Difference between revisions of "Belgium"

Revision as of 22:14, 4 February 2009

OWASP Belgium

Welcome to the Belgium chapter homepage. The chapter leader is Sebastien Deleersnyder

Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

to this chapter or become a local chapter supporter. Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member?

Local News

<paypal>Belgium</paypal>

Coming up: a new season of Belgium chapter meetings!

Chapter Board

The BeLux Chapter is supported by the following board:

• Erwin Geirnaert, Zion Security
• Philippe Bogaerts, NetAppSec
• André Mariën, Inno.com
• Lieven Desmet, K.U.Leuven
• Joël Quinet, Telindus
• Sebastien Deleersnyder, Telindus

Our goal is to professionalize the local OWASP functioning, provide in a bigger footprint to detect OWASP opportunities such as speakers/topics/sponsors/… and set a 5 year target on: Target audiences, Different events and Interactions of OWASP global – local projects.

Structural Sponsors 2008-2009

OWASP BeLux would like to thank the following organizations for sponsoring this chapter. If you are interested in sponsoring the Belgium chapter please contact seba 'at' owasp.org .

Next Meeting (Feb-4-2009) in Brussels

WHEN

Wednesday, February 4th, 2009 (18h00pm-21h00pm)

WHERE

Location is sponsored by Ernst&Young's Information Security Team.
address: De Kleetlaan 2, 1831 Diegem (Route + Google Maps)

PROGRAM

The agenda:

• 18h00 - 18h30: Welcome & Refreshments
  
• 18h30 - 18h40: OWASP Update (by Sebastien Deleersnyder, Telindus, OWASP Board)
  
• 18h40 - 19h30: Best Practices Guide Web Application Firewalls (by Alexander Meisel, CTO and founder of Art of Defence)
  

Presentation + discussion: the OWASP German chapter has put together a paper to give a better understanding in how and where Web Application Firewalls should be used.

Alexander Meisel is CTO and founder of art of defence. He is in charge of product development, professional services and support. His interest and expertise in the area of security dates back to his thesis in which he wrote about avoiding and tracing distributed denial-of-service attacks. He worked for a Swiss IT service provider as a Web security expert; later he joined LINX, Europe’s largest Internet exchange, where he took care of member network security issues. After working for three years as a senior consultant designing and implementing large Web farms, including security audits with a leading producer of web servers, Alexander switched to a SPX Corporation company, where he was the main project manager for Web application solutions in the SAP area.

• 19h30 - 20h00: I thought you were my friend - Evil Markup, browser issues and other obscurities (by Mario Heiderich)
  

Presentation: This talk is a preview of the upcoming Poland talk (still in selection process). The talk will cover a short exegesis of how and where browser vendors talk about security - and what can be seen from a security professionals perspective. The ratio between the growth of new browser technologies and the amount of time for developers to learn working with them could turn out to be a problem - especially when knowing that todays browsers support a vast amount of lost treasures. Amongst them various XML quirks, data islands, SVG fonts etc. which make it hard to protect rich web applications. Surprising but true: several of the most recent in-the-wild browser exploits were possible due to those legacy features like the IE6-8 code execution flaw. Reason enough to dive into a collection of weird techniques and standards exposing attack vectors and scenarios that WAF systems and filters might have some trouble with. The talk also shows some issues regarding IE8 and Opera 10 - as well as current Firefox versions. The conclusion of the talk features an overview of what we can expect during the next months, ways for developers and related parties to deal with those security risks.

Mario Heiderich, is a cologne based CTO for an online enterprise based in Cologne and New York. He was visitor and speaker on several OWASP conferences, maintains the PHPIDS and other security related projects and recently authored a German book on Web Security together with Christian Matthies, fukami and Johannes Dahse. He is currently into browser security and digging the HTML5 specifications.

• 20h00 - 20h10: Break
• 20h10 - 21h00: Research on Belgian bank trojan attacks (by Richard Bennett, software consultant)
  

Presentation + discussion: Richard will present results of his research on trojans attacking customers of Belgian banks.

The paper summarizes the following aspects:

• What are these 'Banking Trojans'?
• Who creates them and why?
• What kind of infrastructure are they using?
• Which banks and organizations are they targeting?
• How do these trojans affect the target PC, and how are they spread?
• How can they be detected and removed?
• What are the risks to banking and e-commerce?
• What are the CBFA's updated 2009 recommendations, and do they make sense?
• How can we further mitigate this risk?

It is quite a high-level paper aimed to be used as input and context during a risk-analysis.

The PDF will be made available shortly.

Richard_Bennett is an OWASP member and consultant with Elmos NV, currently working for a Belgian business bank as test and QA engineer.

REGISTRATION

Please send a mail to Belgium 'at' owasp.org if you plan to attend, so we can size the venue appropriately and keep you updated on last-minute changes.

Previous Meeting (Nov-17-2008) in Brussels (event with ISSA)

WHEN

Monday, November 17th, 2008 (18h00pm-21h00pm)

WHERE

Location was sponsored by Isabel, the catering was sponsored by ISSA

address:
Isabel S.A./NV
Putterijstraat 22 Rue de la Putterie,
1000 Brussels
Routemap: Route
Google Maps Link

PROGRAM

The agenda:

• 18h00 - 18h30: Welcome & Refreshments
  
• 18h30 - 19h00: OWASP / ISSA introduction (by Philippe Bogaerts, OWASP Belgium and Bart Moerman, ISSA Brussels-European Chapter)
  
• 19h00 - 20h00: Risky PDF (by Didier Stevens, Contraste Europe)
  

download presentation

Presentation + discussion: The Portable Document Format (PDF) is a file format created by Adobe for document exchange. The extensive features of this powerful page description language offer opportunities for malicious use. Using this file format exposes your organisation to particular security risks. SPAM and malware using PDF as a vector are not the sole risks that the Portable Document Format brings you. Lesser-known risks include phishing, information disclosure and copyright infringement. After a brief introduction to the structure of a PDF document, we will discuss the many risks associated with PDFs and show how to mitigate said risks.

Didier Stevens Didier Stevens (CISSP, GSSP-C, MCSE/Security, ...) is an IT Security Consultant currently working at a large Belgian financial corporation. He is employed by Contraste Europe NV, an IT Consulting Services company. Didier blogs at http://blog.didierstevens.com

• 20h00 - 21h00: .NET Rootkits - Backdoors Inside Your Framework (by Erez Metula, 2BSecure)
  

download presentation

Presentation + discussion: It is considered relatively easy to reverse engineer compiled .NET EXE's and DLL's. This is a well known fact. But what happens if we will use this fact to reverse engineer and modify .NET Framework DLL's and recompile the code..? We can change the .NET language! Erez Metula will expose the methods required to modify the Framework, and how to bypass its own protection mechanisms. We will see how it is possible to write rootkits for the framework, that will enable the attacker to install a reverse shell inside the framework, to steal valuable information, to fixate encryption keys, disable security checks and more. In addition, a new tool (".NET-Sploit") for building MSIL rootkits will be released that will enable the user to inject preloaded/custom payload to the Framework core DLL.

Agenda:

• Introduction .NET execution model & .NET reverse engineering
• Modifying the Framework core
• Function injection
• Installing backdoors and root kits
• Automating the process with .NET-Sploit
• Things to consider when injecting

Presentation abstract online by Erez: http://www.applicationsecurity.co.il/.NET-Framework-Rootkits.aspx

Erez Metula is a senior application security consultant, working as the application security department manager at 2BSecure. He has extensive hands-on experience performing security assessments, secure development consulting & training for clients in Israel and abroad such as banks, financial organizations, military, software development companies, telecom, and more. Erez is also a leading instructor for many information security training, especially on secure software development methodologies & techniques. He had lectured on advanced .NET security (and other development platforms) for worldwide organizations and is constant speaker for conferences such as Microsoft .NET Security User Group, OWASP (Open Web Application Security Project), and more. He holds a CISSP certification and is toward graduation of Msc in computer science.

REGISTRATION

Please send a mail to Belgium 'at' owasp.org if you plan to attend, so we can size the venue appropriately and keep you updated on last-minute changes.

Previous Chapter Meeting (Oct-23-2008) in Huizingen (near Brussels)

WHEN

Thursday, October 23rd, 2008 (18h00pm-21h00pm)

WHERE

Location was sponsored by RealDolmen

adres:
Industriezone Zenneveld
A. Vaucampslaan 42
1654 Huizingen
Google Maps Link

PROGRAM

The agenda:

• 18h00 - 18h30: Welcome & Refreshments
  
• 18h30 - 19h00: OWASP Update (by Sebastien Deleersnyder, OWASP Belgium)
  
• 19h00 - 20h00: Building a tool for Security consultants: A story of a customized source code scanner (by Dinis Cruz, OWASP)
  

Presentation + discussion:

Dinis Cruz Dinis Cruz is a Security Consultant based in London (UK) and specialized in: ASP.NET Application Security, Active Directory deployments, Application Security audits and .NET Security Curriculum Development. Dinis is also Chief OWASP Evangelist!

• 20h00 - 21h00: Logging: not just a good idea (download) (by Eddy Vanlerberghe)
  

Presentation + discussion: During the design and implementation of applications, logging is often not considered to be a vital factor in the overall security, but merely one of the tools of the trade used by developers so that runtime errors can easily be traced to their root cause in the application source. As a result, lack of decent security logs usually becomes clear when they are needed the most: when an incident has occurred. Incidents where logging plays a crucial role could be disputes over whether or not a customer issued a certain transaction (non-repudiation), intruders have compromised bank accounts (forensic investigation) or even foil an ongoing attack when suspicious traffic is being registered (e.g. lock out IP addresses of suspected attackers) This presentation will handle different aspects of what constitutes secure application logging: what to log, when to log, access to log information etc.

Eddy Vanlerberghe has extensive experience as a developer. He has been involved in development of commercial Internet Web applications since 1996. In 1999 he joined the company Netvision, which was first renamed to Ubizen and even later the company became Cybertrust. In 2007 the company was acquired by VerizonBusiness. Mr. Vanlerberghe was part of the development teams for security related products like ETS Multisecure, EasyPayment and the web application level firewall DMZShield. Since 2005 he has been part of the Application Security team where he was involved in all aspects of application security.

Past Events

• Events held in 2008
• Events held in 2007
• Events held in 2006
• Events held in 2005