This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Guadalajara
OWASP Guadalajara
Welcome to the Guadalajara chapter homepage. The chapter leaders are Manuel Lopez and Eduardo Cerna.
Participation
OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.
Sponsorship/Membership
to this chapter or become a local chapter supporter. Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member?
Local News
General Information of OWASP Membership and benefits as well as the Local Chapter offer is here: Media:OWASP_Guadalajara_InfoGral.pptx
Flyer: Media:Membership Flyer Template_Guadalajara.pptx
Meeting Location
Everyone is welcome to join us at our chapter meetings.
OWASP Guadalajara Newsletter
OWASP Guadalajara Monthly Newsletter - Jul2012
Media:OWASP_Guadalajara_NEWSLETTER_JUL_2012.pdf
OWASP Guadalajara Monthly Newsletter - May2012
Media:OWASP_Guadalajara_NEWSLETTER_MAY_2012.pdf
OWASP Guadalajara Monthly Newsletter - April 2012
Please find the Monthly Bulleting of the OWASP Guadalajara. Please send us your comments and suggestions.
Media:OWASP_Guadalajara_NEWSLETTER_APRIL_2012.pdf
OWASP Guadalajara Webinar Series
TOPIC: Secure Software Development for .NET developers with AppSensor and ESAPI
DESCRIPTION: One hour hands-on training to learn how to implement AppSensor and ESAPI using .NET to secure web applications according to the OWASP Top Ten 2013.
SPEAKER: Dinis Cruz
WHEN: TBD
WHERE: GoToMeeting - Details to be sent in advance
Conferences, Meetings and Workshops
GuadalajaraCON 2013
Location: Centro Universitario de Ciencias Exactas e Ingenierias, Guadalajara Jalisco, Mexico
Meeting Schedule: April 19th, 2013
OWASP Guadalajara - 4th Chapter Meeting 2012
Location: Intel Guadalajara
GoTo Meeting: 1. Please join my meeting. https://www3.gotomeeting.com/join/169468398
2. Use your microphone and speakers (VoIP) - a headset is recommended. Or, call in using your telephone. Mexico (toll-free): 01 800 925 0372
Access Code: 169-468-398
Audio PIN: Shown after joining the meeting
Meeting ID: 169-468-398
Address: Anillo Periferico Sur No. 7980 Edif. 4 E, Santa Maria Tequepexpan 44680 Guadalajara, Jalisco. Infront of “Centro Sur” within “Parque Industrial Intermex”.
Meeting Schedule: Tuesday, December 4th, 2012. From 18:00 to 19:30.
Agenda
OWASP Updates
Manuel Lopez and Eduardo Cerna - OWASP Guadalajara
How to secure .NET Web Applications
Raul Villavicencio Hoyos—Sr Analyst - Apps Prog .NET—Bank of America
Objective: Present to IT Developers the .NET Framework built in features to protect .NET Web Applications and take advantage of them to avoid the most common attacks,
BIO: Raul Villavicencio is a Developer/hands on Software Development Life Cycle based in Guadalajara Jalisco. His career span over 6 years including BA Continnum Mexico, Softtek, Jatco Mexico, Nissan Mexicana, Intramart and as Independent Consultant, Education includes Bachelor in Computational Systems Engineering from Universidad Autonoma de Aguascalientes, Microsoft Technology Specialist/Microsoft Professional Developer on ASP.NET 3.5.
PenTest con Herramientas Open Source
Santiago Monterrosas—Security Engineer at MCM Telecom
Duramte Julio-Septiembre del presente año se realizo un proyecto de pentesting para un firma de viajes que opera en México y algunos países extranjeros principalmente EU y Europa, la firma se dedica al turismo y vende reservaciones de hotel, avión, transportación, a personas y grupos, vía Internet. Para realizar los hallazgos en esta fase se acudio a herramientas tradicionales de hacking y para realizar ataques a los objetivos con direcciones IP Públicas se utilizo principalmente backtrack 5. En los ataques se utilzarón dos enfoques, uno basado en la métodología propuesta por Stutard Dafydd y Pinto, Marcus y otro en el enfoque de aplicar tantas herramientas como hallazgos se realicen pero siguiendo el top 10 de OWASP.
Festival de Software Libre 2012
Location: Hotel Holiday Inn, Puerto Vallarta, Jalisco, Mexico
Meeting Schedule: November 1st to November 3rd
OWASP Guadalajara - 3rd Chapter Meeting 2012
Location: Tata Consultancy Services Guadalajara: Auditorium TCS - 2nd. Floor. Av . Camino al Iteso # 8900 int C3 Colonia Pinar de la Calma Tlaquepaque, Jalisco México
Meeting Schedule: Monday September 17th at 17:00-19:30hrs
Material Reviewed
Media:Web_Application_Security_with_OWASP.pptx
Pictures of the Event
Software Guru Conference and Expo
Location: Centro de Convenciones Los Candiles Polanco, Mexico City
Meeting Schedule: Thursday, June 21st, 2012. From 9:00 to 10:00.
Overview
OWASP Guadalajara was invited by Software Guru magazine to participate in one of the most important events for developers in Mexico "Software Guru Conference and Expo 2012". We participated by presenting the topic "OWASP Top 10 Web Application Vulnerabilities". It was a great opportunity to meet with developers and professionals from the IT industry in Mexico but most important, to continue spreading the OWASP word and objective among developers, making them aware about the main risks and vulnerabilities that can be found on web applications as well as the main countermeasures that can prevent those vulnerabilities of being presented on their Web Apps.
We also had the opportunity to talk about the ESAPI and AppSensor OWASP projects and the benefits to implement them; moreover, we discussed about the various OWASP cheat sheets and OWASP Development guides. The audience was very interested and the time was not enough to continue talking about these topics. At the end, they were satissfied with the information provided and the links where they can find all resources needed to build secure applications. The raing of our speech was rated with 4.25/5; being 5 the highest grade!
We are looking forward to continue working with Software Guru!
Material Reviewed
Media:OWASP_Top_10_-_2010_Presentation_SGC.pptx
Pictures of the Event
OWASP Guadalajara - 2nd Chapter Meeting 2012
Location: Intel Guadalajara
Address: Anillo Periferico Sur No. 7980 Edif. 4 E, Santa Maria Tequepexpan 44680 Guadalajara, Jalisco. Infront of “Centro Sur” within “Parque Industrial Intermex”.
Meeting Schedule: Wednesday, June 20th, 2012. From 18:30 to 20:00.
Speakers Background
Jaime Olmos de la Cruz—IPv6 Task Force Mexico IPv6 Task Force Mexico is by definition a National community integrated by engineers, network designers, operators, ISPs, investigators, students and volunteers motivated to archive a common goal, the development and deploy of networks aware of IPv6 protocol.
Somen Das— Cross-Site Request Forgery Application Security Analyst for Tata Consultancy Services Ltd. Specialized in Static & Dynamic application vulnerability assessment techniques, main focus is spreading awareness on secure application development and related guidelines across industry verticals. Local Chapter Leader - OWASP Bhubaneswar (India).
Eduardo Cerna Meza— Developing Secure Source Code (First Part) Information Security Engineer at Bank of America. Eduardo has over 15 years of experience in IT Management, Network Security and Operations. Core knowledge and skill areas include: Application Security, Vulnerability scanning, Intrusion Detection and Penetration Testing. (Black-Box, Grey-Box, White-Box).
Agenda
Media:OWASP_Guadalajara_Chapter_Meeting_June_20_2012.pdf
Material Reviewed
Media:OWASP Guadalajara_Jun20th_2012.pdf
Pictures of the Event
OWASP Guadalajara - Workshop at the DIVEC FEST 2012
Location: Faculty of Engineering of the University of Guadalajara
Address: Av. Revolución #1500 entre calle Corregidora y Calzada Olímpica. Tlaquepaque, Jalisco.
Meeting Schedule: Tuesday, March 20th, 2012. From 16:00 to 19:00.
Topic: OWASP - Application Security
Description: We will review two of the most common Web Application Attacks and Countermeasures for SQL Injection and Cross-Site Scripting (XSS) by using PAROS and WebGoat.
It was a great experience sharing this time with the students from the Faculty of Engineering of "Universidad de Guadalajara". We had the opportunity to teach the main concepts of SQL injection and Cross-Site Scripting. In addition, they had the chance to practice these concepts by using WebGoat and Paros in conjuction with the OWASP Cheat Sheets.
They showed interest at all time and we had a successfull session. All of them were really excited to know new techniques on Application Security. Be aware of our next event that will be held on April. We will keep you posted!
Here we have some pictures of the event.
Material Reviewed During the Session
Media:OWASP_Guadalajara_2012.pdf
OWASP Guadalajara - 1st Chapter Meeting 2012
Location: American Society of Jalisco
Address: Avenida San Francisco 3332, Col Chapalita, Guadalajara, Jalisco.
Meeting Schedule: Friday, March 2nd, 2012. From 19:30 to 21:00.
Topic: Anatomy of the Most Recent atacks from Anonymous and Contermeasures.
Description: Studying and anlyzing the most recent atacks performed by Anonymous. Theorical and practical session to identify risks and potential countermeasures on Web Applications.
Agenda
Media:OWASP Guadalajara Chapter Meeting - Mar 2nd 2012.pdf
Material Reviewed During the Session
As mentioned during the meeting, we will encourage you to bring your laptops in order to give each of you the opportunity to perform and to practice the excercises as well as to clarify all technical questions you may have.