This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Minneapolis St Paul"

From OWASP
Jump to: navigation, search
(Agenda October 16)
m (Updated Chapter Leaders)
 
(419 intermediate revisions by 16 users not shown)
Line 1: Line 1:
{{Chapter Template|chaptername=Minneapolis/St. Paul|extra=The chapter leader is Robert Sullivan |mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-twincities|emailarchives=http://lists.owasp.org/pipermail/owasp-twincities}}
+
__NOTOC__ {{Chapter Template|chaptername=Minneapolis-St. Paul (OWASP MSP)|extra=The chapter leadership [mailto:alex.bauert@owasp.org Alex Bauert].<br>
  
== Local News ==
+
We use [http://www.meetup.com/OWASP-MSP-Meetup/?scroll=true Meetup.com] for announcements and sometimes, depending on the event [https://www.eventbrite.com Eventbrite.com] for RSVP's to organize events and meetings.
  
'''Next meeting: Tuesday, October 16, 6:00pm at Metropolitan State University MNSCU, Minneapolis'''
+
|mailinglistsite=https://lists.owasp.org/mailman/listinfo/owasp-twincities|emailarchives=https://lists.owasp.org/pipermail/owasp-twincities}}
 +
<br><br>
  
== Agenda October 16 ==
+
== Corporate Sponsors  ==
6:00pm - Food, Introduction and optional sign-in for CISSP credits. <br>
+
<!--
6:10pm - GSSP Certification initiative Gov/SANS (Joe Teff)<br>
+
<table border="0">
6:20pm - Continuous Testing (Andre Gironda)<br>
+
<tr><td>
7:05pm – Java Open Review OWASP project (Fredrick Lee)<br>
+
<div style="background:#FFFFFF;padding:10px;width:340px;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;[[Image:Advance it minnesota logo.png|120px|link=http://advanceitmn.org]] </div>
7:50pm - Book Giveaway: (Secure Programming with Static Analysis)<br>
+
</td>
7:55pm - Upcoming Events
+
<td>
 +
<div style="background:#FFFFFF;padding:10px; width:290px">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;[[Image:Best Buy logo.jpg|link=http://www.bestbuy.com/]]</div>
 +
</td>
 +
-->
 +
<table border="0">
 +
<tr>
 +
<td>
 +
<div style="background:#FFFFFF;padding:10px; width:290px">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;FICO</div>
 +
</td>
 +
</tr>
 +
<table>
 +
<br>
  
 +
= Upcoming Meetings and Events =
 +
== OWASP-MSP Upcoming Chapter Meeting  ==
  
=== Continuous Testing: Andre Gironda ===
+
'''When:''' Reference [http://www.meetup.com/OWASP-MSP-Meetup/?scroll=true Meetup.com] for announcements.
Continuous testing presents methodologies and tools that developers,
+
<!--
quality engineers, and security professionals can all share and use
+
'''Where:'''
effectively to their own unique approach. The tools presented are
+
Ewald Conference Center
cross-discipline, meaning they can be utilized by a developer as a
+
1000 Westgate Drive #252
development tool, by a qa-tester as a quality assurance tool, and by a
+
St. Paul, MN
vulnerability assessor as a security assurance tool.  Whether you're
 
trying to build better code faster, demonstrate the power of automated
 
testing using a data-driven test framework, or find security-related
 
defects - Continuous testing has something for you.
 
=== Java Open Review: OWASP & Fortify ===
 
Fortify has sought to develop a set of metrics that combine lessons learned from our experience working on various enterprise code bases and our work on the Java Open Review project. The metrics are designed to incorporate diverse criteria, including the size of the application, and the types of vulnerabilities identified. The metrics provide a mechanism to rate software components for security concerns and enable enterprises to:
 
- Evaluate which open source projects offer an acceptable level of security
 
- Compare competing open source software solutions based on their security
 
- Measure internal development efforts against open source counterparts
 
  
== Speaker Bios : Andre Gironda ==
+
'''Presentation:''' Red Team
Andre Gironda is an independent security researcher involved mostly in
 
web application security projects. His recent contributions include
 
the OWASP Top Ten 2007, OWASP Tools team, and speaking engagements at
 
local OWASP events on topics ranging from automated scanning tools to
 
problems with trusting the same-origin policy.  Andre has worked for a
 
number of companies in security-qa-developer or network testing roles,
 
including labs deep within Cisco Systems and many years in an
 
operations role at a major online auction site.
 
== Speaker Bios: Fredrick Lee ==
 
Frederick Lee is a member of Fortify Software's Security Research Group, where he manages the Java Open Review Project. Scanning the code of over 100 applications so far, Fredrick is helping assess and improve the security of open source software. Fredrick also helps the Security Research Group develop the secure coding rules that are used to run Fortify's suite of products.
 
Prior to joining Fortify Software, Fredrick was a Senior Information Security Engineer at Bank of America, where he helped roll out a secure development framework, performed security assessments, and developed enterprise security solutions.
 
  
Fredrick graduated from the University of Oklahoma, with a BS in Computer Engineering.
+
'''Presenter:''' Ryan Manship
 +
-->
 +
<!--
 +
'''Not sure if you are a current member?''' [https://docs.google.com/spreadsheets/d/142z7ByBQYMrszB1CGD30UC_XHpVX6zwvrkOgse5VO1Y/edit?usp=sharing Member Directory]
 +
-->
 +
<!--
 +
'''REGISTRATION LINK:''' [https://www.eventbrite.com/e/owasp-msp-september-2016-chapter-meeting-tickets-27533084196 Eventbrite Signup Link for Event]
 +
-->
 +
<!--
 +
== OWASP-MSP Upcoming Chapter meeting  ==
  
== Location: ==
 
  
Metropolitan State University, Minneapolis
+
'''When:''' Wednesday, May 11th @ 6:00 - 8:00 PM
MEC Building, 2nd floor,  Room M2800.
 
  
Check the .pdf map to see which building is the MEC building.
+
'''Title:''' Evil Twin Attack with Wifiphisher
I've waited for a meter (free after 6) but had the best success parking in the ramp, then crossing Hennepin (skyway) then crossing Spruce (street-level) the the MEC building.
 
  
== Directions: ==
+
This presentation will revolve around Wifiphisher, a security tool which automates the process of Evil Twin attack in order to mount fast phishing attacks against Wi-Fi networks. It is an open-source software that is heavily used by the wireless hacking community and comes with
From West: Exit at Lyndale/Hennepin Avenue. Veer right following the Lyndale and Lyndale North signs. Once on Lyndale North, stay in one of the two right lanes until you reach the third stoplight (Hennepin Avenue). Turn right and follow Hennepin to the MCTC parking ramp on the left side of the street.
+
its community-built templates for different phishing scenarios.  
  
From East: I.394 . Exit onto Dunwoody Blvd/Hennepin Avenue (Dunwoody Blvd. changes into Hennepin Avenue). Follow Hennepin to the MCTC parking ramp on the left side of the street.
 
  
From East: I.94 . Exit onto Hennepin /Lyndale Avenue. At the first stoplight (Dunwoody Blvd.), turn left (Dunwoody Blvd. changes into Hennepin Avenue). Follow Hennepin to the MCTC parking ramp on the left side of the street.
+
Common defenses for reducing the associated risk will also be discussed, including Wireless Intrusion Detection & Prevention Systems, 802.1X Port Access Control for robust mutual authentication and security awareness
 +
training.
  
Map here:
+
'''Speaker:''' George Chatzisofroniou (@_sophron) is a security engineer at CENSUS S.A. His research interests include cryptography, Wi-Fi hacking, network security and web security. He is the lead developer of the popular open-source wireless hacking tool "Wifiphisher".
http://www.metrostate.edu/bldgservices/location.html#mpls
 
  
== Book Giveaway: ==
+
'''Location:''' Best Buy - Headquarters 7601 Penn Ave S, Richfield, MN (Use the Visitor parking off Penn and the Visitor Entrance)
  
Thanks to Fortify for supplying a copy of the new book: Securing Software through Static Analysis by Brian Chess and Jacob West. If you have an extra copy of a good security book please bring it. There will be a drawing for any books. You do not need to provide your contact information to win.
+
'''RSVP:'''
  
== Upcoming Events: ==
+
at Eventbrite [http://bit.ly/1TaCKb8]
OWASP Nov 12-15 at eBay in San Jose
 
http://www.owasp.org/index.php/OWASP_%26_WASC_AppSec_2007_Conference<br>
 
Add your event here, Wiki registration is required.<br>
 
Approval of a new Chapter Leader, the passing of the password.
 
  
== Food: ==
+
'''Agenda:''' <br/>
 +
5:30 PM Room opens for networking and CPE signup<br/>
 +
6:00 PM Welcome: OWASP chapter update and Chapter Presentation<br/>
 +
7:45 PM Wrap-up<br/>
 +
-->
 +
<!-- Thank You OWASP Chapter Budget for sponsoring our meeting location. -->
  
The food is provided by Integral Business Solutions. Bring an appetite.
+
<!-- '''Follow''' OWASP MSP on your favorite social media sites:
  
[[Category:OWASP Chapter]]
+
 
 +
[[Image:Linkedin_mini.png|link=http://www.linkedin.com/groupInvitation?groupID=2184116]]
 +
[[Image:Twitter_mini.png|link=http://twitter.com/owaspmsp]] [[Image:Facebook_mini.png|link=http://www.facebook.com/pages/OWASP-Minneapolis-St-Paul-OWASP-MSP-OWASPMSP/113583361381]]
 +
 
 +
<br> -->
 +
 
 +
 
 +
 
 +
<!-- = Media and Documents = -->
 +
<!--
 +
Videos of past meetings are available at the [[OWASPMSP Videos]] node, the [http://vimeo.com/channels/owaspmsp OWASP MSP Vimeo Channel], and [http://vimeo.com/owasp http://vimeo.com/owasp].
 +
-->
 +
<!-- === Content  === -->
 +
 
 +
 
 +
 
 +
<!-- You can find our Chapter Videos at https://vimeo.com/user56799697 -->
 +
 
 +
 
 +
 
 +
<!--
 +
Igor Matlin - Warning: Security Storms are Brewing in Your JavaScript - OWASP (MSP) - May 2015
 +
 
 +
Gene Kim - Rugged DevOps - OWASP (MSP) - 7 November 2011 (61 minutes) [http://vimeo.com/36342207 Vimeo Video]
 +
 
 +
Michael Coates - Attack Aware Applications (AppSensor) - OWASP (MSP) - 18 April 2011 (75 minutes) [https://owasp.webex.com/owasp/ldr.php?AT=pb&SP=MC&rID=87764002&rKey=14191b8f8c73dabc WebEx Replay]
 +
 
 +
Dan Cornell - Smart Phones, Dumb Apps - OWASP (MSP) - 7 December 2010 (93 minutes) [http://vimeo.com/17692646 Vimeo Video]
 +
 
 +
Gunnar Peterson - Audit Logging Done Right - OWASP (MSP) - 20 September 2010 (55 minutes) [http://vimeo.com/15423426 Vimeo Video]
 +
 
 +
Dinis Cruz - How OWASP Works - OWASP (MSP) - 10 August 2010 (55 minutes) [http://vimeo.com/14343350 Vimeo Video]
 +
 
 +
Dinis Cruz - O2 - OWASP (MSP) - 10 August 2010 (110 minutes) [http://vimeo.com/14392060 Vimeo Video]
 +
-->
 +
 
 +
= Security Associates =
 +
 
 +
=== Secure360  ===
 +
 
 +
[http://www.secure360.org/ Secure360] is an annual conference providing high quality educational sessions and networking opportunities while working to identify developing trends in risk management, physical security, governance, audit, information security, contingency planning and human capital.
 +
 
 +
=== DC612 Meetings  ===
 +
 
 +
DC612 meets the 2nd Thursday of the month.<br> [http://www.dc612.org/ http://www.dc612.org/]
 +
= Chapter Contacts =
 +
[mailto:[email protected] Alex Bauert] and
 +
  [mailto:[email protected] Todd Dahl].
 +
<!--
 +
'''Leadership Team:''' [mailto:[email protected] Lorna Alamri]
 +
-->
 +
 
 +
<headertabs />
 +
 
 +
{{Social Media Links}}
 +
 
 +
[[Category:Minnesota]]

Latest revision as of 19:30, 5 December 2019

OWASP Minneapolis-St. Paul (OWASP MSP)

Welcome to the Minneapolis-St. Paul (OWASP MSP) chapter homepage. The chapter leadership Alex Bauert.

We use Meetup.com for announcements and sometimes, depending on the event Eventbrite.com for RSVP's to organize events and meetings. 


Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

Btn donate SM.gif to this chapter or become a local chapter supporter. Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG



Corporate Sponsors

      FICO

OWASP-MSP Upcoming Chapter Meeting

When: Reference Meetup.com for announcements.






Secure360

Secure360 is an annual conference providing high quality educational sessions and networking opportunities while working to identify developing trends in risk management, physical security, governance, audit, information security, contingency planning and human capital.

DC612 Meetings

DC612 meets the 2nd Thursday of the month.
http://www.dc612.org/