Difference between revisions of "Slovenia"
| Line 2: | Line 2: | ||
|chaptername=Slovenia | |chaptername=Slovenia | ||
|extra=The chapter leader is [mailto:[email protected] Stanka Salamun]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Slovenia | |extra=The chapter leader is [mailto:[email protected] Stanka Salamun]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Slovenia | ||
| − | + | }} | |
| − | |||
<!-- <paypal>Slovenia</paypal> <br><br> --> | <!-- <paypal>Slovenia</paypal> <br><br> --> | ||
<paypal>Slovenia</paypal> <br><br> | <paypal>Slovenia</paypal> <br><br> | ||
| − | + | ||
| − | <font color= | + | ---- |
| − | OWASP (Open Web Application Security Project) je odprta, globalna, brezplačna in neprofitna skupnost, ki se posveča dvigovanju varnostnega nivoja programske opreme. <br><br> | + | |
| − | + | <font color="#0000ff">OWASP (Open Web Application Security Project) je odprta, globalna, brezplačna in neprofitna skupnost, ki se posveča dvigovanju varnostnega nivoja programske opreme. <br><br></font><br><br> | |
| + | |||
Poslanstvo OWASP je seznanjanje in osveščanje javnosti o pomembnosti aplikacijske varnosti in primernih načinih zavarovanja. Posameznikom in organizacijam želimo omogočiti, da glede dejanskih varnostnih tveganj programske opreme sprejemajo informirane odločitve. <br><br> | Poslanstvo OWASP je seznanjanje in osveščanje javnosti o pomembnosti aplikacijske varnosti in primernih načinih zavarovanja. Posameznikom in organizacijam želimo omogočiti, da glede dejanskih varnostnih tveganj programske opreme sprejemajo informirane odločitve. <br><br> | ||
| − | Skupnosti OWASP se lahko pridruži kdorkoli. Vsa gradiva so dostopna z uporabo brezplačne licence. Fundacija OWASP zagotavlja razpoložljivost in podporo delovanja s pomočjo posameznikov, organizacij in akademskih institucij. | + | Skupnosti OWASP se lahko pridruži kdorkoli. Vsa gradiva so dostopna z uporabo brezplačne licence. Fundacija OWASP zagotavlja razpoložljivost in podporo delovanja s pomočjo posameznikov, organizacij in akademskih institucij. |
| − | |||
| − | == Join OWASP SLovenia == | + | == Join OWASP SLovenia == |
| − | If you want to join us please use the form: OWASP Slovenia: https://lists.owasp.org/mailman/listinfo/owasp-Slovenia | + | If you want to join us please use the form: OWASP Slovenia: https://lists.owasp.org/mailman/listinfo/owasp-Slovenia |
| − | == News == | + | == News == |
| − | === OWASP Slovenia at OTS 2010 conference === | + | === OWASP Slovenia at OTS 2010 conference === |
| − | Free tickets: http://owaspsloots2010.eventbrite.com | + | Free tickets: http://owaspsloots2010.eventbrite.com |
| + | <br>I am glad to announce that this year OWASP Slovenia Chapter is taking care of the Appsec section at OTS 2010 conference (http://cot.uni-mb.si/ots2010/Program.html). | ||
| − | + | On June 16th, at 16:15, we will proudly present the following topics: | |
| − | |||
| − | On June 16th, at 16:15, we will proudly present the following topics: | ||
| + | <br> | ||
- Marko Hölbl: Pasti pri vgradnji kriptografije v aplikacijski svet | - Marko Hölbl: Pasti pri vgradnji kriptografije v aplikacijski svet | ||
| − | - Milan Gabor: Slovenske spletne aplikacije imajo »TALENT« | + | - Milan Gabor: Slovenske spletne aplikacije imajo »TALENT« |
- Jure Škofič: "Race condition" - Ko želva stavi na srečo, zajec pa na "symlink" napad | - Jure Škofič: "Race condition" - Ko želva stavi na srečo, zajec pa na "symlink" napad | ||
- Edvard Šilc: Telesni skenerji na slovenskih letališčih | - Edvard Šilc: Telesni skenerji na slovenskih letališčih | ||
| − | + | <br>At the same day OWASP Slovenia members are also kindly invited to attend the OTS 2010 from 13.30, with no charge: at 13:30 there will be a very interesting keynote (in English), presented by Robin Wilton, titled "What's the value of your Digital Identity". At 14:30 there will be a section "Izmenjava, hramba in obdelava podatkov". Please bring your free "Eventbrite" ticket with you (http://owaspsloots2010.eventbrite.com)! | |
| − | At the same day OWASP Slovenia members are also kindly invited to attend the OTS 2010 from 13.30, with no charge: at 13:30 there will be a very interesting keynote (in English), presented by Robin Wilton, titled "What's the value of your Digital Identity". | ||
| + | <br> | ||
| − | == Future meeting schedule == | + | == Future meeting schedule == |
| − | * Jun 16 2010: OTS 2010 (Maribor), OWASP Application Security Session (free tickets: http://owaspsloots2010.eventbrite.com) | + | *Jun 16 2010: OTS 2010 (Maribor), OWASP Application Security Session (free tickets: http://owaspsloots2010.eventbrite.com) |
| − | * Sep 2010: Ljubljana | + | *Sep 2010: Ljubljana |
| − | == Meeting Locations == | + | == Meeting Locations == |
| − | ===L1: Maribor === | + | === L1: Maribor === |
| − | + | '''Location:''' UNIVERSITY OF MARIBOR, Faculty of Electrical Engineering and Computer Science (FERI), Smetanova 16, 2000 Maribor | |
| + | <br>Classroom G2-P2 BETA (entrance from Koroška cesta) | ||
| − | + | '''When:''' June 16, 2010, at 16:15<br> | |
| − | |||
| − | |||
| − | |||
| − | |||
| + | <br> | ||
<br><br> | <br><br> | ||
| − | ===L2: Ljubljana === | + | === L2: Ljubljana === |
| − | + | '''Location:''' HERMES SoftLab, Litijska 51, Ljubljana, room "Postojnska jama" <br> | |
| + | <br>'''When:''' September 2010 <br> | ||
| − | + | == How Can You Help? == | |
| − | + | If you can help and would like to raise the visibility of application security in your company by supporting our 100% volunteer efforts, simply contact Chapter Leader. <br><br> | |
| − | + | <br>To be a SPEAKER at a future meeting simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on. | |
| − | <br> | ||
| − | |||
| − | |||
| − | To be a SPEAKER at a future meeting simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on. | ||
<br> | <br> | ||
| − | |||
| − | == | + | == Meeting Archive == |
| − | Ljubljana, Thursday, Feb 25 2010, 16:00 | + | === Ljubljana Premiere: Ljubljana, Thursday, Feb 25 2010, 16:00 === |
| − | |||
| + | Ljubljana, Thursday, Feb 25 2010, 16:00 HERMES SoftLab d.o.o., Litijska 51, Ljubljana, classroom "Postojnska jama". | ||
| − | <font color= | + | <br><font color="#008000">Drink and snacks were kindly provided by our host, '''HERMES SoftLab'''.</font> |
| + | <br><big><br>'''Agenda: <br>'''</big> | ||
| − | + | *[[Media:OWASP_Slovenia_introduction_LJ_slides.pdf|Introduction to OWASP (Slides)]] | |
| − | + | *Tadej Vodopivec, HERMES SoftLab: '''Who's drinking, who's paying ...''' for web application security? | |
| − | |||
| − | * Tadej Vodopivec, HERMES SoftLab: | ||
| − | |||
| − | |||
| + | <font color="#0000ff">'''Kdo pije, kdo plača... '''za varnost spletnih aplikacij? </font>[[Media:OWASP_TadejVodopivec_SDL.pdf|(Slides)]] | ||
| + | <br> | ||
| + | <br> | ||
Nekoliko podrobneje se bomo spustili v primer življenskega cikla razvoja spletnih aplikacij, ki nam ponuja | Nekoliko podrobneje se bomo spustili v primer življenskega cikla razvoja spletnih aplikacij, ki nam ponuja | ||
| Line 107: | Line 100: | ||
Pogledali si bomo priporočila, kako odgovorno ravnati, da bo vložek v varnost čim učinkoviteje izkoriščen. | Pogledali si bomo priporočila, kako odgovorno ravnati, da bo vložek v varnost čim učinkoviteje izkoriščen. | ||
| + | <br>On special request we will repeat one of our lectures: | ||
| − | + | *Luka Treiber, ACROS: '''"White Hat" confession: '''How I got that precious file from your computer (demo) | |
| − | * Luka Treiber, ACROS: | ||
| − | |||
| + | <font color="#0000ff">'''Izpoved "white hat" hekerja: '''Kako sem dobil tisto dragoceno datoteko z vašega računalnika (demo) [[Media:OWASP_LukaTreiber_Whitehack.pdf|Slides]] </font> | ||
| + | <br> | ||
Ali se vam zdi vaš spletni brskalnih včasih muhast? Imata zapleten, neiskren odnos? | Ali se vam zdi vaš spletni brskalnih včasih muhast? Imata zapleten, neiskren odnos? | ||
| Line 128: | Line 122: | ||
Ali je res, da imate spletni brskalnik zato, da z njim brskate po spletu? | Ali je res, da imate spletni brskalnik zato, da z njim brskate po spletu? | ||
Ali da splet brska po vašem računalniku? | Ali da splet brska po vašem računalniku? | ||
| − | Odgovore pozna vaš »white hat« heker. | + | Odgovore pozna vaš »white hat« heker. |
<br><br> | <br><br> | ||
| − | === Initial meeting: Maribor, Wednesday, Jan 27 2010, 16:00 === | + | === Initial meeting: Maribor, Wednesday, Jan 27 2010, 16:00 === |
| − | University of Maribor, FERI (classroom G2-P2 BETA), Smetanova 16, 2000 Maribor | + | University of Maribor, FERI (classroom G2-P2 BETA), Smetanova 16, 2000 Maribor |
| − | <font color= | + | <font color="#008000">Drink and snacks were kindly provided by '''Laboratorij za podatkovne tehnologije''' from FERI, UM.</font> |
| + | <br><big><br>'''Agenda: <br>'''</big> | ||
| − | + | *dr. Mitja Lenič, NKBM: '''The challenges of securing application settings and infrastructure data''' | |
| − | + | <font color="#0000ff">Izzivi varovanja aplikacijskih nastavitev in infrastrukturnih podatkov </font>([[Media:OWASP-Lenic-Final.pdf|slides]]) | |
| − | |||
| − | <font color= | ||
| + | <br> | ||
| − | * Luka Treiber, ACROS: | + | *Luka Treiber, ACROS: '''"White Hat" confession: How I got that precious file from your computer '''(demo) |
| − | |||
| + | <font color="#0000ff">Izpoved "white hat" hekerja: Kako sem dobil tisto dragoceno datoteko z vašega računalnika (demo)</font> | ||
| − | Reviji Sistem se zahvaljujemo za objavo novice o ustanovitvi OWASP, Chapter Slovenija. | + | <br>Reviji Sistem se zahvaljujemo za objavo novice o ustanovitvi OWASP, Chapter Slovenija. |
Revision as of 10:32, 2 June 2010
Contents
OWASP Slovenia
Welcome to the Slovenia chapter homepage. The chapter leader is Stanka Salamun
Participation
OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.
Sponsorship/Membership
to this chapter or become a local chapter supporter.
Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? 
<paypal>Slovenia</paypal>
OWASP (Open Web Application Security Project) je odprta, globalna, brezplačna in neprofitna skupnost, ki se posveča dvigovanju varnostnega nivoja programske opreme.
Poslanstvo OWASP je seznanjanje in osveščanje javnosti o pomembnosti aplikacijske varnosti in primernih načinih zavarovanja. Posameznikom in organizacijam želimo omogočiti, da glede dejanskih varnostnih tveganj programske opreme sprejemajo informirane odločitve.
Skupnosti OWASP se lahko pridruži kdorkoli. Vsa gradiva so dostopna z uporabo brezplačne licence. Fundacija OWASP zagotavlja razpoložljivost in podporo delovanja s pomočjo posameznikov, organizacij in akademskih institucij.
Join OWASP SLovenia
If you want to join us please use the form: OWASP Slovenia: https://lists.owasp.org/mailman/listinfo/owasp-Slovenia
News
OWASP Slovenia at OTS 2010 conference
Free tickets: http://owaspsloots2010.eventbrite.com
I am glad to announce that this year OWASP Slovenia Chapter is taking care of the Appsec section at OTS 2010 conference (http://cot.uni-mb.si/ots2010/Program.html).
On June 16th, at 16:15, we will proudly present the following topics:
- Marko Hölbl: Pasti pri vgradnji kriptografije v aplikacijski svet - Milan Gabor: Slovenske spletne aplikacije imajo »TALENT« - Jure Škofič: "Race condition" - Ko želva stavi na srečo, zajec pa na "symlink" napad - Edvard Šilc: Telesni skenerji na slovenskih letališčih
At the same day OWASP Slovenia members are also kindly invited to attend the OTS 2010 from 13.30, with no charge: at 13:30 there will be a very interesting keynote (in English), presented by Robin Wilton, titled "What's the value of your Digital Identity". At 14:30 there will be a section "Izmenjava, hramba in obdelava podatkov". Please bring your free "Eventbrite" ticket with you (http://owaspsloots2010.eventbrite.com)!
Future meeting schedule
- Jun 16 2010: OTS 2010 (Maribor), OWASP Application Security Session (free tickets: http://owaspsloots2010.eventbrite.com)
- Sep 2010: Ljubljana
Meeting Locations
L1: Maribor
Location: UNIVERSITY OF MARIBOR, Faculty of Electrical Engineering and Computer Science (FERI), Smetanova 16, 2000 Maribor
Classroom G2-P2 BETA (entrance from Koroška cesta)
When: June 16, 2010, at 16:15
L2: Ljubljana
Location: HERMES SoftLab, Litijska 51, Ljubljana, room "Postojnska jama"
When: September 2010
How Can You Help?
If you can help and would like to raise the visibility of application security in your company by supporting our 100% volunteer efforts, simply contact Chapter Leader.
To be a SPEAKER at a future meeting simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.
Meeting Archive
Ljubljana Premiere: Ljubljana, Thursday, Feb 25 2010, 16:00
Ljubljana, Thursday, Feb 25 2010, 16:00 HERMES SoftLab d.o.o., Litijska 51, Ljubljana, classroom "Postojnska jama".
Drink and snacks were kindly provided by our host, HERMES SoftLab.
Agenda:
- Tadej Vodopivec, HERMES SoftLab: Who's drinking, who's paying ... for web application security?
Kdo pije, kdo plača... za varnost spletnih aplikacij? (Slides)
Nekoliko podrobneje se bomo spustili v primer življenskega cikla razvoja spletnih aplikacij, ki nam ponuja številne možnosti za varnostne spodrsljaje različnih vrst. Dotaknili se bomo tudi poslovnih odnosov med deležniki – naročniki, izvajalci, skupnostjo in drugimi, ki sodelujejo pri nastajanju spletne aplikacije. S tem bomo poglobili svoje razumevanje dejstva, da je naravno stanje spletne aplikacije ne-varnost in spoznanje, da je varnost spletne aplikacije posledica dodatnega napora, ki ga mora nekdo plačati (ali darovati). Pogledali si bomo priporočila, kako odgovorno ravnati, da bo vložek v varnost čim učinkoviteje izkoriščen.
On special request we will repeat one of our lectures:
- Luka Treiber, ACROS: "White Hat" confession: How I got that precious file from your computer (demo)
Izpoved "white hat" hekerja: Kako sem dobil tisto dragoceno datoteko z vašega računalnika (demo) Slides
Ali se vam zdi vaš spletni brskalnih včasih muhast? Imata zapleten, neiskren odnos? Morda pa raje pošilja podatke kot pa jih prejema. Sploh veste, kaj počne vaš spletni brskalnik? Brska. Kje brska? Za vašim hrbtom. Obstaja vsaj 5 razlogov, zakaj lahko posumite, da vas vaš spletni brskalnik vara: 5: sistemski dnevnik je prazen ali pa dolgočasen, 4: vaš antivirus se oglaša le med posodobitvami, 3: ničesar ne sumite, 2: za božič so se vam izpolnile vse želje, čeprav ste pozabili poslati seznam, 1: v lanskem letu ste brskali po spletu. Ali je res, da imate spletni brskalnik zato, da z njim brskate po spletu? Ali da splet brska po vašem računalniku? Odgovore pozna vaš »white hat« heker.
Initial meeting: Maribor, Wednesday, Jan 27 2010, 16:00
University of Maribor, FERI (classroom G2-P2 BETA), Smetanova 16, 2000 Maribor
Drink and snacks were kindly provided by Laboratorij za podatkovne tehnologije from FERI, UM.
Agenda:
- dr. Mitja Lenič, NKBM: The challenges of securing application settings and infrastructure data
Izzivi varovanja aplikacijskih nastavitev in infrastrukturnih podatkov (slides)
- Luka Treiber, ACROS: "White Hat" confession: How I got that precious file from your computer (demo)
Izpoved "white hat" hekerja: Kako sem dobil tisto dragoceno datoteko z vašega računalnika (demo)
Reviji Sistem se zahvaljujemo za objavo novice o ustanovitvi OWASP, Chapter Slovenija.
