This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Aarhus"

From OWASP
Jump to: navigation, search
(Meetings in OWASP-DK in 2010)
 
(46 intermediate revisions by 10 users not shown)
Line 1: Line 1:
{{Chapter Template|chaptername=Denmark|extra=The chapter leader is [mailto:um@fortconsult.net Ulf Munkedal]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-denmark|emailarchives=http://lists.owasp.org/pipermail/owasp-denmark}}
+
The Aarhus local chapter aims to organize quarterly events to promote OWASP and information security in general.{{Chapter Template|chaptername=Aarhus|extra=The chapter leaders are [mailto:dennis.perto@owasp.org Dennis Perto] and [mailto:thomas.kristensen@owasp.org Thomas Ljungberg Kristensen]
 +
|meetupurl=https://www.meetup.com/OWASP-Aarhus-Chapter/|region=Europe}}
  
<paypal>Denmark</paypal>
+
Are you currently a member? Remember to support your local chapter by splitting your membership fee: 40% chapter / 60% OWASP Global!
  
== Editing OWASP pages ==
+
== Speaking at OWASP Aarhus Chapter Events ==
As discussed on our first meeting, www.owasp.dk now points to this site. However, when entering the site using this URL, you can't edit the page if you have configured your browser to not accept 3rd party cookies. Instead, enter the site using [http://www.owasp.org/index.php/Denmark this] link.
+
Call For Speakers is open - if you would like to present a talk at future OWASP Aarhus Chapter events - please review and agree with the [[Speaker Agreement|OWASP Speaker Agreement]] and send the proposed talk title, abstract and speaker bio to any of the Chapter Leaders via e-mail:
 +
dennis.perto (at) owasp.org
  
== Local News ==
+
thomas.kristensen (at) owasp.org
  
A general presentation of OWASP and the danish chapter, please open [https://docs.google.com/present/edit?id=0AemnFEYZb4AxZDM2a3B6N18zNmR3Y3N6ZmZ0&hl=da this].
+
== Upcoming meeting ==
 +
Please make the date available in your calendar. Date is confirmed, we will send invites when the agenda is set.
  
====Meetings in OWASP-DK in 2010====
+
=== WHEN ===
 +
November 27, 2019
  
We have decided to do things slightly different this year, and expand the team of organisers to include more people. One of the things we'll do is to make sure that every meeting is arranged by two people - one from the facilitating company and someone else. That someone else could be anyone. The only thing you have to do is to find out - along with the list - what should be arranged at the meeting and update the homepage and send out invites. Not really that much work.
+
=== WHERE ===
 +
Frichsvej 18
  
 +
8600 Silkeborg
  
We'll decide the location at the meetings from time to time.
+
[https://goo.gl/maps/QQkSUGH8kLhr1Vnr9 Google Maps]
  
Meetings in 2010 will be on the following dates and locations:
+
=== PROGRAM ===
 +
Pre agenda:
 +
* 15h00 - 17h00: Purple team workshop
 +
This workshop will enable attendees to build either a detection lab, or an command and control infrastructure.
  
 +
The agenda:
 +
* 17h00 - 17h15: Welcome and presentation of agenda
  
25/3 at PwC. Arranger: Rasmus Petersen and you!
+
* 17h15 - 17h30: Future of OWASP
 +
* 17h30 - 17h45: Tapas break
 +
* 17h45 - 18h15: The benefits of TIBER (Claus Vesthammer - Improsec)
 +
* 18h15 - 18h45: The road to purple teaming (Peter Aarhus - Ørsted)
 +
* 18h45 - 19h00: Coffee break
 +
* 19h00 - 19h30: Application security discoveries (Jonas Hansen - Danske Bank)
 +
* 19h30 - 20h30: Networking
  
 +
=== REGISTRATION ===
 +
Registration for the main [https://www.meetup.com/OWASP-Aarhus-Chapter/events/265954894/ OWASP Meeting].
  
17/6
+
Registration for the [https://www.meetup.com/OWASP-Aarhus-Chapter/events/266470344/ workshop pre meeting].
  
 +
Please follow us on [https://www.meetup.com/OWASP-Aarhus-Chapter/ MeetUp]
  
23/9
+
== Future meeting ==
 +
Please make the date available in your calendar. Date is confirmed, we will send invites when the agenda is set.
  
 +
=== WHEN ===
 +
February 27, 2020
  
9/12
+
=== WHERE ===
 +
TBD
  
 +
=== PROGRAM ===
 +
TBD
 +
== Previous meetings ==
  
Send out a mail to the list asap if you want to be a part of arranging meetings and raise your hand at the next meeting (at the right time).
+
'''Everyone is welcome to join us at our chapter meetings.'''
  
===Meeting in OWASP-DK 14/12 2009 at 17.00===
+
Please take in consideration that we usually have a finite number of seats.  
  
Der inviteres til årets sidste OWASP møde! Kom og vær med.
+
=== WHEN ===
 +
August 27, 2019
  
'''Tema:''' Ny OWASP Top10 release candidate 1 - hvad synes vi egentlig om den?
+
=== WHERE ===
 +
Nannasvej 7
  
'''Tidspunkt:''' Mandag 14. december 2009 kl. 17.
+
8000, Aarhus
  
'''Sted:''' Hos Deloitte, Weidekampsgade 6, 2300 København S. Spørg efter Klaus Agnoletti.
+
=== PROGRAM ===
 +
The agenda:
 +
* 17h00 - 17h15: Welcome and presentation of agenda and speakers
 +
* 17h15 - 17h45: One slide that inaccurately summarizes activity groups - so I can get people to do the IT controls they should have done years ago.. (Mitchell Impey  - SydEnergi/Norlys)
 +
** Presentaion: https://www.owasp.org/images/b/b0/ICS.pdf
  
'''Program:'''
+
* 17h45 - 18h00: Sandwich break
 +
* 18h00 - 19h00: Incident response for cheapz (David Thejl-Clayton - JN Data)
 +
** Presentation: https://www.owasp.org/images/f/ff/Incident_Response_for_Cheapz.pdf 
 +
* 19h00 - 19h15: Coffee break
 +
* 19h15 - 20h00: Incident Detection & Response game
  
17.00 : Velkommen til. Mingle og netværk.
+
== Supporters ==
 +
A special thank you for all of our supporters!
  
17.30 : Kort gennemgang af OWASP Top 10 2010 rc1 med fokus på det der er nyt (Ulf Munkedal).
+
=== Academic ===
 +
[https://www.eaaa.dk Erhvervsakademi Aarhus]
  
18.15 : Benstræk og kort spisepause.
+
[[File:Erhvervsakademi_Aarhus.png|border|frameless]]
 
+
[[Category:OWASP Chapter]]
18.30 : Diskussion (fælles feedback sendes ind til Owasp arbejdsgruppen), fx: (Moderator: Ulf Munkedal. Vi skal have mindst en referent til at skrive et engelsk referat da vi kun har indtil udgangen af december til at indsende vores kommentarer)
 
 
 
- Er det de rigtige risici, der står på listen? Er det det her, som vi ser hos kunder/i virksomheder?
 
 
 
- Er listen i rigtig rækkefølge? Læg mærke til, at den nu er risikobaseret.
 
 
 
- Er listen formuleret så man kan forstå den? Fungerer den for pentestere og PCI-auditors? Forstår ikke-konsulenter den?
 
 
 
- Hvordan vil vi gå ud med listen i OWASP Danmark? Listen i sig selv gør jo ikke nogen glade. Hvordan bruger vi den til at gøre verden lidt bedre?
 
 
 
- Skal vi oversætte den til dansk når den er endeligt klar? (fx to personer pr. punkt).
 
 
 
20.00 : Andet? Fx:
 
 
 
- Et kig frem mod 2010 (fx konferencen i Stockholm i Juni)
 
 
 
- Den nye TLS sårbarhed (som jeg kan forstå ikke blev drøftet på sidste Owasp møde?)
 
 
 
20.30 : Julehygge! Rygterne vil vide, at Klaus/Deloitte disker op med lidt godter. :)
 
 
 
'''Vil du hjælpe?'''
 
Vi skal finde mindst en "frivillig", der kan skrive et kort engelsk referat af vores feedback, som vi kan sende til Top 10 projekt gruppen.
 
 
 
'''Tilmelding'''
 
Send en mail senest 10. december til Louise på [email protected] (men gerne med det samme).
 
 
 
'''Links (godt til forberedelse inden mødet):'''
 
 
 
http://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project
 
 
 
Og Dave's presentation fra DC:
 
 
 
http://www.owasp.org/images/a/a1/AppSec_DC_2009_-_OWASP_Top_10_-_2010_rc1.pptx
 
 
 
Vel mødt!
 
 
 
--[[User:Ulf Munkedal|Ulf Munkedal]] 22:19, 2 December 2009 (UTC)
 
 
 
 
 
====Presentations from previous OWASP meetings====
 
 
 
=====11/11 2009=====
 
 
 
[http://www.owasp.org/images/d/de/Surveillance_and_logging_based_on_Amazon.pdf Søren Maigaards presentation on surveillance and logging based on Amazon]
 
 
 
[http://www.owasp.org/images/c/c7/Cloud_Computing_in_Copenhagen_municipality.ppt Simon Kaastrup-Olesen and Kasper Pedersens presentation on Cloud Computing in Copenhagen municipality]
 
 
 
=====19/8 2009=====
 
 
 
[https://docs.google.com/present/edit?id=0AemnFEYZb4AxZDM2a3B6N18yNTN6bjY3OGRx&hl=da Klaus Agnolettis presentation on introduction to Cloud Computing]
 
 
 
[http://www.owasp.org/images/4/45/Ctf1-ejepsen.zip Erling Jepsens OWASP-DK CTF #1 winner entry]
 
 
 
=====13/5 2009=====
 
 
 
[http://www.owasp.org/images/3/3e/FlashSecurity.pdf Mihai Corlans presentation on Flash Security]
 
 
 
[http://www.owasp.org/images/8/8e/Hotm2.pdf Rasmus Petersens presentation on Hack of the Month - opgave 2]
 
 
 
[http://www.owasp.org/images/7/78/Owasp_dk_ctf1.pdf Joe and Rasmus Petersens presentation on Introduction to OWASP-DK CTF #1]
 
 
 
=====24/2 2009=====
 
 
 
[http://www.owasp.org/images/a/ac/SilverlightSecurity.pdf Rene Løhdes slides on Silverlight security]
 
 
 
[http://www.owasp.org/images/b/b9/JavaFX.pdf Thorbiörn Fritzons slides on JavaFX security]
 
 
 
=====3/12 2008=====
 
 
 
[https://www.owasp.org/images/0/0e/Webscarab-intro-screen.pdf Henrik Kramshøjs presentation on using Webscarab]
 
 
 
[https://www.owasp.org/images/5/58/Testing_Flash_Applications.pdf Martin Clausens presentation on Flash security]
 
 
 
[https://www.owasp.org/images/5/59/NemLog-in.pdf Thomas Gundels presentation on Nem Login]
 
 
 
== Older news ==
 
===Meeting in OWASP-DK 11/11 2009 at 17.30===
 
 
 
17:30 Welcome - and OWASP basics by Klaus Agnoletti, Deloitte.
 
 
 
17:35 Overvågning og logning i Cloud Computing by eSec
 
 
 
18:05 Overvågning og logning i Cloud Computing based on Amazon by Inspekt Security
 
 
 
18:35 Break
 
 
 
19:00 Cloud Computing i Københavns Kommune by Simon Kaastrup-Olesen and Kasper Pedersen, Københavns Kommune
 
 
 
19:30 Awareness virker ikke by Carsten Jørgensen, Devoteam
 
 
 
19:45 PwC: Awareness
 
 
 
20:30 What is a web application firewall? (WAF) - including demonstration by Jacob Gercke and Srebrenko Sehic, Armorlogic
 
 
 
21.00 Let's hit a bar
 
 
 
 
 
The meeting will be held at DKUUG, Symbion, Fruebjergvej 3, København Ø.
 
 
 
In order for DKUUG to know how many people will attend the meeting, you need to register at [email protected] no later than 10/11 2009.
 
 
 
DKUUG will serve sandwiches, coffee, tea and water.
 
 
 
 
 
===Meeting in OWASP-DK 19/8 2009 at 17.30===
 
 
 
 
 
 
 
The Agenda for the meeting is:
 
 
 
17.30 Welcome - and OWASP basics by Klaus Agnoletti, Deloitte.
 
 
 
17.45 Presentation: Cloud Computing Basics by Klaus Agnoletti, Deloitte
 
 
 
18.15 Break
 
 
 
18.45 Presentation: The future of Cloud computing by Carsten Jørgensen, Devoteam
 
 
 
19.15 Presentation: Salesforce.com and security by Salesforce.com.
 
 
 
20.15 Break
 
 
 
20.30 OWASP-DK CTF #1 by Joe and Rasmus Petersen
 
 
 
20.55 Next Meeting and Wrap-up.
 
 
 
21.00 Let's hit a bar!
 
 
 
 
 
 
 
During the meeting we’ll arrange sandwiches, coffee, fruit etc.
 
 
 
The address is:
 
 
 
Deloitte
 
 
 
Weidekampsgade 6
 
 
 
2300 København S
 
 
 
===Meeting in OWASP-DK 13/5 2009 at 17.30===
 
 
 
The agenda for the meeting is:
 
 
 
 
 
 
 
17.30 Welcome by Rasmus Petersen
 
 
 
17.45 Presentation: Flash security by Mihai Corlan from Adobe
 
 
 
18.30 Break
 
 
 
18.40 Presentation: Facebook API by Martin Clausen
 
 
 
19.10 Break
 
 
 
19.20 Presentation: Hack of the Month - opgave 2 by Rasmus Petersen
 
 
 
19.50 Break
 
 
 
20.00 Presentation: Introduction to OWASP-DK CTF #1 by Joe og Rasmus Petersen
 
 
 
20.30 Evaluation and discussion regarding the next meeting
 
 
 
 
 
 
 
If you want to join the meeting, please send a mail to Rasmus at [email protected].
 
 
 
 
 
 
 
During the meeting we’ll arrange sandwiches, coffee, fruit etc.
 
 
 
 
 
 
 
The address is:
 
 
 
PricewaterhouseCoopers
 
 
 
Strandvejen 44
 
 
 
2900 Hellerup
 
 
 
===Meeting in OWASP-DK 24/2 2009 at 17.30===
 
This will be a meeting where we talk about Rich Internet Application (RIA) technologies. We have arranged a talk from both Microsoft and Sun.
 
Not surprisingly, the talks will be focused on the security side of the technologies.
 
 
 
Lined up for you we have :
 
 
 
* René Løhde from Microsoft who'll talk about Silverlight. Here is a short description from René in danish :
 
"Silverlight Security model
 
I .Net er Code Access Security alfa og omega for sikkerhed. I Silverlight og CoreCLR er transparency den vigtigste del af sikkerhedsmodellen og derfor er det vigtigt at vide hvilke restriktioner transparent code er underlagt. I denne session kigges på CoreCLR og de sikkerhedrelaterede aspekter af RIA applikationer med Silverlight. Der kigges blandt andet på Silverlight applikationer under full trust og Silverlight sandbox.”
 
 
 
 
 
* Thorbiörn Fritzon from Sun who'll talk to us about JavaFX. Here is an abstract from Thorbiörn on his talk:
 
"JavaFX and the power of Java. This talk gives an overview of JavaFX, the new Rich Internet Application (RIA) environment for the Java™ platform and the capabilities that it can harness due to the fact that it runs on the complete Java™ platform. The talk will be an introduction to JavaFX and related technologies with a special focus on what Rich Internet Applications require from a security standpoint."
 
 
 
René and Thorbiörn will both talk for about an hour. After the talks we'll have an open discussion about RIA technologies and security in general.
 
 
 
This also means that we'll change the program so that there won't be time for any shorts talks about interesting projects this time around due to the fantastic chance that Sun and MS has given us by showing up and talking to us.
 
 
 
If you want to join the meeting, please send a mail to Louise at [email protected].
 
 
 
During the meeting we’ll arrange sandwiches, coffee, fruit etc.
 
 
 
The address is:
 
 
 
Deloitte
 
 
 
Weidekampsgade 6
 
 
 
2300 København S
 
 
 
 
 
It's possible to park in the basement of the Deloitte building. Just drive down the ramp and press the button to talk to our reception.
 
 
 
=== Medlemsmøde i OWASP-DK - kl 17.30, 3. december 2008 ===
 
 
 
==== Dagsorden ====
 
 
 
===== Del I - Velkomst og oplæg =====
 
17.30                  Velkomst v. Klaus Agnoletti
 
 
 
17.40                Oplæg - Webscarab intro v. Henrik Kramshøj
 
 
 
18.05                Oplæg - Hacking flash med Webscarab v. Martin Clausen
 
 
 
18.30                Oplæg - Nem Login v. Thomas Gundel
 
 
 
18.55                Oplæg - Web Application Attack and Audit Framework v. Robert Larsen
 
 
 
19.20 Pause og sandwiches
 
 
 
===== Del II - OWASP =====
 
 
 
19.30                Intro til den globale OWASP forening v. Niels Bach
 
 
 
19.40                Præsentation af DK Chapter nu og i fremtiden v. Ulf Munkedal
 
 
 
20.00                Evaluering og aftale om næste mødeaktivitet
 
 
 
Vi forventer at mødet slutter senest 20.30.
 
 
 
 
 
Adresse:
 
 
 
Deloitte
 
 
 
Weidekampsgade 6
 
 
 
2300 København S
 

Latest revision as of 12:19, 25 November 2019

The Aarhus local chapter aims to organize quarterly events to promote OWASP and information security in general.

OWASP Aarhus

Welcome to the Aarhus chapter homepage. The chapter leaders are Dennis Perto and Thomas Ljungberg Kristensen

Upcoming Events

Meetup_logo3.jpg Aarhus Schedule of Events

Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

Btn donate SM.gif to this chapter or become a local chapter supporter. Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG

Are you currently a member? Remember to support your local chapter by splitting your membership fee: 40% chapter / 60% OWASP Global!

Speaking at OWASP Aarhus Chapter Events

Call For Speakers is open - if you would like to present a talk at future OWASP Aarhus Chapter events - please review and agree with the OWASP Speaker Agreement and send the proposed talk title, abstract and speaker bio to any of the Chapter Leaders via e-mail:

dennis.perto (at) owasp.org
thomas.kristensen (at) owasp.org

Upcoming meeting

Please make the date available in your calendar. Date is confirmed, we will send invites when the agenda is set.

WHEN

November 27, 2019

WHERE

Frichsvej 18

8600 Silkeborg

Google Maps

PROGRAM

Pre agenda:

  • 15h00 - 17h00: Purple team workshop

This workshop will enable attendees to build either a detection lab, or an command and control infrastructure.

The agenda:

  • 17h00 - 17h15: Welcome and presentation of agenda
  • 17h15 - 17h30: Future of OWASP
  • 17h30 - 17h45: Tapas break
  • 17h45 - 18h15: The benefits of TIBER (Claus Vesthammer - Improsec)
  • 18h15 - 18h45: The road to purple teaming (Peter Aarhus - Ørsted)
  • 18h45 - 19h00: Coffee break
  • 19h00 - 19h30: Application security discoveries (Jonas Hansen - Danske Bank)
  • 19h30 - 20h30: Networking

REGISTRATION

Registration for the main OWASP Meeting.

Registration for the workshop pre meeting.

Please follow us on MeetUp

Future meeting

Please make the date available in your calendar. Date is confirmed, we will send invites when the agenda is set.

WHEN

February 27, 2020

WHERE

TBD

PROGRAM

TBD

Previous meetings

Everyone is welcome to join us at our chapter meetings.

Please take in consideration that we usually have a finite number of seats.

WHEN

August 27, 2019

WHERE

Nannasvej 7

8000, Aarhus

PROGRAM

The agenda:

  • 17h00 - 17h15: Welcome and presentation of agenda and speakers
  • 17h15 - 17h45: One slide that inaccurately summarizes activity groups - so I can get people to do the IT controls they should have done years ago.. (Mitchell Impey  - SydEnergi/Norlys)

Supporters

A special thank you for all of our supporters!

Academic

Erhvervsakademi Aarhus

Erhvervsakademi Aarhus.png