This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Netherlands"

From OWASP
Jump to: navigation, search
Line 100: Line 100:
 
== '''Meeting Minutes'''  ==
 
== '''Meeting Minutes'''  ==
  
=== Meeting minutes September 24th 2009 ===
+
=== Meeting minutes March 11th 2010: Database Security<br>  ===
 +
----
 +
=== Meeting minutes May 20th 2010: Web Application Firewalls<br>  ===
 +
----
 +
=== Meeting minutes September 23rd 2010: TBD<br>  ===
 +
----
 +
=== Meeting minutes November 18th 2010: TBD<br>  ===
  
At September 24th 2009, the Dutch OWASP chapter met in Eindhoven. The sponsor of the evening was Madison Gurkha. The subject of the evening was Unautorized Access. There were 4 speakers and 21 attendees.<br/>
 
<br/>
 
After a short welcome talk by Ferdinand Vroom from OWASP, Madison Gurkha gave a small introduction to the company. Madison Gurkha is a small firm that focuses on the prevention, identification, and prevention of technical IT security problems throughout organizations. As such their scope reaches beyond that of web application testing up to the level of physical security. In practice they often see the OWASP top 10 vulnerabilities and use OWASP tools in their assessments, hence their interest in the OWASP.<br>
 
<br>
 
'''First presentation:''' Unauthorized Access  by Wil Allsopp. <br/>
 
Wil Allsopp performs Physical Penetration Tests at Madison Gurkha and recently wrote a book about the subject: Unauthorised Access: Physical Penetration Testing For IT Security Teams [http://www.amazon.com/Unauthorised-Access-Physical-Penetration-Security/dp/0470747617].<br/>
 
Physical Security is all hacking your way into physical locations, like buildings, by using a combination of reconnaissance, social engineering, and technical skills. Like all forms of testing these assessments can only be successful when performed in a structured manner. The first phase is the preparation phase in which the target is studied and a team with a balance of several expertises is selected. Obviously the legal consequences and risks for bodily harm can be more severe in conducting a physical security test. Therefore a careful preparation also includes covering these risks and defining solid boundary conditions. <br/>
 
In the second phase the actual test is done meaning that the team will try to enter a facility according to a well prepared plan. Since physical security deals with real people and other unpredictable circumstances, this phase heavily relies on social engineering skills and being creative. Test can be conducted in three modes of operation: overt (use the system as much as possible), covert (minimize contact), and unseen (apply stealth). The last phase is off course the reporting phase.<br/>
 
Wil clearly showed in his presentation that testing for physical security introduces whole new dimensions of interaction to take into account, but is in fact no different in approach than other forms of testing.<br/>
 
<br/>
 
'''Second presentation:''' Mini Meetings Results by Barry van Kampen en Dave van Stein. <br/>
 
As mentioned in the meeting minutes of May 28th 2009 [http://www.owasp.org/index.php/Netherlands#Meeting_minutes_May_28th_2009] the Dutch OWASP chapter decided to schedule mini-meetings. These meetings will facilitate an open discussion about a single topic of interest. Although only 1 of the 3 planned meetings actually took place, the results of this meeting were above expectations. The topic of this mini-meeting was "Quick-scans and other time-boxed test approaches". The conclusions were that these time-boxed test approaches are capable of quickly uncovering fundamental problems even while the scope is limited. Plans are to have a second meeting and maybe even start an OWASP project on the topic. <br/>
 
Since mini-meets are planned for and by the community, everybody is invited to check the mini-meet Wiki [http://www.owasp.org/index.php/Netherlands_Mini_Meeting_2009] and propose topics, dates or locations.<br/>
 
<br/>
 
'''Third presentation:''' OWASP Education Project by Martin Knobloch. <br/>
 
The awareness that application security is essential in the development and deployment of every web application is increasing, but it is often still applied as an end-of-pipe solution. The OWASP Education Project [http://www.owasp.org/index.php?title=Category:OWASP_Education_Project] tries to remediate this problem by delivering education material about OWASP tooling, methodologies, and principles. The project continuously creates educational & documentation papers, screen scrape video courses and learning environments and courses. By providing these materials to the community the OWASP body of knowledge can be spread in a controlled manner and deliver high quality training, both inside and outside of the OWASP community.<br/>
 
To improve the quality and progress of this project, contributors are needed on all areas. Therefore everybody is encouraged to take a look at the project Wiki and invited to help make the (virtual) world a better and safer place!<br/>
 
<br/>
 
 
----
 
----
  
  
 
== Scheduled OWASP NL Chapter Meetings:  ==
 
== Scheduled OWASP NL Chapter Meetings:  ==
 
=== Meeting Schedule December 2nd 2009: BeNeLux OWASP Day 2009<br>  ===
 
 
Follow this link for more information: [[BeNeLux OWASP Day 2009]]
 
 
[[Image:BeNeLux Day 2009 poster v1.png|200px]]
 
 
----
 
  
 
=== Meeting Schedule March 11th 2010: Database Security<br>  ===
 
=== Meeting Schedule March 11th 2010: Database Security<br>  ===
  
 
'''Summary:''' Details will be online shortly<br>  
 
'''Summary:''' Details will be online shortly<br>  
 +
----
  
 +
=== Meeting Schedule May 20th 2010: Web Application Firewalls<br>  ===
 +
----
 +
=== Meeting Schedule September 23rd 2010: TBD<br>  ===
 +
----
 +
=== Meeting Schedule November 18th 2010: TBD<br>  ===
 
----
 
----
  

Revision as of 22:31, 11 January 2010

OWASP Netherlands

Welcome to the Netherlands chapter homepage. The chapter leader is Bert Koelewijn <paypal>Netherlands</paypal>


Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

Btn donate SM.gif to this chapter or become a local chapter supporter. Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG


OWASP NL Chapter Meetings Schedule 2010

This is an overview of the 2010 local chapter meeting schedule. Details of the meetings can be found in the announcements that will be posted below this schedule. 


March 11th
----------
Time         : 18.00 - 21.30
Main Topic   : Database Security
Presentations: Details will be posted shortly
Location     : 
Sponsor      : 


May 20th
----------
Time         : 18.00 - 21.30
Main Topic   : Web Application Firewalls
Presentations: 
Location     : 
Sponsor      : 


September 23rd
----------
Time         : 18.00 - 21.30
Main Topic   : TBD
Presentations: TBD
Location     : TBD
Sponsor      : TBD


November 18th
----------
Time         : 18.00 - 21.30
Main Topic   : TBD
Presentations: TBD
Location     : TBD
Sponsor      : TBD


Call for Speakers

We are continuously looking for speakers and presentations make the chapter meetings as interesting as possible. Therefore we are looking inside and outside OWASP for known international specialists. But we know, there is a lot interesting stuf happening inside the Netherlands, too!
Presentations: Are you working on interesting subject, you would like to share your experiences with the OWASP community. Any topic related to application security will be appreciated!
VAC, Vulnerability, Attack, Countermeasure: The goal is an half hour in-depth technical presentation about a vulnerability, how it can be exploited and how to prevent it!

Links:

Speaker Agreement

Template

Sponsorship of a local chapter meeting

We are continuously looking for locations to hold local chapter meetings. Therefore, we need companies willing to sponsor of host events.
Hosting a local chapter meeting: To host a local chapter meeting, you facilitate the meeting location and beverage for the attendees
Sponsorship of a local chapter meeting: You cover the cost of renting the location for the meeting and the payment of the beverages for the attendees
Please let us know via the OWASP chapter meeting questionnaire of via email to [email protected]

OWASP NL Cafe

NEW: Monthly informal platform to speak about (Web) application security matters! No registration required, just drop by!

  • no programm
  • no agenda
  • whatever comes up!

Next OWASP Cafe:

Open and free event, just drop in and discuse what's on your mind about application security! 

When: TBD
Where: TBD

The flyer: OWASP NL Cafe oct09.jpg


Registration
If you want to attend, please send an email to: [email protected]

All OWASP chapter meetings are free of charge and you don't have to be an OWASP member to attend. There are never any vendor pitches or sales presentations at OWASP meetings.

NOTE TO CISSP's: OWASP Meetings count towards CPE Credits.


OWASP NL Mini-Meetings

NEW: Platform to discus on specific issues related to (Web) Application Security. The topic's are brought in by the OWASP NL community!
Something on your mind to discus, put your idea online at: Mini Meetings Netherlands_Mini_Meeting_2009 To attend the meeting, send an email to the contact's email address!

Next Mini-Meeting:

Topic        : SAMM, ASVS and other methodologies
Contact      : Martin Knobloch, [email protected]
----------
Date         : November 19th 2009
Time         : 18:00 (dinner provided) to 21:30 
Location     : Sogeti Nederland B.V.
               Plotterweg 31-33
               3821 BB Amersfoort
Details      : About ideas and experiences of using, implementing and verifying the different methodologies
Attendees    : Max 12 persons, currently 3,  9available

Meeting Minutes

Meeting minutes March 11th 2010: Database Security

Meeting minutes May 20th 2010: Web Application Firewalls

Meeting minutes September 23rd 2010: TBD

Meeting minutes November 18th 2010: TBD


Scheduled OWASP NL Chapter Meetings:

Meeting Schedule March 11th 2010: Database Security

Summary: Details will be online shortly

Meeting Schedule May 20th 2010: Web Application Firewalls

Meeting Schedule September 23rd 2010: TBD

Meeting Schedule November 18th 2010: TBD


Past Events

Retrieved from "https://wiki.owasp.org/index.php?title=Netherlands&oldid=76048"