This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Ottawa

From OWASP
Revision as of 23:24, 4 September 2014 by Seanmw (talk | contribs) (Added September Event)

Jump to: navigation, search

OWASP Ottawa

Welcome to the Ottawa chapter homepage. The chapter's president is Sherif Koussa


Follow us on Twitter

<paypal>Ottawa</paypal>


Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

Btn donate SM.gif to this chapter or become a local chapter supporter. Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG



Thanks to Our 2014 Sponsor

2Keys_Security_Solutions.jpg



Your Local Chapter

Hi Ottawa, welcome to your local OWASP chapter! We are a place to come and meet local developers and information security professionals, share ideas, and learn. We try to hold a meeting at least once every two months in the downtown core. We provide a mix of infosec rockstar talks, hands on training sessions, and special interest discussion groups. We are always looking for new ideas for events so let us know if you have an idea. Email one of us: Sherif, Sean, Joel or tweet at us owasp_ottawa.

Hope to see you at a meeting soon.


Upcoming Events

Cloud Computing – Security and Interoperability Perspectives

Who

Steven Woodward, CEO, Cloud Perspectives

Steven Woodward is CEO and founder of Cloud Perspectives and is the leader of the NIST (National Institute of Standards for Technology) Cloud Carrier and Cloud Auditor Sub-Groups within the Cloud Computing Reference Architecture. He is a leading contributor to NIST, TM Forum, Object Management Group Cloud Standards Customer Council, Canadian Cloud Council, IEEE and the International Telecommunication Union (ITU) Joint Collaboration Activity working groups.

Steven represents the Canadian Advanced Technology Alliance at the Shared Services Canada Architecture Advisory Committee and is influencing the Canadian Federal Government Cloud Computing Strategy. Steven is also one of the founding directors at the Canadian Chapter of the Cloud Security Alliance (CSA). In addition to cloud standards and best practices guides, he authored the “Cloud Computing Solution Measurement” chapter in the 2012 CRC Press published book, “The IFPUG Guide to IT and Software Measurement.”

A frequent international instructor, keynote presenter and leader, he continues to help establish realistic roadmaps, plans, contracts, SLAs and governance practices for cloud computing. Recent and planned speaking engagements includes: National Science Foundation – Arlington Virginia, AFEI – Washington, ISMA - Rio de Janeiro, IEEE – Cyprus, Florida International University, Florida Atlantic University, itSMF – Ottawa, ISACA CACS – Las Vegas, TM Forum – Nice, BFPUG – Brasilia and OWASP in Ottawa and Los Angeles.

What

Many organizations are evaluating and migrating toward cloud computing solutions. In 2013, some the key challenges pertain to security and interoperability. Open cloud standards can help manage risks, while fostering efficient solution delivery.

Steven Woodward shares updates from numerous international cloud standards related organizations. In Canada, he leads several of the cloud computing initiatives in both the private and public sectors. This includes being one of the founding board members of the Cloud Security Alliance Canadian Chapter.

Steven describes key cloud ecosystems models; highlighting where security considerations fit, along with different perspectives on interoperability. Several real-life scenarios will be used, highlighting cloud concepts, security, interoperability and the impacts these can have on commitments (functionality, costs, time-to-value and quality). Service Agreements and Service Level Agreements will also be addressed to identify where you may find security and interoperability considerations specified in the contracts.

The presentation is designed to be interactive and will include some group activities to generate discussions and identify practical solutions.

Attendees of the presentation will leave with a better understanding of cloud security and interoperability considerations, plus be aware of reference material and models that help address those challenges.

Where

Microsoft Glacier Room 100 Queen Street, Suite 500 - World Exchange Plaza

Find the 100 Queen Street Building, Take the elevator to the 5th floor. Be there before 6:00 PM as the elevators stop working then.


When

Tuesday, September 23, 2014 from 5:30PM to 7:30PM


Registration

Register for free: here






We are always looking for ideas for upcoming meetings. If you have a speaker you would like to see, a tutorial you would like to participate in, or just some ideas for discussion topics let us know. We maintain a list of your ideas here. To add to the list you can edit it directly, send one of us an e-mail (Sherif, Sean), or tweet it at our Twitter account.

  • N00bs Night: Understanding and Exploiting the OWASP Top 10 (Top 10 discussion, live exploit demos, test lab to practice your skills)
  • Secure Code review
  • (ISC)2 CSSLP introduction
  • Metasploit introduction
  • Web Application Forensics
  • xPath Injection (SQL/CSS etc get lots of press but I’d like to hear more about this)
  • HTML5 - What's new for security specially for Offline Applications
  • Web 2.0 Security Evolution - How security challenges are changing with technology evolultion
  • ASP.NET MVC Security for WebForms Developers
  • Hack proofing your web application by using reverse engineering
  • Using Windows Communication Foundation (WCF) Securely in your applications