This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Netherlands"

From OWASP
Jump to: navigation, search
(OWASP Netherlands kick-off meeting minutes)
(News: June 18th added)
 
(649 intermediate revisions by 19 users not shown)
Line 1: Line 1:
{{Chapter Template|chaptername=Netherlands|extra=The chapter leader is [mailto:[email protected] Bert Koelewijn]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-netherlands|emailarchives=http://lists.owasp.org/pipermail/owasp-netherlands}}
+
{{Chapter Template|chaptername=Netherlands|extra=|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-netherlands|emailarchives=http://lists.owasp.org/pipermail/owasp-netherlands}}  
  
 +
<!-- First tab -->
 +
= Local News  =
 +
=='''News'''==
 +
:;OWASP Netherlands Monthly meetup:
 +
:: Next meetup [[OWASP_NL_Monthly_Meetup#June_18.2C_2019 | OWASP NL Chapter Meeting, June 18th]]
 +
::Slides and recordings are available [[OWASP_NL_Monthly_Meetup#January_17.2C_2019, Hilversum | OWASP Nl Chapter Meeting, January 17th]]
 +
:;OWASP BeNeLux-Day 2018:
 +
::[[OWASP_BeNeLux-Day_2018 | OWASP BeNeLux-Day 2018 - Mechelen, Belgium]]
 +
::[[OWASP_BeNeLux-Day_2017#tab=Conferenceday | Click here for the OWASP BeNeLux-Day 2017]]
  
 +
=='''Provisional 2017 Chapter Event Calendar'''==
 +
*Slide Decks from past Chapter meetings can be downloaded from the [[Netherlands#Past_Events | Past Events page]].
  
== OWASP Netherlands meeting minutes ==
+
=='''Other OWASP Events'''==
 +
::;[[OWASP_Events/upcoming_events | OWASP International, Upcoming Events]]
  
On 9 march, the second meeting of OWASP Netherlands local chapter took place. GetronicsPinkRoccade provided the venue, in their luxury conference centre: Connection I.<br/>
+
=='''Call for Presentations'''==
<br/>
+
::;[https://docs.google.com/a/owasp.org/spreadsheet/viewform?formkey=dGs1UFN0Ul9YR1pRcGdYRmtYallraUE6MQ#gid=0 OWASP NL Chapter Call For Presentation]
Agenda:<br/>
 
18.00 - 18.45 Check-In (bread & drinks)<br/>
 
18.45 - 19.00 Opening<br/>
 
19.00 - 20.00 Improving Security in the Application Development Life-cycle, Migchiel de Jong<br/>
 
20.00 - 20.15 Coffee break<br/>
 
20.15 - 22.00 Form focus groups<br/>
 
<br/>
 
The presentation of Migchiel de Jong was found very interesting by the audience. At the end of his presentation, he demonstrated a static code analysis of the OWASP webgoat application.<br/>
 
<br/>
 
After the coffee break, the attendances started discussing about the largest common topics of interest in the web application security field, in relation to the OWASP Netherlands chapter. As a result, the following focus groups are formed:<br/>
 
<br/>
 
Testing<br/>
 
The current OWASP Testing project and the Open Source Security Testing Methodology Manual of ISECOM, provide guidelines and best practices for testers. These guidelines can be used to formalize a standard structure and a set of minimum requirements for a security test. Clients could ask a tester to adhere to these guidelines.<br/>
 
A second idea is to standardize the testing results management report. In practice, testing could result in piles of paper with all the findings. The real value is reporting it in a usable way. For example: mapping technical findings to business risks.<br/>
 
<br/>
 
Frans v. Buul<br/>
 
Peter Gouwentak<br/>
 
Arthur Donkers<br/>
 
Eelco Klaver<br/>
 
Migchiel de Jong<br/>
 
Mario de Boer<br/>
 
<br/>
 
First focus group meeting: Monday 27 march, 18:00h, PwC Utrecht<br/>
 
<br/>
 
<br/>
 
Public Relations<br/>
 
This focus group will try to make business aware of the security impact that developing, hosting and using web applications has. What OWASP is and how OWASP can help. This can be done by giving presentations, writing papers and articles, word of mouth, etc. etc.<br/>
 
<br/>
 
Remco Bakker<br/>
 
Ronald Eygendaal<br/>
 
Bas van Vossen<br/>
 
Edwin van Vliet<br/>
 
Eelco Klaver<br/>
 
<br/>
 
First presentation of OWASP materials: Edwin van Vliet, TestNet - Voorjaarsevenement, 5 april<br/>
 
First focus group meeting: To be planned!<br/>
 
<br/>
 
<br/>
 
Education<br/>
 
OWASP and universities/schools could benefit from working together. For example:<br/>
 
- OWASP provides lot's of materials usable in colleges.<br/>
 
- Develop OWASP training course.<br/>
 
- Students can participate in OWASP projects<br/>
 
- OWASP can provide a platform for supporting research. Such as thesis projects, etc.<br/>
 
- OWASP representatives could provide guest colleges.<br/>
 
<br/>
 
Ronald Eygendaal<br/>
 
Erik Poll<br/>
 
Bas van Vossen<br/>
 
Edwin van Vliet<br/>
 
<br/>
 
First focus group meeting: To be planned!<br/>
 
<br/>
 
The presentation is available here:<br/>
 
http://www.owasp.org/docroot/owasp/misc/FortifySoftwareOWASPChapterPresent_NL.pdf<br/>
 
  
== 9 March: Second meeting of the OWASP Netherlands local chapter! ==
+
=='''Stay in contact:'''==
 +
<center>
 +
{| cellspacing="15"
 +
|-
 +
| [[Image:Meetup-logo-2x.png|120px|link=https://www.meetup.com/OWASP-Chapter-Netherlands-Meetup]]
 +
| [[Image:Join the list.png|150px|link=https://groups.google.com/a/owasp.org/forum/#!forum/netherlands-chapter]]
 +
| [[Image:Follow-us-on-twitter.png|175px|link=http://www.twitter.com/owasp_NL]]
 +
| [[Image:Linkedin-button.gif|135px|link=http://www.linkedin.com/groups/OWASP-Netherlands-Chapter-1987229/about]]
 +
|[[Image:slack-horizontal.png|90px|link=https://owasp.slack.com/messages/chapter-netherlands/details/]]
 +
|}
 +
</center>
  
In this second meeting focus groups are to be formed, to discuss common problems, develop and research common solutions in a vendor neutral environment. So this is a very good opportunity to get in contact with others, to exchange knowledge and experiences on specific topics.<br/>
+
=='''Sponsors'''==
<br/>
+
::;Our structural Chapter and OWASP [[OWASP_BeNeLux-Day_2017| OWASP BeNeLux-Day 2017 sponsor]] supporters:
For every focus group the following questions has to be answered:<br/>
+
::Interested in Sponsoring the Netherlands OWASP Chapter, email netherlands '@' owasp.org
1. Which specific topic is to be addressed?<br/>
+
<br>
2. What are the deliverables?<br/>
+
'''[https://www.owasp.org/index.php/Corporate_Membership OWASP Corporate Member]:'''
3. What is the relation to OWASP? (Current projects, materials, expertise and knowledge interchange, etc.)<br/>
+
<center>
4. Who is the central contact of the subgroup?<br/>
+
{| cellspacing="15"
<br/>
+
|-
It would be nice to have a bigger and more diverse group, compared to the first meeting. So let's recall: "Please, bring at least one friend, next time." And don't hesitate to send this announcement to everybody who may be interested!<br/>
+
| [[File:200x60_netsparker_logo.png|250px|link=https://www.netsparker.com]]
<br/>
+
|}
We thank Getronics PinkRoccade for offering us a venue:<br/>
+
</center>
Getronics PinkRoccade<br/>
+
'''[[OWASP_BeNeLux-Day_2017| OWASP BeNeLux-Day 2017 sponsor]]:'''
Fauststraat 1<br/>
+
<center>
7323 BA Apeldoorn <br/>
+
{| cellspacing="15"
<br/>
+
| [[File:Achmea_L1_RGB_colour.jpg|250px||link=https://www.achmea.nl/]]
The agenda:<br/>
+
|}
18.00 - 18.30 Check-In<br/>
+
</center>
18.30 - 18.45 Opening<br/>
+
<center>
18.45 - 19.30 Improving Security in the Application Development Life-cycle, Migchiel de Jong<br/>
+
{| cellspacing="15"
19.30 - 20.00 Collecting focus group initiatives<br/>
+
| [http://www.vest.nl https://www.owasp.org/images/6/67/Vest.jpg]
19.45 - 20.00 Coffee break<br/>
+
| [https://secwatch.nl https://www.owasp.org/images/f/ff/Secwatch_logo_small.png]
20.00 - 21.00 Form focus groups<br/>
+
| [[File:Avi Logo Transparent Background 300pix.png|200px|link=https://avinetworks.com/]]
<br/>
+
|}
Presentation Abstract<br/>
+
</center>
Rather than spending large amounts of time and money on proving that we have security vulnerabilities after programs go into production, companies should go to the source and correct vulnerabilities as early as possible in the development stage. It is unquestionably faster, simpler, and cheaper for developers to correct vulnerabilities as they build programs.<br/>
+
<center>
But how can development management ensure that developers focus on security when there is no time or budget for security at the development stage? Even with the correct focus, how can they learn what to look for? How can they stay ahead of the dedicated and resourceful hacker?<br/>
+
{| cellspacing="15"
The answer is effective processes and better tools. With advanced software security tools, a developer can pinpoint vulnerabilities in a matter of seconds — the same vulnerabilities that would take a hacker or manual code reviewer weeks or even months to find. These same tools can give development and information security managers useful metrics on application vulnerabilities before they are released into deployment.<br/>
+
|-
This talk will walk through the Application Development Life-Cycle and discuss how tools can help come to grips with software security issues in a particular phase.<br/>
+
]
<br/>
+
| [http://www.sig.eu/security https://www.owasp.org/images/9/99/SIG_LOGO.png]
About the presenter<br/>
+
| [https://www.secura.com/ https://www.owasp.org/images/7/78/Secura_logo_small.png]
Migchiel de Jong has developed hardware and software for 10 years before joining Rational Software. During the 5 years at Rational Software (later acquired by IBM) he was involved in many software development process improvement projects. Currently Migchiel de Jong is working at Fortify Software, Palo Alto, California, as a software security engineer.<br/>
+
| [[File:Xebia logo-large-transparent.png|200px|link=https://xebia.com/agile-software-security]]
<br/>
+
| [https://informatiebeveiliging.nl/ https://www.owasp.org/images/9/9a/Logo_Informatiebeveiliging-200.png]
If you want to attend send an email to owasp@irc2.nl. Please don't wait, 9 march is not that long anymore!<br/>
+
|}
<br/>
+
</center>
All OWASP chapter meetings are free, there are never vendor pitches or sales presentations at OWASP meetings.<br/>
 
<br/>
 
NOTE TO CISSP’s: OWASP Meetings count towards CPE Credits.<br/>
 
  
== OWASP Netherlands kick-off meeting minutes ==
+
<!--
 
+
[[File:VeraCode logo.png|250px|link=https://www.veracode.com]]
On 17 November, OWASP Netherlands had it's first meeting. We moved to a bigger location, the Mercure hotel in Nieuwegein, to host all the 35 attendees.<br/>
+
[[File:Vest.jpg|250px|link=http://www.vest.nl]]
<br/>
+
[[File:Intigriti_verticaal.jpg|250px|link=http://www.intigriti.be]]
The agenda:<br/>
+
[[File:Ecurify-2016.png|250px|link=http://www.securify.nl]]
18.00 - 18.30 Check-In (bread & drinks)<br/>
+
[[File:HPE_logo_250.png|250px|link=ttp://www8.hp.com/nl/nl/software-solutions/enterprise-security.html]]
18.30 - 18.45 Chapter opening<br/>
+
[[File:Nixu-logo.png|250px|link=https://www.nixu.com/en/nixubenelux]]
18.45 - 19.30 Presentation - 'Top tien web applicatie kwetsbaarheden in J2EE', Eelco Klaver<br/>
+
[[File:Logo_xebia.jpg|250px|link=https://xebia.com/agile-software-security]]  
19.30 - 19.45 Presentation - 'Veilige webapplicaties boven alles', Mike Wardi<br/>
+
[[File:Logo_Informatiebeveiliging-200.png|250px|link=https://informatiebeveiliging.nl]]  
19.45 - 20.00 Coffee break<br/>
+
-->
20.00 - 21.00 Discussion - About the OWASP Netherlands local chapter<br/>
+
<!-- Second tab -->
<br/>
 
The discussion took place in a 'round table' session, where all attendees were able to take part. The focus of the discussion was how to give the OWASP Netherlands local chapter additional value, next to the OWASP project. What the goals and tasks will be. And which actions will have to be taken at short term.<br/>
 
Different people have interest in different subjects. In general meetings there is no time to address all subjects and address them specific enough. Therefore subgroups can be formed, focusing on specific topics. They can have their own communication channel and meetings, but should keep close contact with the OWASP body.<br/>
 
<br/>
 
An inventarisation:<br/>
 
<br/>
 
Discussion Topics<br/>
 
- Awareness: writing articles, press publications, interviews<br/>
 
- Education: contact universities, schools and their common boards. Develop and gather education materials.<br/>
 
- General: discuss ideas for OWASP NL<br/>
 
<br/>
 
Focusgroup Topics<br/>
 
- (dutch) metrics project<br/>
 
- (dutch) legal project<br/>
 
- standard framework for pentest reports<br/>
 
- safe outsourcing<br/>
 
<br/>
 
Actions that should be taken on short term are:<br/>
 
- provide communication channels<br/>
 
- plan next (sub)meetings<br/>
 
- start discussions and focusgroups<br/>
 
<br/>
 
The presentations are available here:<br/>
 
<br/>
 
[[Media:OWASP_NL_Top_Ten_Web_Application_Vulnerabilities_in_J2EE.pdf]]<br/>
 
[[Media:OWASP_NL_Veilige_Web_App_Boven_Alles.pdf]]<br/>
 
  
== You are welcome to the OWASP Netherlands local chapter kick-off meeting! ==
+
= Calendar  =
 +
== Provisional Chapter Event Calendar 2019 ==
 +
{| class="wikitable" style="text-align:center;" border="1" |
 +
! width="300" | Date
 +
! width="350" | Type
 +
! width="300" | Location
 +
|- align="center"
 +
|- align="center"
 +
| [https://www.meetup.com/OWASP-Chapter-Netherlands-Meetup/events/247313273/ February 8th, 2019]
 +
| [[OWASP_NL_Monthly_Meetup#January_17.2C_2019| OWASP NL Wiki ]]
 +
| Amsterdam
 +
|- align="center"
 +
| [https://www.meetup.com/OWASP-Chapter-Netherlands-Meetup/events/261811435/  June 18th, 2019]
 +
| [[OWASP_NL_Monthly_Meetup#June_18.2C_2019| OWASP NL Wiki ]]
 +
| Amsterdam
 +
|}
 +
<!-- Third tab -->
  
Thursday, November 17th (2005) at 18.00h.<br/>
+
= Past Events  =
<br/>
+
*Events held in [[Netherlands Previous Events 2019|2019]]
ATTENTION! Because of the large amount of attendees, the location has changed:<br/>
+
*Events held in [[Netherlands Previous Events 2018|2018]]
<br/>
+
*Events held in [[Netherlands Previous Events 2017|2017]]
Hotel Mercure Utrecht/Nieuwegein<br/>
+
*Events held in [[Netherlands Previous Events 2016|2016]]
Buizerdlaan 10<br/>
+
*Events held in [[Netherlands Previous Events 2015|2015]]
3435 SB NIEUWEGEIN<br/>
+
*Events held in [[Netherlands Previous Events 2014|2014]]
Tel: 00 31 (0) 30 60 84 122<br/>
+
*Events held in [[Netherlands Previous Events 2013|2013]]
Fax: 00 31 (0) 30 60 38 374<br/>
+
*Events held in [[Netherlands Previous Events 2012|2012]]
<br/>
+
*Events held in [[Netherlands Previous Events 2011|2011]]
This first meeting will be an introduction to the OWASP. A constructive discussion will be held about the actual form of the OWASP Netherlands local chapter.<br/>
+
*Events held in [[Netherlands Previous Events 2010|2010]]
<br/>
+
*Events held in [[Netherlands Previous Events 2009|2009]]
The agenda:<br/>
+
*Events held in [[Netherlands Previous Events 2008|2008]]
18.00 - 18.30 Check-In (bread & drinks)<br/>
+
*Events held in [[Netherlands Previous Events 2007|2007]]
18.30 - 18.45 Chapter opening<br/>
+
*Events held in [[Netherlands Previous Events 2006|2006]]
18.45 - 19.30 Presentation - 'Top tien web applicatie kwetsbaarheden in J2EE', Eelco Klaver<br/>
+
*Events held in [[Netherlands Previous Events 2005|2005]]
19.30 - 19.45 Presentation - 'Veilige webapplicaties boven alles', Mike Wardi<br/>
+
 
19.45 - 20.00 Coffee break<br/>
+
<!-- Fourth tab -->
20.00 - 21.00 Discussion - About the OWASP Netherlands local chapter<br/>
+
 
<br/>
+
= Chapter Leaders  =
About the presenters<br/>
+
The Netherlands Chapter is supported by the following board:  
<br/>
+
*[https://www.owasp.org/index.php/User:Knoblochmartin Martin Knobloch]
Eelco Klaver<br/>
+
*[https://www.owasp.org/index.php/User:Joren Joren Poll]
Eelco Klaver is a senior consultant for Xebia IT Architects, since 2003. Doing software reviews, security audits and giving security workshops are part of his job. He has almost 10 years experience with developing enterprise applications in J2EE for different employees. At the moment, Eelco is the front man of the security business unit for Xebia, focussing on the security aspects of enterprise applications build on J2EE.<br/>
+
*[https://www.owasp.org/index.php/User:Edwin_Gozeling Edwin Gozeling]
<br/>
+
*[https://www.owasp.org/index.php/User:Cooper Tom Wirschell]
Mike Wardi<br/>
+
 
Mike Wardi is an internet application manager for a financial institute. He's responsible for the safety of internet applications provided to customers and the implementation of the security policies in software developement.<br/>
+
<br>  
<br/>
+
*[mailto:netherlands@owasp.org OWASP Netherlands], OWASP Netherlands board email adres
<br/>
+
Our goal is to professionalize the local OWASP functioning, provide in a bigger footprint to detect OWASP opportunities such as speakers/topics/sponsors/… and set a 5 year target on: Target audiences, Different events and Interactions of OWASP global – local projects.
If you want to attend, please send an email to owasp[email protected] or the mailing list.<br/>
+
 
<br/>
+
<!-- Fifth and last tab -->
All OWASP chapter meetings are free! There are never vendor pitches or sales presentations at OWASP meetings.<br/>
+
= Chapter Support  =
<br/>
+
=== Chapter Sponsoring  ===
NOTE TO CISSP’s: OWASP Meetings count towards CPE Credits.<br/>
+
OWASP Netherlands is looking for organizations to sponsor our chapter.  
<br/>
+
If you are interested in sponsoring the Netherlands chapter please contact us via email: [mailto:[email protected] netherlands 'at' owasp.org].  
 +
 
 +
=== Donation ===
 +
If you would like to donate to our chapter, please use the PayPal link at the top of this page.
 +
;Thank you!
 +
 
 +
=== Call for Speakers  ===
 +
We are continuously looking for speakers.<br>'''Presentations:''' Are you working on an interesting subject, would you like to share your experience with the OWASP community and do you have presentation skills. Please let us know! Any topic related to web application security will be appreciated!<br>'''VAC, Vulnerability, Attack, Countermeasure:''' The VAC is a re occuring part of the chapter meetings. The VAC is a half hour in-depth technical presentation about a vulnerability, how it can be exploited and how to prevent it!<br>  
 +
<span style="font-weight: bold;">Links: </span>  
 +
[http://www.owasp.org/index.php/Speaker_Agreement Speaker Agreement]
 +
[http://www.owasp.org/images/5/54/Presentation_template.ppt Template]
 +
Interested in presenting at a local chapter meeting, please send an email to: netherlands 'at' owasp.org
 +
 
 +
<!--
 +
=== Call for Location  ===
 +
For the OWASP Netherlands chapter meetings to come, we are continuously looking for locations!  
 +
Most preferable, the location is good accessible with public transport and by car. Free parking should be provided.
 +
What do we expect:
 +
*meeting room for at least 50 people
 +
*lunch for attendees
 +
**drinks, sandwiches...
 +
*a small present for the speakers
 +
**(e.g. bottle of wine, for speakers from aboard alcohol might be less practical if flying in only with hand luggage)
 +
Interested in sponsoring a local chapter meeting, please send an email to: netherlands 'at' owasp.org
 +
-->
 +
<!-- Don't remove this tag -->
 +
__NOTOC__
 +
<headertabs></headertabs>
 +
[[Category:Europe]]

Latest revision as of 17:19, 3 June 2019

OWASP Netherlands

Welcome to the Netherlands chapter homepage.


Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

Btn donate SM.gif to this chapter or become a local chapter supporter. Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG


News

OWASP Netherlands Monthly meetup
Next meetup OWASP NL Chapter Meeting, June 18th
Slides and recordings are available OWASP Nl Chapter Meeting, January 17th
OWASP BeNeLux-Day 2018
OWASP BeNeLux-Day 2018 - Mechelen, Belgium
Click here for the OWASP BeNeLux-Day 2017

Provisional 2017 Chapter Event Calendar

Other OWASP Events

OWASP International, Upcoming Events

Call for Presentations

OWASP NL Chapter Call For Presentation

Stay in contact:

Meetup-logo-2x.png Join the list.png Follow-us-on-twitter.png Linkedin-button.gif Slack-horizontal.png

Sponsors

Our structural Chapter and OWASP OWASP BeNeLux-Day 2017 sponsor supporters
Interested in Sponsoring the Netherlands OWASP Chapter, email netherlands '@' owasp.org


OWASP Corporate Member:

200x60 netsparker logo.png

OWASP BeNeLux-Day 2017 sponsor:

250px link=https://www.achmea.nl/
Vest.jpg Secwatch_logo_small.png Avi Logo Transparent Background 300pix.png
]
SIG_LOGO.png Secura_logo_small.png Xebia logo-large-transparent.png Logo_Informatiebeveiliging-200.png


Provisional Chapter Event Calendar 2019

Date Type Location
February 8th, 2019 OWASP NL Wiki Amsterdam
June 18th, 2019 OWASP NL Wiki Amsterdam


The Netherlands Chapter is supported by the following board:


Our goal is to professionalize the local OWASP functioning, provide in a bigger footprint to detect OWASP opportunities such as speakers/topics/sponsors/… and set a 5 year target on: Target audiences, Different events and Interactions of OWASP global – local projects.

Chapter Sponsoring

OWASP Netherlands is looking for organizations to sponsor our chapter. If you are interested in sponsoring the Netherlands chapter please contact us via email: netherlands 'at' owasp.org.

Donation

If you would like to donate to our chapter, please use the PayPal link at the top of this page.

Thank you!

Call for Speakers

We are continuously looking for speakers.
Presentations: Are you working on an interesting subject, would you like to share your experience with the OWASP community and do you have presentation skills. Please let us know! Any topic related to web application security will be appreciated!
VAC, Vulnerability, Attack, Countermeasure: The VAC is a re occuring part of the chapter meetings. The VAC is a half hour in-depth technical presentation about a vulnerability, how it can be exploited and how to prevent it!
Links: Speaker Agreement Template Interested in presenting at a local chapter meeting, please send an email to: netherlands 'at' owasp.org


Retrieved from "https://wiki.owasp.org/index.php?title=Netherlands&oldid=252064"