This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "EUTour2013 Finland Agenda"
(Created page with "<noinclude>{{:EUTour2013 header}}</noinclude> {|style="vertical-align:top;width:90%;background-color:#white;padding:10px;border:1px solid silver;" align="center" cellspacing=...") |
|||
(17 intermediate revisions by the same user not shown) | |||
Line 7: | Line 7: | ||
| align="center" style="background:#EEEEEE;" colspan="2" | | | align="center" style="background:#EEEEEE;" colspan="2" | | ||
== '''OWASP Europe Tour - Finland 2013''' == | == '''OWASP Europe Tour - Finland 2013''' == | ||
− | ''' | + | '''Monday 17th June''' ''(Conference)'' <br> |
|- | |- | ||
| valign="center" bgcolor="#CCCCEE" align="center" colspan="2" | '''DESCRIPTION''' | | valign="center" bgcolor="#CCCCEE" align="center" colspan="2" | '''DESCRIPTION''' | ||
Line 27: | Line 27: | ||
|- | |- | ||
| align="center" style="background:#4B0082;" colspan="2" | <span style="color:#ffffff"> | | align="center" style="background:#4B0082;" colspan="2" | <span style="color:#ffffff"> | ||
− | '''CONFERENCE (Monday 17th | + | '''CONFERENCE (Monday 17th June)''' </span> |
|- | |- | ||
|- | |- | ||
− | | style="width:20%" valign="middle" bgcolor="#CCCCEE" align="center" colspan="0" | ''' | + | | style="width:20%" valign="middle" bgcolor="#CCCCEE" align="center" colspan="0" | '''When''' |
− | | style="width:80%" valign="middle" bgcolor="#CCCCEE" align="center" colspan="0" | ''' | + | | style="width:80%" valign="middle" bgcolor="#CCCCEE" align="center" colspan="0" | '''Where''' |
|- | |- | ||
| valign="middle" bgcolor="#EEEEEE" align="center" | ''' Monday 17th June ''' | | valign="middle" bgcolor="#EEEEEE" align="center" | ''' Monday 17th June ''' | ||
| valign="middle" bgcolor="#EEEEEE" align="left" | '''Venue Location: HTC Keilaniemi<br> | | valign="middle" bgcolor="#EEEEEE" align="left" | '''Venue Location: HTC Keilaniemi<br> | ||
Venue Address: Keilaranta 15<br> 02150 Espoo'''<br> | Venue Address: Keilaranta 15<br> 02150 Espoo'''<br> | ||
− | Venue Map: [https://maps.google.fi/maps?q=keilaranta+15&hl=en&sll=60.178512,24.835169&sspn=0.008174,0.02429&hnear=Keilaranta+15,+Espoo&t=m&z=16] | + | Venue Map: [https://maps.google.fi/maps?q=keilaranta+15&hl=en&sll=60.178512,24.835169&sspn=0.008174,0.02429&hnear=Keilaranta+15,+Espoo&t=m&z=16 map] |
|- | |- | ||
| align="center" style="background:#CCCCEE;" colspan="2" | '''Price and registration''' | | align="center" style="background:#CCCCEE;" colspan="2" | '''Price and registration''' | ||
|- | |- | ||
| align="center" style="background:#EEEEEE;" colspan="2" | This event is '''FREE''' <br> | | align="center" style="background:#EEEEEE;" colspan="2" | This event is '''FREE''' <br> | ||
− | '''Registration Link to the Europe Tour - Finland''': [ | + | '''Registration Link to the Europe Tour - Finland''': [http://www.regonline.com/owaspeutourfinland Regonline]'''<br> |
<br> | <br> | ||
|- | |- | ||
Line 69: | Line 69: | ||
| style="width:40%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | | | style="width:40%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | | ||
|- | |- | ||
− | | style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 16:45<br>( | + | | style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 16:45<br>(30 mins followed by 15 min break) |
− | | style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | | + | | style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | Nokia responsible disclosure program |
− | | style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | | + | | style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | Omar Benbouazza-Villa |
− | | style="width:40%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | | + | | style="width:40%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | Nokia has launched responsible disclosure program recently. Omar will talk about experiences starting and running such a program as a part of enterprise application security program. Common errors, solutions and best practices will be explained to help other companies to improve their security with this type of programs. |
|- | |- | ||
− | | style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | | + | | style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 17:30<br>(1 hour 30 mins) |
− | | style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | | + | | style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | Social engineering |
− | | style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | | + | | style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | Gavin Ewan |
− | | style="width:40%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | | + | | style="width:40%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | Jac0byterebel is not your typical social engineering presenter. Out goes the snake oil sale of analysing the minutia of pop psychology and trying to squeeze out real answers to the questions asked during a real social engineering attack. In comes hard hitting accounts of social engineering attacks drawn from real sources but anonymised to protect the pwned. |
|- | |- | ||
− | | style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | | + | | style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 19:00 <br>(15 min) |
| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | Rounding up | | style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | Rounding up | ||
| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | Petteri Arola | | style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | Petteri Arola | ||
− | | style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | Conclusions and last questions | + | | style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | Conclusions and last questions. Discussion continues over food & drinks at same location |
|} | |} | ||
<br><br> | <br><br> | ||
+ | == Abstract == | ||
+ | Omar's presentation: | ||
+ | |||
+ | Nokia has launched responsible disclosure program recently. Omar will talk about experiences starting and running such a program as a part of enterprise application security program. Common errors, solutions and best practices will be explained to help other companies to improve their security with this type of programs. | ||
+ | |||
+ | Gavin's presentation: | ||
+ | |||
+ | Jac0byterebel is not your typical social engineering presenter. Out goes the snake oil sale of analysing the minutia of pop psychology and trying to squeeze out real answers to the questions asked during a real social engineering attack. In comes hard hitting accounts of social engineering attacks drawn from real sources but anonymised to protect the pwned. | ||
+ | |||
+ | Deano, our ‘hypothetical’ bad-guy, could hack and social engineer his way to cash in his pocket and no cash in your pocket. Easy, boring, predictable. But what if Deano, a criminal social engineer, really upped his game? | ||
+ | |||
+ | This talk will see Deano up the stakes and deliver the kind of aggressive attack you have all lived in fear of. No longer a phone call to get your credentials, or a rogue e-mail to direct you to a fake website, this time its personal and Deano is looking to do you REAL damage. | ||
+ | |||
+ | Drawing on real data from anonymised sources, from the account given of this attack, attendees of the talk will see that a real social engineer doesn’t once pick up a psychology textbook. Deano will instead pose you a question - | ||
+ | |||
+ | “What if Deano could destroy my business without anyone realising it had been attacked?” | ||
+ | |||
+ | Live in fear of Hactivism? You won’t sleep at night after meeting Deano. | ||
+ | |||
+ | If you want an hour and a half of being told that ‘looking to the right makes you easier to social engineer’, go to another talk. If you want to see how the real bad guy operates, and talk about how to defend against him, then I look forward to seeing you there.. | ||
+ | |||
== Bio == | == Bio == | ||
− | + | Omar | |
+ | |||
+ | Omar Benbouazza is a spanish hacker working in the Nokia Incident Response Team, as a Senior Security Analyst. He has been working in Security Information the last 8 years and has big experience in international companies such as Telefonica, Ernst&Young, Santander Bank and now Nokia. He is also organizer of the most important security conference in Spain, RootedCON. | ||
+ | |||
+ | Gavin Ewan | ||
+ | |||
+ | Gavin 'Jac0byterebel' Ewan is a ranty, shouty, sweary Scottish hacker. After selling lots of things to lots of people, he decided to get firmly into the field of information security, always having been a geek at heart. Having taken his education and training in psychology, particularly sales psychology into the field of social engineering, he is now re-writing the social engineering rulebook and chasing out the snake-oil salesmen. Already a successful speaker, Gavin has delivered talks on social engineering worldwide to various audiences. |
Latest revision as of 13:04, 10 June 2013
|
OWASP EUROPE TOUR 2013 Tour Home Page |
CONFERENCE | |
OWASP Europe Tour - Finland 2013Monday 17th June (Conference) | |
DESCRIPTION | |
OWASP Europe TOUR, is an event across the European region that promotes awareness about application security, so that people and organizations can make informed decisions about true application security risks. Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.
| |
OWASP MEMBERSHIP | |
During the OWASP Europe Tour you could become a member and support our mission. |
CONFERENCE (Monday 17th June) | |
When | Where |
Monday 17th June | Venue Location: HTC Keilaniemi Venue Address: Keilaranta 15 |
Price and registration | |
This event is FREE Registration Link to the Europe Tour - Finland: Regonline
|
Conference Details | |||||
Time | Title | Speaker | Description | ||
16:00 (15 mins) |
Registration & coffee | ||||
16:15 (15 mins) |
Welcome | Petteri Arola | OWASP in Finland | ||
16:30 (15 mins) |
Word from our sponsor | ||||
16:45 (30 mins followed by 15 min break) |
Nokia responsible disclosure program | Omar Benbouazza-Villa | Nokia has launched responsible disclosure program recently. Omar will talk about experiences starting and running such a program as a part of enterprise application security program. Common errors, solutions and best practices will be explained to help other companies to improve their security with this type of programs. | ||
17:30 (1 hour 30 mins) |
Social engineering | Gavin Ewan | Jac0byterebel is not your typical social engineering presenter. Out goes the snake oil sale of analysing the minutia of pop psychology and trying to squeeze out real answers to the questions asked during a real social engineering attack. In comes hard hitting accounts of social engineering attacks drawn from real sources but anonymised to protect the pwned. | ||
19:00 (15 min) |
Rounding up | Petteri Arola | Conclusions and last questions. Discussion continues over food & drinks at same location |
Abstract
Omar's presentation:
Nokia has launched responsible disclosure program recently. Omar will talk about experiences starting and running such a program as a part of enterprise application security program. Common errors, solutions and best practices will be explained to help other companies to improve their security with this type of programs.
Gavin's presentation:
Jac0byterebel is not your typical social engineering presenter. Out goes the snake oil sale of analysing the minutia of pop psychology and trying to squeeze out real answers to the questions asked during a real social engineering attack. In comes hard hitting accounts of social engineering attacks drawn from real sources but anonymised to protect the pwned.
Deano, our ‘hypothetical’ bad-guy, could hack and social engineer his way to cash in his pocket and no cash in your pocket. Easy, boring, predictable. But what if Deano, a criminal social engineer, really upped his game?
This talk will see Deano up the stakes and deliver the kind of aggressive attack you have all lived in fear of. No longer a phone call to get your credentials, or a rogue e-mail to direct you to a fake website, this time its personal and Deano is looking to do you REAL damage.
Drawing on real data from anonymised sources, from the account given of this attack, attendees of the talk will see that a real social engineer doesn’t once pick up a psychology textbook. Deano will instead pose you a question -
“What if Deano could destroy my business without anyone realising it had been attacked?”
Live in fear of Hactivism? You won’t sleep at night after meeting Deano.
If you want an hour and a half of being told that ‘looking to the right makes you easier to social engineer’, go to another talk. If you want to see how the real bad guy operates, and talk about how to defend against him, then I look forward to seeing you there..
Bio
Omar
Omar Benbouazza is a spanish hacker working in the Nokia Incident Response Team, as a Senior Security Analyst. He has been working in Security Information the last 8 years and has big experience in international companies such as Telefonica, Ernst&Young, Santander Bank and now Nokia. He is also organizer of the most important security conference in Spain, RootedCON.
Gavin Ewan
Gavin 'Jac0byterebel' Ewan is a ranty, shouty, sweary Scottish hacker. After selling lots of things to lots of people, he decided to get firmly into the field of information security, always having been a geek at heart. Having taken his education and training in psychology, particularly sales psychology into the field of social engineering, he is now re-writing the social engineering rulebook and chasing out the snake-oil salesmen. Already a successful speaker, Gavin has delivered talks on social engineering worldwide to various audiences.