Presentation:''' GDPR and New Zealand Privacy Law - James Ting-Edwards | ||
+ | : '''Location:''' InternetNZ, 62 Victoria Street West, Auckland CBD, Auckland | ||
+ | <hr /> | ||
+ | |||
+ | '''11 June 2018''' | ||
+ | |||
+ | [https://www.meetup.com/OWASP-Wellington/events/250629813/ Wellington Meetup] | ||
+ | : '''Presentation:''' What are certificates? - Matt Cotterell | ||
+ | : '''Location:''' Wellington | ||
+ | <hr /> | ||
+ | |||
+ | '''10 April 2018''' | ||
+ | |||
+ | [https://www.meetup.com/OWASP-New-Zealand-Chapter-Auckland/events/mcvvmpyxgbnb/ Auckland Meetup] | ||
+ | : '''Top Ten Discussion:''' A1 - Injection - Led by John DiLeo | ||
+ | : '''Presentation:''' OWASP Software Assurance Maturity Model (SAMM) - John DiLeo | ||
+ | : '''Location:''' Orion Health, 181 Grafton Road, Grafton, Auckland | ||
+ | <hr /> | ||
+ | |||
+ | '''28 March 2018''' | ||
+ | |||
+ | [https://www.meetup.com/OWASP-New-Zealand-Chapter-Christchurch/events/241803609/ Christchurch Meetup] | ||
+ | ;: '''CERT NZ''' | ||
+ | ;: '''Location:''' Christchurch | ||
+ | ;: '''Co-Sponsor:''' [http://www.catalyst.net.nz/ Catalyst] | ||
+ | <hr /> | ||
+ | |||
+ | ; 26 Feb 2018 | ||
+ | [https://www.meetup.com/OWASP-Wellington/events/246852662/ Wellington Meetup] | ||
+ | : '''CERT NZ - Who are we? How are websites getting hacked in real life? with Declan Ingram''' | ||
+ | : '''Video:''' [https://www.youtube.com/watch?v=WhYh-eUqxIA] | ||
+ | : '''Location:''' Wellington | ||
+ | : '''Presented by:''' Declan Ingram | ||
+ | <hr /> | ||
+ | |||
+ | [https://www.owasp.org/index.php/OWASP_New_Zealand_Day_2018 https://www.owasp.org/images/5/53/NZ_day_2018_web.jpg]<br><br> | ||
+ | '''4 - 5 February 2018''' | ||
+ | |||
+ | [https://www.owasp.org/index.php/OWASP_New_Zealand_Day_2018 OWASP New Zealand Day 2018] - University of Auckland Business School | ||
+ | : One-day conference, with two tracks on Monday, 5 February - Registration is FREE | ||
+ | : Training session (full-day) on Sunday, 4 February - Registration: $500 | ||
+ | <hr /> | ||
+ | |||
+ | === 2017 === | ||
+ | |||
+ | ; 2 Oct 2017 | ||
+ | [https://www.meetup.com/OWASP-Wellington/events/242968218/ Wellington Meetup] | ||
+ | : '''Presentation:''' Same-origin policy: The core of web security | ||
+ | : '''Video:''' [https://www.youtube.com/watch?v=5wFCRANIbdc] | ||
+ | : '''Location:''' Wellington | ||
+ | : '''Presented By:''' Kirk Jackson | ||
+ | <hr /> | ||
+ | |||
+ | ; 27 Sept 2017 | ||
+ | [https://www.meetup.com/OWASP-New-Zealand-Chapter-Christchurch/events/241328587/ Christchurch Meetup] | ||
+ | : '''Securing your data (your business) using SQL Server 2016''' | ||
+ | : '''Presented By:''' [https://twitter.com/shantha05 Anupama Natarajan] | ||
+ | : '''Location:''' Christchurch | ||
+ | : '''Co-Sponsor:''' [http://www.catalyst.net.nz/ Catalyst] | ||
+ | <hr /> | ||
+ | |||
+ | ; 31 July 2017 | ||
+ | [https://www.meetup.com/OWASP-New-Zealand-Chapter-Wellington/events/241187473/ Wellington Meetup] | ||
+ | : '''Presentation:''' What is Cross-Site Request Forgery? | ||
+ | : '''Video:''' [https://www.youtube.com/watch?v=G1aLGaMqnm0] | ||
+ | : '''Location:''' Wellington | ||
+ | : '''Presented By:''' Vales Bakaitis | ||
+ | <hr /> | ||
+ | |||
+ | ; 28 June 2017 | ||
+ | [https://www.meetup.com/OWASP-New-Zealand-Chapter-Christchurch/events/236349292/ Christchurch Meetup] | ||
+ | : '''Web Developer Quiz Night''' | ||
+ | : '''Prepared and Presented By:''' [https://twitter.com/binarymist Kim Carter] | ||
+ | : '''Details:''' [https://binarymist.io/talk/owaspnz-chch-meetup-workshop-quiz-night/ on binarymist.io] | ||
+ | : '''Location:''' Christchurch | ||
+ | : '''Co-Sponsor:''' [http://www.catalyst.net.nz/ Catalyst] | ||
+ | <hr /> | ||
+ | |||
+ | ; 29 May 2017 | ||
+ | [https://www.meetup.com/OWASP-New-Zealand-Chapter-Wellington/events/239202702/ Wellington Meetup] | ||
+ | : '''Presentation:''' Developer's Guide to Preventing XSS | ||
+ | : '''Video:''' [https://www.youtube.com/watch?v=0J5Rpf3nNjU] | ||
+ | : '''Location:''' Wellington | ||
+ | : '''Presented By:''' Felix Shi | ||
+ | <hr /> | ||
+ | |||
+ | [https://www.owasp.org/index.php/OWASP_New_Zealand_Day_2017 https://www.owasp.org/images/6/63/OWASP_NZ_Day_2017_logo.jpg]<br /> | ||
+ | '''19 - 20 April 2017''' | ||
+ | |||
+ | [https://www.owasp.org/index.php/OWASP_New_Zealand_Day_2017 OWASP New Zealand Day 2017] - University of Auckland Business School | ||
+ | : One-day conference, with two tracks on Thursday, 20 April - Registration is FREE | ||
+ | : Training sessions (half-day and full-day) on Wednesday, 19 April | ||
+ | <hr /> | ||
+ | |||
+ | ; 29 March 2017 | ||
+ | [https://www.meetup.com/OWASP-New-Zealand-Chapter-Christchurch/events/236349292/ Christchurch Meetup] | ||
+ | : '''PHP Hurts Programmers (and other tales)''' | ||
+ | : '''Presented By:''' [https://twitter.com/spronkey Keith Humm] | ||
+ | : '''Slides:''' [https://speakerdeck.com/spronkey/php-hurts-programmers-and-other-tales on speakerdeck] | ||
+ | : '''Locations:''' Christchurch | ||
+ | : '''Co-Sponsor:''' [http://www.catalyst.net.nz/ Catalyst] | ||
+ | <hr /> | ||
+ | |||
+ | ; 27 Feb 2017 | ||
+ | [https://www.meetup.com/OWASP-New-Zealand-Chapter-Wellington/events/237712167/ Wellington Meetup] | ||
+ | : '''Presentation:''' Building the ultimate login and signup | ||
+ | : '''Video:''' [https://www.youtube.com/watch?v=E25KxLKwY-M Youtube] | ||
+ | : '''Location:''' Wellington | ||
+ | : '''Presented By:''' Matt Cotterell | ||
+ | <hr /> | ||
+ | |||
+ | === 2016 === | ||
+ | |||
+ | ; 29 November 2016 | ||
+ | [https://www.meetup.com/OWASP-New-Zealand-Chapter-Wellington/events/233253214/ OWASP NZ Wellington Meetup page] | ||
+ | : '''Presentation:''' OWASP Top Ten - Developing secure web apps (PHP-flavoured) | ||
+ | : '''Video:''' [https://www.youtube.com/watch?v=7u08zCz9viU Youtube] | ||
+ | : '''Location:''' Wellington | ||
+ | : '''Presented By:''' Kirk Jackson | ||
+ | : In conjunction with the [https://www.meetup.com/PHP-Usergroup-Wellington/ PHP user group Wellington] | ||
+ | |||
+ | ; 10 October 2016 | ||
+ | [https://www.meetup.com/OWASP-New-Zealand-Chapter-Wellington/events/233954065/ OWASP NZ Wellington Meetup page] | ||
+ | : '''Presentation:''' Introduction to Ruby on Rails security | ||
+ | : '''Video:''' [https://www.youtube.com/watch?v=Hez1QYc9yo8 Youtube] | ||
+ | : '''Locations:''' Wellington | ||
+ | : '''Presented By:''' Tim Goddard | ||
+ | : '''Sponsor:''' [https://www.insomniasec.com Insomnia] | ||
+ | |||
+ | ; 28 September 2016 | ||
+ | [https://www.meetup.com/OWASP-New-Zealand-Chapter-Christchurch/events/232611291/ OWASP NZ Christchurch Meetup page] | ||
+ | : '''Presentation / Demo''' Applying Cold War Learnings to our Daily OPSEC | ||
+ | : '''DeadDrop:''' (https://deaddrop.jadeworld.com/) | ||
+ | : '''Github:''' (https://github.com/phage-nz/deaddrop) | ||
+ | : '''Chris's Blog Post:''' (https://bytefog.blogspot.co.nz/2015/09/burn-after-reading.html) | ||
+ | : '''Locations:''' Christchurch | ||
+ | : '''Presented By:''' [https://twitter.com/phage_nz Chris Campbell] | ||
+ | : '''Co-Sponsor:''' [http://www.catalyst.net.nz/ Catalyst] and [http://blog.binarymist.net/ BinaryMist] | ||
+ | |||
+ | ; 29 August 2016 | ||
+ | [https://www.meetup.com/OWASP-New-Zealand-Chapter-Wellington/events/232212284/ OWASP NZ Wellington Meetup page] | ||
+ | : '''Presentation:''' Mobile app security: Intro to the OWASP Mobile Top 10 | ||
+ | : '''Video:''' [https://www.youtube.com/watch?v=SbXO6wNvOM4 Youtube] | ||
+ | : '''Location:''' Wellington | ||
+ | : '''Presented By:''' Mike Haworth | ||
+ | |||
+ | ; 29 June 2016 | ||
+ | [http://www.meetup.com/OWASP-New-Zealand-Chapter-Christchurch/events/229985413/ OWASP NZ Christchurch Meetup page] | ||
+ | : '''Presentation / Demo''' Security Regression Testing with ZapAPI and NodeGoat | ||
+ | : '''Teaser:''' (https://youtu.be/DrwXUOJWMoo) | ||
+ | : '''Github:''' (https://github.com/binarymist/NodeGoat/wiki/Security-Regression-Testing-with-Zap-API) | ||
+ | : '''Sourced From:''' Kims Book (https://leanpub.com/holistic-infosec-for-web-developers/read#process-agile-development-and-practices-security-regression-testing) | ||
+ | : '''Locations:''' Christchurch | ||
+ | : '''Presented By:''' [https://twitter.com/binarymist Kim Carter] | ||
+ | : '''Co-Sponsor:''' [http://www.catalyst.net.nz/ Catalyst] and [http://blog.binarymist.net/ BinaryMist] | ||
+ | |||
+ | ; 27 June 2016 | ||
+ | [http://www.meetup.com/OWASP-New-Zealand-Chapter-Wellington/events/232017285/ OWASP NZ Wellington Meetup page] | ||
+ | : '''Presentation:''' Introduction to using a web application firewall | ||
+ | : '''Video:''' [https://www.youtube.com/watch?v=iAPFf9Iqwos Youtube] | ||
+ | : '''Location:''' Wellington | ||
+ | : '''Presented By:''' Graeme Neilson | ||
+ | : '''Sponsor:''' [https://www.redshield.co RedShield] | ||
+ | |||
+ | ; 30 March 2016 | ||
+ | [http://www.meetup.com/OWASP-New-Zealand-Chapter-Christchurch/events/226227782/ OWASP NZ Christchurch Meetup page] | ||
+ | : '''Presentation:''' Qubes OS Discussion (https://www.qubes-os.org) | ||
+ | : '''Locations:''' Christchurch | ||
+ | : '''Presented By:''' Craig Rowland | ||
+ | : '''Co-Sponsor:''' [http://www.dimensiondata.com/en-NZ Dimension Data] and [http://binarymist.io/ BinaryMist Limited] | ||
+ | |||
+ | ;3rd and 4th of February 2016 | ||
+ | |||
+ | [https://www.owasp.org/index.php/OWASP_New_Zealand_Day_2016 https://www.owasp.org/images/2/23/OWASP_NZ_Day_2016_logo.jpg]<br><br> | ||
+ | |||
+ | At the University of Auckland School of Commerce | ||
+ | |||
+ | '''Gold Sponsors:''' | ||
+ | <table width="100%" border="0" cellspacing="0" cellpadding="0"> | ||
+ | <tr> | ||
+ | <td><center>[[File:INSOMNIA.PNG|center|300px|link=http://www.insomniasec.com/]]</center></td> | ||
+ | <td> </td> | ||
+ | <td> </td> | ||
+ | <td><center>[[File:RedShield.png|center|300px|link=https://auraredshield.com/]]</center></td> | ||
+ | <td> </td> | ||
+ | <td> </td> | ||
+ | <td><center>[http://www.security-assessment.com https://www.owasp.org/images/4/41/SA_Logo_w_DD.gif]</center></td> | ||
+ | </tr> | ||
+ | <tr> | ||
+ | <td><center>[http://www.insomniasec.com Insomnia Security]</center></td> | ||
+ | <td> </td> | ||
+ | <td> </td> | ||
+ | <td><center>[https://auraredshield.com/ Aura RedShield]</center></td> | ||
+ | <td> </td> | ||
+ | <td> </td> | ||
+ | <td><center>[http://www.security-assessment.com www.security-assessment.com]</center></td> | ||
+ | </tr> | ||
+ | </table> | ||
+ | |||
+ | === 2015 === | ||
+ | |||
+ | ; 25 November 2015 | ||
+ | [http://www.meetup.com/OWASP-New-Zealand-Chapter-Christchurch/events/225737100/ OWASP NZ Christchurch Meetup page] | ||
+ | : '''Presentation:''' UAC, Governance and Managing the External Infosec Audit | ||
+ | : '''Locations:''' Christchurch | ||
+ | : '''Presented By:''' Drewe Hinkley | ||
+ | : '''Co-Sponsor:''' [http://www.dimensiondata.com/en-NZ Dimension Data] and [http://binarymist.io/ BinaryMist Limited] | ||
+ | |||
+ | ; 30 September 2015 | ||
+ | [http://www.meetup.com/OWASP-New-Zealand-Chapter-Christchurch/events/223462991/ OWASP NZ Christchurch Meetup page] | ||
+ | : '''Two part Presentation:''' The Exploited and the Exploiters - Case Study of a Real Cyber Hack and Live Demo's from [https://leanpub.com/b/holisticinfosecforwebdevelopers Kims book] | ||
+ | : '''Locations:''' Christchurch | ||
+ | : '''Presented By:''' Salinda Lekamge and [https://twitter.com/binarymist Kim Carter] | ||
+ | |||
+ | ; 24 June 2015 | ||
+ | [http://www.meetup.com/OWASP-New-Zealand-Chapter-Christchurch/events/221412721/ OWASP NZ Christchurch Meetup page] | ||
+ | : '''Presentation:''' "[http://blog.binarymist.net/presentations-publications/#does-your-cloud-solution-look-like-a-mushroom Does Your Cloud Solution Look Like a Mushroom]". | ||
+ | : '''Locations:''' Christchurch | ||
+ | : '''Presented By:''' [https://twitter.com/binarymist Kim Carter]. | ||
+ | : '''Co-Sponsor:''' [http://www.dimensiondata.com/en-NZ Dimension Data] and [http://binarymist.io/ BinaryMist Limited] | ||
+ | |||
+ | ; 25 March 2015 | ||
+ | [http://www.meetup.com/OWASP-New-Zealand-Chapter-Christchurch/events/219456317/ OWASP NZ Christchurch Meetup page] | ||
+ | : '''Presentation:''' Reverse Engineering, Cracking, Compromising Software Security & Mitigations | ||
+ | : '''Locations:''' Christchurch | ||
+ | : '''Presented By:''' Rob Gilmour, Senior Software Engineer, Technical Support, JADE Software Corporation Ltd. | ||
+ | : '''Co-Sponsor:''' [http://www.dimensiondata.com/en-NZ Dimension Data] and [http://binarymist.io/ BinaryMist Limited] | ||
+ | |||
+ | ;26th and 27th of February 2015 | ||
+ | |||
+ | [[File:OWASP_NZ_Day_2015_logo_small.png|400px|link=https://www.owasp.org/index.php/OWASP_New_Zealand_Day_2015|26th and 26th February 2015 - University of Auckland Engineering Department | ||
+ | ]] | ||
+ | |||
+ | At the University of Auckland Engineering Department | ||
+ | |||
+ | === 2014 === | ||
+ | |||
+ | |||
+ | ; 26 November 2014 | ||
+ | [http://www.meetup.com/OWASP-New-Zealand-Chapter-Christchurch/events/209420462/ OWASP NZ Christchurch Meetup page] | ||
+ | : '''Workshop:''' Review SSL/TLS, demo sslstrip and mitigation techniques | ||
+ | : '''Locations:''' Christchurch | ||
+ | : '''Presented By:''' [https://twitter.com/kevinnz Kevin Alcock], [https://twitter.com/katiposec Security Consultant] at [https://katiposec.com/ Katipo Security] | ||
+ | : '''Co-Sponsor:''' [http://www.dimensiondata.com/en-NZ Dimension Data] and [http://binarymist.net/ BinaryMist Limited] | ||
+ | |||
+ | ; 25 September 2014 | ||
+ | [http://www.meetup.com/OWASP-New-Zealand-Chapter-Christchurch/events/198512052/ OWASP NZ Christchurch Meetup page] | ||
+ | : '''Workshop:''' Review, Exploit and Learn from [https://bytefog.blogspot.co.nz/2015/11/lord-of-flies.html Vulnerable Web App] | ||
+ | : '''Locations:''' Christchurch | ||
+ | : '''Presented By:''' [https://twitter.com/t0x0_nz Chris Campbell], Security & Operations Consultant Jade | ||
+ | : '''Co-Sponsor:''' [http://www.dimensiondata.com/en-NZ Dimension Data] and [http://binarymist.net/ BinaryMist Limited] | ||
+ | |||
+ | ; 24 July 2014 | ||
+ | [http://www.meetup.com/OWASP-New-Zealand-Chapter-Wellington/events/193784032/ OWASP NZ Wellington Meetup page] | ||
+ | : '''Workshop:''' Web App Security Workshop | ||
+ | : '''Locations:''' Wellington | ||
+ | : '''Presented By:''' Adrian Hayes | ||
+ | : '''Sponsor:''' [http://www.dimensiondata.com/en-NZ Dimension Data] | ||
+ | |||
+ | === 2013 === | ||
+ | |||
+ | ; 19 December 2013 | ||
+ | [http://www.meetup.com/OWASP-New-Zealand-Chapter/events/154075992/ Meetup Link Here] | ||
+ | : '''Co-Sponsor:''' [http://security-assessment.com Security-Assessment.com] and [http://www.touchpoint.co.nz Touchpoint] | ||
+ | : '''Locations:''' Wellington, Auckland, Christchurch, Webcast | ||
+ | : '''Details:''' All details are on the meetup page above | ||
+ | : '''Presentation:''' [https://www.owasp.org/images/9/9f/Extending-Burp-with-Python.pptx Extending Burp with Python] | ||
+ | : '''Presented By:''' Mike Haworth, Aura Information Security | ||
+ | |||
+ | ;11th and 12th of September 2013 | ||
+ | |||
+ | [[File:OWASP_NZ_Day_2013_logo.png|400px|link=https://www.owasp.org/index.php/OWASP_New_Zealand_Day_2013|11th and 12st September 2013 - Auckland Business School | ||
+ | ]] | ||
+ | |||
+ | At the Auckland Business School | ||
+ | |||
+ | [[OWASP New Zealand Day 2013|https://www.owasp.org/index.php/OWASP_New_Zealand_Day_2013]] | ||
+ | |||
+ | |||
+ | ; 22 May 2013 | ||
+ | [http://www.meetup.com/OWASP-New-Zealand-Chapter/events/115108982/ OWASP Meetup page to RSVP] | ||
+ | : '''Co-Sponsor:''' [http://security-assessment.com Security-Assessment.com] and [http://www.touchpoint.co.nz Touchpoint] | ||
+ | : '''Locations:''' Wellington, Auckland, Webcast | ||
+ | : '''Details:''' All details are on the meetup page above | ||
+ | |||
+ | |||
+ | === 2012 === | ||
+ | |||
+ | ; 31st August 2012 | ||
+ | [https://www.owasp.org/index.php/OWASP_New_Zealand_Day_2012 OWASP New Zealand Day 2012] | ||
+ | : '''Co-Sponsor:''' [http://www.auckland.ac.nz/ The University of Auckland], [http://www.security-assessment.com Security-Assessment.com], [http://www.aurainfosec.com Aura Information Security], [http://www.insomniasec.com Insomnia Security], [http://www.lateralsecurity.com Lateral Security], [http://www.webdrive.co.nz Web Drive] | ||
+ | : '''Location:''' Auckland | ||
+ | : '''Event site:''' [[OWASP_New_Zealand_Day_2012|OWASP New Zealand Day 2012]] | ||
+ | |||
+ | ; 8th May 2012 | ||
+ | : '''Co-Sponsor:''' [http://security-assessment.com Security-Assessment.com] and [http://www.touchpoint.co.nz Touchpoint] | ||
+ | : '''Locations:''' Wellington, Auckland | ||
+ | : '''Presentation:''' [https://www.owasp.org/images/e/e0/Owasp2012-MarkPiper.pdf An Overview and introduction to modern day BeEF] | ||
+ | : '''Presented By:''' Mark Piper, Insomnia Security | ||
+ | |||
+ | |||
+ | ; 28th February 2012 | ||
+ | : '''Co-Sponsor:''' [http://security-assessment.com Security-Assessment.com] and [http://www.touchpoint.co.nz Touchpoint] | ||
+ | : '''Locations:''' Wellington, Auckland | ||
+ | : '''Presentation:''' [https://www.owasp.org/images/2/27/OWASP_Top_10-7_to_10-aj.pdf Introduction to the OWASP Top Ten - Part 3] | ||
+ | : '''Presented By:''' Adrian Hayes, Security Consultant (Security-Assessment.com) | ||
+ | : '''Presentation:''' [https://www.owasp.org/images/0/08/OWASP-Mistaken_Identity-Password_Reset-nickf.pdf Mistaken Identity: How Not To Build A Password Reset Process] | ||
+ | : '''Presented By:''' Nick Freeman, Senior Security Consultant (Security-Assessment.com) | ||
+ | |||
+ | |||
+ | === 2011 === | ||
+ | |||
+ | |||
+ | <!-- 2011 --> | ||
+ | ; 6th December 2011 | ||
+ | : '''Co-Sponsor:''' [http://security-assessment.com Security-Assessment.com] and [http://www.touchpoint.co.nz Touchpoint] | ||
+ | : '''Locations:''' Wellington, Auckland | ||
+ | : '''Presentation:''' [https://www.owasp.org/images/6/6d/OWASP_NZ-DEC2011-OWASP_Top_10-4_to_6.pdf Introduction to the OWASP Top Ten - Part 2] | ||
+ | : '''Presented By:''' Adrian Hayes, Security Consultant (Security-Assessment.com) | ||
+ | : '''Presentation:''' [https://www.owasp.org/images/1/15/OWASP_NZ-DEC2011-Hardened_Hosting.pdf Hardened Hosting] | ||
+ | : '''Presented By:''' Quintin Russ, Technical Director (SiteHost) | ||
+ | |||
+ | |||
+ | ; 20th September 2011 | ||
: '''Co-Sponsor:''' [http://security-assessment.com Security-Assessment.com] | : '''Co-Sponsor:''' [http://security-assessment.com Security-Assessment.com] | ||
− | : '''Presentation:''' | + | : '''Locations:''' Wellington, Auckland |
− | : '''Presented By:''' | + | : '''Presentation:''' [https://www.owasp.org/images/c/cf/OWASP_NZ_SEP2011_TOP-10_1-of-3.pdf Introduction to the OWASP Top Ten - Part 1] |
− | : ''' | + | : '''Presented By:''' Nick Freeman, Security Consultant (Security-Assessment.com) |
− | : ''' | + | : '''Presentation:''' [https://www.owasp.org/images/3/31/OWASP_NZ_SEP2011_Clickjacking-for-shells_PDF-version.pdf Clickjacking for Shells] |
+ | : '''Presented By:''' Andrew Horton, Security Consultant (Security-Assessment.com) | ||
− | |||
+ | ; 7th July 2011 | ||
+ | [https://www.owasp.org/index.php/OWASP_New_Zealand_Day_2011 https://www.owasp.org/images/0/05/OWASP_NZ_Day_2011_Logo.png] | ||
+ | : '''Co-Sponsor:''' [http://www.security-assessment.com Security-Assessment.com], [http://www.auckland.ac.nz/ The University of Auckland] | ||
+ | : '''Location:''' Auckland | ||
+ | : '''Presentations:''' [http://www.owasp.org/index.php/OWASP_New_Zealand_Day_2011#tab=Speakers Download] | ||
+ | : '''Event site:''' [[OWASP_New_Zealand_Day_2011|OWASP New Zealand Day 2011]] | ||
− | |||
− | + | ; 2nd March 2011 | |
+ | : '''Co-Sponsor:''' [http://security-assessment.com Security-Assessment.com] | ||
+ | : '''Locations:''' Wellington, Auckland | ||
+ | : '''Presentation:''' Crazy Insecure Web Apps Google Didn't Tell You About.. | ||
+ | : '''Presented By:''' Adrian Hayes, Security Consultant (Security-Assessment.com) | ||
+ | : '''Presentation:''' [http://www.owasp.org/images/5/5e/2011-03-02-OWASP.pdf I know what you did last summer: The latest from the world of web hacks] | ||
+ | : '''Presented By:''' Kirk Jackson, Security Consultant (Aura Software Security) | ||
+ | |||
+ | === 2010 === | ||
; 15th July 2010 | ; 15th July 2010 | ||
Line 36: | Line 570: | ||
: '''Presented By:''' Scott Bell, Security Consultant (Security-Assessment.com) | : '''Presented By:''' Scott Bell, Security Consultant (Security-Assessment.com) | ||
− | + | === '''2009''' === | |
− | == '''2009''' == | ||
<!-- 2009 --> | <!-- 2009 --> | ||
Line 65: | Line 598: | ||
: '''Presentation:''' "[http://www.owasp.org/index.php/Image:OWASP_Mar09_Reversing_JavaScript.zip Reversing JavaScript]" | : '''Presentation:''' "[http://www.owasp.org/index.php/Image:OWASP_Mar09_Reversing_JavaScript.zip Reversing JavaScript]" | ||
: '''Presented By:''' Roberto Suggi Liverani, Senior Security Consultant (Security-Assessment.com) | : '''Presented By:''' Roberto Suggi Liverani, Senior Security Consultant (Security-Assessment.com) | ||
− | |||
− | == '''2008''' == | + | === '''2008''' === |
<!-- 2008 --> | <!-- 2008 --> | ||
Line 113: | Line 645: | ||
: '''Presented By:''' Roberto Suggi Liverani, Security Consultant (Security-assessment.com) | : '''Presented By:''' Roberto Suggi Liverani, Security Consultant (Security-assessment.com) | ||
− | |||
− | == '''2007''' == | + | === '''2007''' === |
<!-- 2007 --> | <!-- 2007 --> | ||
Line 140: | Line 671: | ||
: '''Co-Sponsor:''' [http://www.vedaadvantage.com/home/home_default.aspx Veda Advantage] | : '''Co-Sponsor:''' [http://www.vedaadvantage.com/home/home_default.aspx Veda Advantage] | ||
: '''Locations:''' Auckland | : '''Locations:''' Auckland | ||
+ | |||
+ | = Activities = | ||
== Activities == | == Activities == | ||
− | OWASP New Zealand members actively participate in various OWASP activities. The following are some | + | OWASP New Zealand members actively participate in various OWASP activities. The following are some highlights of activities undertaken by OWASP NZ members: |
+ | === 2019 === | ||
+ | |||
+ | * John DiLeo presented an overview of the OWASP SAMM Project and tools at the June 2019 meeting of the [https://security.org.nz/about-nzsa/nzisf/ NZISF] in Auckland | ||
+ | * John DiLeo attended the [https://open-security-summit.org/ Open Security Summit], June 2019 in the UK, co-hosting a session on the Application Security Curriculum Project | ||
+ | * John DiLeo presented an update on the OWASP SAMM Project during the Project Showcase at [https://telaviv.appsecglobal.org/ Global AppSec-Tel Aviv] in May 2019 | ||
+ | * John DiLeo became co-leader of the OWASP Application Security Curriculum Project in March 2019 | ||
+ | |||
+ | === 2018 === | ||
+ | * John DiLeo joined the OWASP Software Assurance Maturity Model (SAMM) project team, and attended the [https://2018.open-security-summit.org/ Open Security Summit] in the UK, in June 2018 | ||
+ | * John DiLeo signed on as Chair of the OWASP New Zealand Day conference, in June 2018 | ||
+ | * John DiLeo restarted the Auckland-area Meetup, which first met on 10 April 2018. The Meetup takes place on the second Tuesdays of April, June, August, October, and December | ||
+ | * John DiLeo stepped up as Auckland-area Chapter Leader, and was confirmed by the OWASP Foundation, in April 2018 | ||
+ | * Dion Bramley, John DiLeo, and Christian Probst signed on Chapter volunteers, at OWASP New Zealand Day 2018 | ||
+ | * Denis Andzakovic resigned from his position as OWASP New Zealand Chapter Leader, at OWASP NZ Day 2018 | ||
+ | |||
+ | === Older === | ||
+ | |||
+ | * Kim Carter ran a [http://www.meetup.com/owaspnycmetro/events/228716474/ workshop] at the NYC chapter | ||
+ | * Kirk Jackson stepped up to replace Adrian Hayes for Wellington from New Zealand day 2016 onwards. | ||
+ | * Denis Andzakovic stepped up to replace Nick Freeman for Auckland in March 2014 | ||
+ | * Kim Carter came on board to lead Christchurch from New Zealand Day 2013 onwards. | ||
+ | * Nick Freeman and Scott Bell have been appointed as the new leaders of the new OWASP New Zealand Chapter | ||
+ | * Roberto Suggi Liverani has resigned from his position as OWASP New Zealand Chapter Leader | ||
* Roberto Suggi Liverani will be speaking at OWASP AppSec Asia 2009 conference | * Roberto Suggi Liverani will be speaking at OWASP AppSec Asia 2009 conference | ||
* Roberto Suggi Liverani and Nick Freeman will be speaking at Defcon 17 | * Roberto Suggi Liverani and Nick Freeman will be speaking at Defcon 17 | ||
Line 155: | Line 711: | ||
* OWASP NZ has audio/video conference capability between Auckland and Wellington | * OWASP NZ has audio/video conference capability between Auckland and Wellington | ||
− | + | <headertabs></headertabs> | |
− | + | [[Category:OWASP Chapter]] | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− |
Latest revision as of 00:31, 30 December 2019
OWASP New Zealand
Welcome to the OWASP New Zealand chapter homepage.
The chapter leaders are Kim Carter (Christchurch), Kirk Jackson (Wellington), and John DiLeo (Auckland).
Keeping in Touch
- Chapter Mailing List (Google Groups): [email protected] - Join the Group
- InfoSecNZ Workspace on Slack - Be sure to join the #events channel for calendar notices (NOTE: By design, we do not maintain a separate Slack Workspace for the New Zealand chapter)
- Follow us on Twitter (@owaspnz)
Some Global OWASP Resources:
OWASP New Zealand Chapter Board
We are always looking for additional board members to evangelise the OWASP mission, help with meetings, projects and initiatives. As we all know, it takes time/effort to run a chapter. Please contact us if you are interested in joining the NZ OWASP board, would like to volunteer to help out or create a new Meetup/event, or for any queries related to OWASP NZ.
- NZ Board Member (Leader - Christchurch) Kim Carter (@binarymist)
- NZ Board Member (Leader - Auckland) John DiLeo (@gr4ybeard)
- NZ Board Member (Leader - Wellington) Kirk Jackson (@kirkj)
Local Meetup Links
- OWASP New Zealand Chapter-Auckland
- OWASP New Zealand Chapter-Christchurch
- OWASP New Zealand Chapter-Wellington
2020
OWASP New Zealand Day 2020 - University of Auckland Business School
- One-day conference, with three tracks on Friday, 21 February - Registration is FREE
- Training sessions (half-day, one-day, or two-day) on Wednesday and Thursday, 19 - 20 February - Registration: $325 for half-day; $625 for one-day; $1250 for two-day (plus EventBrite fees)
2019
10 December 2019
- Top Ten Discussion: A7 - Cross-Site Scripting (XSS) - Led by John DiLeo
- Presentation: TBC
- Location: Orion Health, 181 Grafton Road, Grafton, Auckland
Past Events
2019
8 October 2019
- Top Ten Discussion: A6 - Security Misconfiguration - Led by James Ting-Edwards
- Presentation: What's In a Name? Law of Agency and Domain Name Registrations - Judy Ting-Edwards
- Venue Host: Simon White
- Location: Middleware NZ, 104 Quay Street, CBD, Auckland
24 - 25 August 2019
OWASP NZ is proud to invite you to our first https://security.ac.nz event. Please visit the website for details.
- Registration: FREE
- Location: Maclaurin Lecture Theatres, Victoria University of Wellington
13 August 2019
- Top Ten Discussion: A9 - Using Components with Known Vulnerabilities - Led by John DiLeo
- Technical Discussion: Addressing Vulnerable Components with OWASP Projects and Tools - John DiLeo
- Location: Orion Health, 181 Grafton Road, Grafton, Auckland
10 August 2019
- Threat Modelling: Getting from None to Done - John DiLeo
- Registration: $125.00 (plus EventBrite fees), inclusive of morning and afternoon tea, lunch, and class materials
- Location: Orion Health, 181 Grafton Road, Grafton, Auckland
11 June 2019
- Top Ten Discussion: A5 - Broken Access Control - Led by John DiLeo
- Technical Topic: My Recent Adventures at OWASP Conferences - John DiLeo
- Location: Robert Walters, Level 9, 22 Fanshawe Street, CBD, Auckland
9 April 2019
- Top Ten Discussion: A4 - XML External Entities (XXE) - Led by John DiLeo
- Open Discussion: What do we want to do this year?
- Location: Orion Health, 181 Grafton Road, Grafton, Auckland
OWASP New Zealand Day 2019 - University of Auckland Business School
- One-day conference, with two tracks on Friday, 22 February - Registration is FREE
- Training sessions (half-day or full-day) on Thursday, 21 February - Registration: $500 for full-day; $250 for half-day
2018
11 December 2018
- Top Ten Discussion: A2 - Broken Authentication - Led by John DiLeo
- Technical Topic: Some Thoughts on Threat Modelling - John DiLeo
- Location: Orion Health, 181 Grafton Road, Grafton, Auckland
29 October 2018
- Presentation: Make the Cyber Safer with Multi-factor Authentication - Kevin Thomas
- Video: [1]
- Location: Wellington
9 October 2018
- Technical Topic: Integrating the Weakforced Security API - Steve Shipway, SMX Email
- Location: Cornerstone On-Demand, Level 1, 29 Union Street, Auckland
27 August 2018
- Presentation: Developer's guide to Deserialization Attack - Felix Shi
- Video: [2]
- Location: Wellington
14 August 2018
- Top Ten Discussion: A3 - Sensitive Data Exposure - Led by John DiLeo
- Presentation: Web Application Penetration Testing Demo - Shofe Miraz
- Location: Orion Health, 181 Grafton Road, Grafton, Auckland
12 June 2018
- Presentation: GDPR and New Zealand Privacy Law - James Ting-Edwards
- Location: InternetNZ, 62 Victoria Street West, Auckland CBD, Auckland
11 June 2018
- Presentation: What are certificates? - Matt Cotterell
- Location: Wellington
10 April 2018
- Top Ten Discussion: A1 - Injection - Led by John DiLeo
- Presentation: OWASP Software Assurance Maturity Model (SAMM) - John DiLeo
- Location: Orion Health, 181 Grafton Road, Grafton, Auckland
28 March 2018
- CERT NZ
- Location: Christchurch
- Co-Sponsor: Catalyst
- 26 Feb 2018
- CERT NZ - Who are we? How are websites getting hacked in real life? with Declan Ingram
- Video: [3]
- Location: Wellington
- Presented by: Declan Ingram
OWASP New Zealand Day 2018 - University of Auckland Business School
- One-day conference, with two tracks on Monday, 5 February - Registration is FREE
- Training session (full-day) on Sunday, 4 February - Registration: $500
2017
- 2 Oct 2017
- Presentation: Same-origin policy: The core of web security
- Video: [4]
- Location: Wellington
- Presented By: Kirk Jackson
- 27 Sept 2017
- Securing your data (your business) using SQL Server 2016
- Presented By: Anupama Natarajan
- Location: Christchurch
- Co-Sponsor: Catalyst
- 31 July 2017
- Presentation: What is Cross-Site Request Forgery?
- Video: [5]
- Location: Wellington
- Presented By: Vales Bakaitis
- 28 June 2017
- Web Developer Quiz Night
- Prepared and Presented By: Kim Carter
- Details: on binarymist.io
- Location: Christchurch
- Co-Sponsor: Catalyst
- 29 May 2017
- Presentation: Developer's Guide to Preventing XSS
- Video: [6]
- Location: Wellington
- Presented By: Felix Shi
OWASP New Zealand Day 2017 - University of Auckland Business School
- One-day conference, with two tracks on Thursday, 20 April - Registration is FREE
- Training sessions (half-day and full-day) on Wednesday, 19 April
- 29 March 2017
- PHP Hurts Programmers (and other tales)
- Presented By: Keith Humm
- Slides: on speakerdeck
- Locations: Christchurch
- Co-Sponsor: Catalyst
- 27 Feb 2017
- Presentation: Building the ultimate login and signup
- Video: Youtube
- Location: Wellington
- Presented By: Matt Cotterell
2016
- 29 November 2016
OWASP NZ Wellington Meetup page
- Presentation: OWASP Top Ten - Developing secure web apps (PHP-flavoured)
- Video: Youtube
- Location: Wellington
- Presented By: Kirk Jackson
- In conjunction with the PHP user group Wellington
- 10 October 2016
OWASP NZ Wellington Meetup page
- Presentation: Introduction to Ruby on Rails security
- Video: Youtube
- Locations: Wellington
- Presented By: Tim Goddard
- Sponsor: Insomnia
- 28 September 2016
OWASP NZ Christchurch Meetup page
- Presentation / Demo Applying Cold War Learnings to our Daily OPSEC
- DeadDrop: (https://deaddrop.jadeworld.com/)
- Github: (https://github.com/phage-nz/deaddrop)
- Chris's Blog Post: (https://bytefog.blogspot.co.nz/2015/09/burn-after-reading.html)
- Locations: Christchurch
- Presented By: Chris Campbell
- Co-Sponsor: Catalyst and BinaryMist
- 29 August 2016
OWASP NZ Wellington Meetup page
- Presentation: Mobile app security: Intro to the OWASP Mobile Top 10
- Video: Youtube
- Location: Wellington
- Presented By: Mike Haworth
- 29 June 2016
OWASP NZ Christchurch Meetup page
- Presentation / Demo Security Regression Testing with ZapAPI and NodeGoat
- Teaser: (https://youtu.be/DrwXUOJWMoo)
- Github: (https://github.com/binarymist/NodeGoat/wiki/Security-Regression-Testing-with-Zap-API)
- Sourced From: Kims Book (https://leanpub.com/holistic-infosec-for-web-developers/read#process-agile-development-and-practices-security-regression-testing)
- Locations: Christchurch
- Presented By: Kim Carter
- Co-Sponsor: Catalyst and BinaryMist
- 27 June 2016
OWASP NZ Wellington Meetup page
- Presentation: Introduction to using a web application firewall
- Video: Youtube
- Location: Wellington
- Presented By: Graeme Neilson
- Sponsor: RedShield
- 30 March 2016
OWASP NZ Christchurch Meetup page
- Presentation: Qubes OS Discussion (https://www.qubes-os.org)
- Locations: Christchurch
- Presented By: Craig Rowland
- Co-Sponsor: Dimension Data and BinaryMist Limited
- 3rd and 4th of February 2016
At the University of Auckland School of Commerce
Gold Sponsors:
2015
- 25 November 2015
OWASP NZ Christchurch Meetup page
- Presentation: UAC, Governance and Managing the External Infosec Audit
- Locations: Christchurch
- Presented By: Drewe Hinkley
- Co-Sponsor: Dimension Data and BinaryMist Limited
- 30 September 2015
OWASP NZ Christchurch Meetup page
- Two part Presentation: The Exploited and the Exploiters - Case Study of a Real Cyber Hack and Live Demo's from Kims book
- Locations: Christchurch
- Presented By: Salinda Lekamge and Kim Carter
- 24 June 2015
OWASP NZ Christchurch Meetup page
- Presentation: "Does Your Cloud Solution Look Like a Mushroom".
- Locations: Christchurch
- Presented By: Kim Carter.
- Co-Sponsor: Dimension Data and BinaryMist Limited
- 25 March 2015
OWASP NZ Christchurch Meetup page
- Presentation: Reverse Engineering, Cracking, Compromising Software Security & Mitigations
- Locations: Christchurch
- Presented By: Rob Gilmour, Senior Software Engineer, Technical Support, JADE Software Corporation Ltd.
- Co-Sponsor: Dimension Data and BinaryMist Limited
- 26th and 27th of February 2015
At the University of Auckland Engineering Department
2014
- 26 November 2014
OWASP NZ Christchurch Meetup page
- Workshop: Review SSL/TLS, demo sslstrip and mitigation techniques
- Locations: Christchurch
- Presented By: Kevin Alcock, Security Consultant at Katipo Security
- Co-Sponsor: Dimension Data and BinaryMist Limited
- 25 September 2014
OWASP NZ Christchurch Meetup page
- Workshop: Review, Exploit and Learn from Vulnerable Web App
- Locations: Christchurch
- Presented By: Chris Campbell, Security & Operations Consultant Jade
- Co-Sponsor: Dimension Data and BinaryMist Limited
- 24 July 2014
OWASP NZ Wellington Meetup page
- Workshop: Web App Security Workshop
- Locations: Wellington
- Presented By: Adrian Hayes
- Sponsor: Dimension Data
2013
- 19 December 2013
- Co-Sponsor: Security-Assessment.com and Touchpoint
- Locations: Wellington, Auckland, Christchurch, Webcast
- Details: All details are on the meetup page above
- Presentation: Extending Burp with Python
- Presented By: Mike Haworth, Aura Information Security
- 11th and 12th of September 2013
At the Auckland Business School
https://www.owasp.org/index.php/OWASP_New_Zealand_Day_2013
- 22 May 2013
- Co-Sponsor: Security-Assessment.com and Touchpoint
- Locations: Wellington, Auckland, Webcast
- Details: All details are on the meetup page above
2012
- 31st August 2012
- Co-Sponsor: The University of Auckland, Security-Assessment.com, Aura Information Security, Insomnia Security, Lateral Security, Web Drive
- Location: Auckland
- Event site: OWASP New Zealand Day 2012
- 8th May 2012
- Co-Sponsor: Security-Assessment.com and Touchpoint
- Locations: Wellington, Auckland
- Presentation: An Overview and introduction to modern day BeEF
- Presented By: Mark Piper, Insomnia Security
- 28th February 2012
- Co-Sponsor: Security-Assessment.com and Touchpoint
- Locations: Wellington, Auckland
- Presentation: Introduction to the OWASP Top Ten - Part 3
- Presented By: Adrian Hayes, Security Consultant (Security-Assessment.com)
- Presentation: Mistaken Identity: How Not To Build A Password Reset Process
- Presented By: Nick Freeman, Senior Security Consultant (Security-Assessment.com)
2011
- 6th December 2011
- Co-Sponsor: Security-Assessment.com and Touchpoint
- Locations: Wellington, Auckland
- Presentation: Introduction to the OWASP Top Ten - Part 2
- Presented By: Adrian Hayes, Security Consultant (Security-Assessment.com)
- Presentation: Hardened Hosting
- Presented By: Quintin Russ, Technical Director (SiteHost)
- 20th September 2011
- Co-Sponsor: Security-Assessment.com
- Locations: Wellington, Auckland
- Presentation: Introduction to the OWASP Top Ten - Part 1
- Presented By: Nick Freeman, Security Consultant (Security-Assessment.com)
- Presentation: Clickjacking for Shells
- Presented By: Andrew Horton, Security Consultant (Security-Assessment.com)
- 7th July 2011
- Co-Sponsor: Security-Assessment.com, The University of Auckland
- Location: Auckland
- Presentations: Download
- Event site: OWASP New Zealand Day 2011
- 2nd March 2011
- Co-Sponsor: Security-Assessment.com
- Locations: Wellington, Auckland
- Presentation: Crazy Insecure Web Apps Google Didn't Tell You About..
- Presented By: Adrian Hayes, Security Consultant (Security-Assessment.com)
- Presentation: I know what you did last summer: The latest from the world of web hacks
- Presented By: Kirk Jackson, Security Consultant (Aura Software Security)
2010
- 15th July 2010
- Co-Sponsor: Security-Assessment.com, Lateral Security, The University of Auckland
- Location: Auckland
- Presentations: Download
- Event site: OWASP New Zealand Day 2010
- 4th March 2010
- Co-Sponsor: Security-Assessment.com
- Locations: Wellington, Auckland
- Presentation: MS-SQL Injections.
- Presented By: Scott Bell, Security Consultant (Security-Assessment.com)
2009
- 10th November 2009
- Co-Sponsor: Security-Assessment.com
- Locations: Wellington, Auckland
- Presentation: Testing AMF/Flex.
- Presented By: Nick Freeman, Security Consultant (Security-Assessment.com)
- Presentation: "Shared Ownership", from a web security perspective.
- Presented By: Quintin Russ, Technical Director (Site Host)
- 13th July 2009
- Co-Sponsor: Security-Assessment.com, Lateral Security, The University of Auckland
- Location: Auckland
- Presentations: Download
- Event site: OWASP New Zealand Day 2009
- 19th March 2009
- Co-Sponsor: Vodafone New Zealand and Security-Assessment.com
- Locations: Wellington, Auckland
- Presentation: "ActiveXploitation in 2009"
- Presented By: Paul Craig, Principal Security Consultant (Security-Assessment.com)
- Presentation: "Reversing JavaScript"
- Presented By: Roberto Suggi Liverani, Senior Security Consultant (Security-Assessment.com)
2008
- 5th November 2008
- Co-Sponsor: Vodafone New Zealand and Security-Assessment.com
- Locations: Wellington, Auckland
- Presentation: "Common Application Flaws"
- Presented By: Brett Moore, Network Intrusion Specialist (Insomnia Security)
- Presentation: "In your Browser, Jackin your Clicks"
- Presented By: Beau Butler, Security Consultant (Security-Assessment.com)
- Presentation: "Opera Stored Cross Site Scripting"
- Presented By: Roberto Suggi Liverani, Security Consultant (Security-Assessment.com)
- 3rd September 2008
- Co-Sponsor: Microsoft and Security-Assessment.com
- Locations: Wellington, Auckland
- Presentation: "Browser Security"
- Presented By: Roberto Suggi Liverani, Security Consultant (Security-Assessment.com)
- Presentation: "Time based blind SQL Injections"
- Presented By: Muhaimin Dzulfakar, Security Consultant (Security-Assessment.com)
- 25th June 2008
- Co-Sponsor: Security-Assessment.com
- Locations: Wellington, Auckland
- Presentation: "Fuzz the Web"
- Presented By: Dean Jerkovich, Security Analyst (ASB)
- Presentation: "Hacking The World With Flash Part #2: The Results"
- Presented By: Paul Crag, Principal Security Consultant (Security-Assessment.com)
- 29th April 2008
- Co-Sponsor: Security-Assessment.com
- Locations: Wellington, Auckland
- Presentation: "Hacking The World With Flash"
- Presented By: Paul Craig, Principal Security Consultant (Security-Assessment.com)
- Presentation: "Web Spam Techniques - also available in HTML format"
- Presented By: Roberto Suggi Liverani, Security Consultant (Security-Assessment.com)
- 21st February 2008
- Co-Sponsor: Veda Advantage
- Locations: Auckland
- Presentation: "Xpath Injection - An Overview"
- Presented By: Roberto Suggi Liverani, Security Consultant (Security-assessment.com)
2007
- 5th December 2007
- Co-Sponsor: Veda Advantage
- Locations: Auckland
- Presentation: "Ajax Security"
- Presented By: Roberto Suggi Liverani, Security Consultant (Security-assessment.com)
- Presentation: "On the job browser exploitation"
- Presented By: Mark Piper, Senior Security Consultant (Security-assessment.com)
- 22nd May 2007
- Co-Sponsor: Veda Advantage
- Press Release: VedaAdvantage.com
- Locations: Auckland
- Presentation: "OWASP in New Zealand"
- Presented By: Roberto Suggi Liverani / Antonio Spera
- April 2007
- Co-Sponsor: Veda Advantage
- Locations: Auckland
- January 2007
- Co-Sponsor: Veda Advantage
- Locations: Auckland
Activities
OWASP New Zealand members actively participate in various OWASP activities. The following are some highlights of activities undertaken by OWASP NZ members:
2019
- John DiLeo presented an overview of the OWASP SAMM Project and tools at the June 2019 meeting of the NZISF in Auckland
- John DiLeo attended the Open Security Summit, June 2019 in the UK, co-hosting a session on the Application Security Curriculum Project
- John DiLeo presented an update on the OWASP SAMM Project during the Project Showcase at Global AppSec-Tel Aviv in May 2019
- John DiLeo became co-leader of the OWASP Application Security Curriculum Project in March 2019
2018
- John DiLeo joined the OWASP Software Assurance Maturity Model (SAMM) project team, and attended the Open Security Summit in the UK, in June 2018
- John DiLeo signed on as Chair of the OWASP New Zealand Day conference, in June 2018
- John DiLeo restarted the Auckland-area Meetup, which first met on 10 April 2018. The Meetup takes place on the second Tuesdays of April, June, August, October, and December
- John DiLeo stepped up as Auckland-area Chapter Leader, and was confirmed by the OWASP Foundation, in April 2018
- Dion Bramley, John DiLeo, and Christian Probst signed on Chapter volunteers, at OWASP New Zealand Day 2018
- Denis Andzakovic resigned from his position as OWASP New Zealand Chapter Leader, at OWASP NZ Day 2018
Older
- Kim Carter ran a workshop at the NYC chapter
- Kirk Jackson stepped up to replace Adrian Hayes for Wellington from New Zealand day 2016 onwards.
- Denis Andzakovic stepped up to replace Nick Freeman for Auckland in March 2014
- Kim Carter came on board to lead Christchurch from New Zealand Day 2013 onwards.
- Nick Freeman and Scott Bell have been appointed as the new leaders of the new OWASP New Zealand Chapter
- Roberto Suggi Liverani has resigned from his position as OWASP New Zealand Chapter Leader
- Roberto Suggi Liverani will be speaking at OWASP AppSec Asia 2009 conference
- Roberto Suggi Liverani and Nick Freeman will be speaking at Defcon 17
- OWASP NZ Day 2009 - Presentations online
- Roberto Suggi Liverani and Nick Freeman will be speaking at EUSecWest 09
- Brett Moore will be speaking at OWASP AU Conference about "Vulnerabilities In Action".
- Roberto Suggi Liverani contributed to the OWASP Testing Guide v3.
- Mark Piper took his "On the job browser exploitation" talk to the OWASP_Australia_AppSec_2008_Conference.
- Rob Munro has been appointed as OWASP Evangelist
- OWASP NZ has audio/video conference capability between Auckland and Wellington