This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "BeNeLux OWASP Day 2010"

From OWASP
Jump to: navigation, search
m
(added CTF and speakers tab's, added speakers bios')
Line 148: Line 148:
 
..
 
..
 
|}
 
|}
 
+
==== Speakers  ====
 
+
{|
 +
|-
 +
|'''Eoin Keary (OWASP Board, E&Y)'''
 +
|-
 +
|Chapter Lead and founder of OWASP Ireland chapter. Co-Author,Co - Editor and team lead of the OWASP Testing Guide.
 +
Co-Author, Editor/team lead of the OWASP Code Review guide.
 +
|}
 +
{|
 +
|-
 +
|'''Sebastien Deleersnyder (OWASP Board, SAIT Zenitel)'''
 +
|-
 +
|bios
 +
|}
 +
{|
 +
|-
 +
|'''Radu State (University of Luxembourg)'''
 +
|-
 +
|bios
 +
|}
 +
{|
 +
|-
 +
|'''Nick  Nikiforakis (Katholieke Universiteit Leuven)'''
 +
|-
 +
|Nick Nikiforakis is a PhD student at the Katholieke Universiteit Leuven, in Belgium. He belongs to the DistriNet research group and specifically in the “Security & Languages” task-force. His current research interests are: low-level security for unsafe languages and web application security. <br>
 +
Nick holds a BSc in Computer Science and a MSc on Distributed Systems from the University of Crete in Greece. He worked for 3 years as a research assistant in the Distributed Computing Systems group at the Foundation of Research and Technology in Crete where he did research in network data visualization, authentication schemes using mobile devices and phishing countermeasures. In the past, Nick has presented his work in academic conferences as well as hacking conventions. His work can be found online at www.securitee.org.
 +
|}
 +
{|
 +
|-
 +
|'''Marco Balduzzi (Eurecom)'''
 +
|-
 +
|bios
 +
|}
 +
{|
 +
|-
 +
|'''Walter Belgers (Madison Gurkha) '''
 +
|-
 +
|Walter Belgers heeft Technische Informatica gestudeerd aan de Technische Universiteit Eindhoven met als extra vak o.a. Computercriminaliteit (Universiteit van Tilburg). Walter is in 1994 begonnen bij Philips C&P (tegenwoordig Atos Origin) als ontwikkelaar van wereldwijde firewall-diensten en de uitrol daarvan. Daarna heeft hij enkele jaren lesgegeven op het gebied van UNIX en Internet beveiliging bij AT Computing. In 2002 is hij toegetreden tot Madison Gurkha als partner. Naast zijn technische consultancy-activiteiten, houdt Walter zich bezig met het schrijven van artikelen en columns, het geven van lezingen en voorlichten van de pers. Walter is gecertificeerd security professional (CISSP) en security auditor (CISA).
 +
|}
 +
{|
 +
|-
 +
|'''Martin Knobloch (Sogeti Nederland B.V.) '''
 +
|-
 +
|Martin Knobloch is employed at Sogeti Netherlands as Senior Security Consultant. He is founder and thought leader of the Sogeti task force PaSS, Proactive Security Strategy, with an integral solution of information security within organisation, infrastructure and software. <br>
 +
At OWASP, Martin is board member of the OWASP Netherlands Chapter and member of the Global Education Committee.
 +
|}
 +
====  CTF  ====
 +
During both days, a '''C'''apture '''T'''he '''F'''lag challenge will be online and available!
 +
<br>
 +
<br>
 +
<br>
 
==== Registration  ====
 
==== Registration  ====
 
<center>
 
<center>
Line 174: Line 223:
 
The BeNeLux Day 2010 Program Committee:  
 
The BeNeLux Day 2010 Program Committee:  
  
*Martin Knobloch / Ferdinand Vroom([[Netherlands|OWASP Netherlands]])  
+
*Martin Knobloch / Ferdinand Vroom ([[Netherlands|OWASP Netherlands]])  
 
*Bart De Win / Sebastien Deleersnyder ([[Belgium|OWASP Belgium]])  
 
*Bart De Win / Sebastien Deleersnyder ([[Belgium|OWASP Belgium]])  
 
*Jocelyn Aubert / Andre Adelsbach ([[Luxembourg|OWASP Luxembourg]])
 
*Jocelyn Aubert / Andre Adelsbach ([[Luxembourg|OWASP Luxembourg]])
Line 195: Line 244:
 
[http://www.sogeti.nl http://www.owasp.org/images/3/31/Sogeti_Nederland_b_v_Logo.jpg]
 
[http://www.sogeti.nl http://www.owasp.org/images/3/31/Sogeti_Nederland_b_v_Logo.jpg]
  
<br><br> Supported by:<br>
+
<br><br> '''Supported by:'''<br>
 
[[File:Bnl10 Fontys.jpg|200px]]
 
[[File:Bnl10 Fontys.jpg|200px]]
  

Revision as of 11:04, 12 November 2010

OWASP BeNeLux 2010.png


Welcome


Confirmed Speakers:

Eoin Keary (OWASP Board, E&Y)
Sebastien Deleersnyder (OWASP Board, SAIT Zenitel)
Radu State (University of Luxembourg)
N Nikiforakis (Katholieke Universiteit Leuven)
Marco Balduzzi (Eurecom)
Walter Belgers (Madison Gurkha)
...

Download the conference flyer here.
All the presentations will be available for download in the agenda tab.




Training, December 1st

COURSE
OWASP Projects and Resources you can use TODAY!
Overview & Goal
 
  • Apart from OWASP's Top 10, most OWASP Projects are not widely used and understood. In most cases this is not due to lack of quality and usefulness of those Document & Tool projects, but due to a lack of understanding of where they fit in an Enterprise's security ecosystem or in the Web Application Development Life-cycle.
  • This course aims to change that by providing a selection of mature and enterprise ready projects together with practical examples of how to use them.
  • If you are interested in participating in the hands on portion of the course, please bring a laptop.

 

Date Venue & Directions
December 1, 2010 Fontys Hogescholen, Den Dolech 2, Traverse 3.43, Eindhoven, The Netherlands

How to get here:

Price & Registration
This Course is FREE for OWASP Members. Registration is mandatory.
If you are not an OWASP member as of yet please consider becoming one - $50/USD 12 month term for individual supporters.
Register Now OWASP Membership (sign now)


COURSE'S MODULES DETAILS
Time Module Trainer Presentation Overview & Goal
   11h00 (30m) Guided tour of OWASP Projects Tour of OWASP’s projects See details and Trainer's notes


   11h30 (45m) Threat Risk Modeling Martin Knobloch Threat Modelling – how to do it See details and Trainer's notes


   12h15 (15m) Coffee Break


   12h30 (45m) OWASP Testing Project Martin Knobloch Application Security using the Testing Guide See details and Trainer's notes


   13h30 (60m) Lunch


   14h30 (45m) [ ] Sebastien Deleersnyder [ OT10 Issues & Remedies] See details and Trainer's notes


   15h15 (45m) [ ] [ ] See details and Trainer's notes


   16h00 (15m) Coffee Break


   16h15 (30m) OWASP Software Assurance Maturity Model Sebastien Deleersnyder SAMM - PPT File See details and Trainer's notes


   17h00 (30m) [ ] Sebastien Deleersnyder [ Software Development Life Cycle] See details and Trainer's notes


Conference, December 2nd

Location - December 2nd, 2010
from - to Registration
from - to

Agenda:

  • Welcome and OWASP Update (by Eoin Keary, OWASP Board, E&Y and Seba Deleersnyder, OWASP Board, SAIT Zenitel)
  • Combined Web and VoIP attacks (by Radu State, University of Luxembourg)
  • Privacy of file sharing service (by N Nikiforakis, Katholieke Universiteit Leuven)
  • Clickjacking: an empirical study with an automated testing/detection system (by Marco Balduzzi, Eurecom)
Clickjacking recently received new media attentions: Thousands of Facebook users have fallen victims of a worm that uses clickjacking techniques to propagate.
In a clickjacking attack, a malicious page is constructed (or a benign page is hijacked) to trick the user into performing unintended clicks that are advantageous for the attacker, such as propagating a web worm, stealing confidential information or abusing of the user session.
However it is currently unclear to what extent clickjacking is being used by attackers in the wild and how significant the attack is for the security of Internet users.
In this talk, we presents a solution we designed for studying the prevalence of clickjacking on the Internet and for detecting possible malicious pages in an automated fashion. We deployed our system over 10 distinct virtual machines to test more then a million unique web-pages in two months. From the analysis of our experimental results we discuss the clickjacking phenomenon and its future implications.
  • tbd (by Walter Belgers, Madison Gurkha)

..

Speakers

Eoin Keary (OWASP Board, E&Y)
Chapter Lead and founder of OWASP Ireland chapter. Co-Author,Co - Editor and team lead of the OWASP Testing Guide.

Co-Author, Editor/team lead of the OWASP Code Review guide.

Sebastien Deleersnyder (OWASP Board, SAIT Zenitel)
bios
Radu State (University of Luxembourg)
bios
Nick Nikiforakis (Katholieke Universiteit Leuven)
Nick Nikiforakis is a PhD student at the Katholieke Universiteit Leuven, in Belgium. He belongs to the DistriNet research group and specifically in the “Security & Languages” task-force. His current research interests are: low-level security for unsafe languages and web application security.

Nick holds a BSc in Computer Science and a MSc on Distributed Systems from the University of Crete in Greece. He worked for 3 years as a research assistant in the Distributed Computing Systems group at the Foundation of Research and Technology in Crete where he did research in network data visualization, authentication schemes using mobile devices and phishing countermeasures. In the past, Nick has presented his work in academic conferences as well as hacking conventions. His work can be found online at www.securitee.org.

Marco Balduzzi (Eurecom)
bios
Walter Belgers (Madison Gurkha)
Walter Belgers heeft Technische Informatica gestudeerd aan de Technische Universiteit Eindhoven met als extra vak o.a. Computercriminaliteit (Universiteit van Tilburg). Walter is in 1994 begonnen bij Philips C&P (tegenwoordig Atos Origin) als ontwikkelaar van wereldwijde firewall-diensten en de uitrol daarvan. Daarna heeft hij enkele jaren lesgegeven op het gebied van UNIX en Internet beveiliging bij AT Computing. In 2002 is hij toegetreden tot Madison Gurkha als partner. Naast zijn technische consultancy-activiteiten, houdt Walter zich bezig met het schrijven van artikelen en columns, het geven van lezingen en voorlichten van de pers. Walter is gecertificeerd security professional (CISSP) en security auditor (CISA).
Martin Knobloch (Sogeti Nederland B.V.)
Martin Knobloch is employed at Sogeti Netherlands as Senior Security Consultant. He is founder and thought leader of the Sogeti task force PaSS, Proactive Security Strategy, with an integral solution of information security within organisation, infrastructure and software.

At OWASP, Martin is board member of the OWASP Netherlands Chapter and member of the Global Education Committee.

CTF

During both days, a Capture The Flag challenge will be online and available!


Registration

The training day and the conference are free! 


Buttoncreate.png


To support the OWASP organisation, consider to become a member, it's only US$50!
Check out the Membership page to find out more.


Venue

Eindhoven, The Netherlands (Den Dolech 2, Traverse 3.43)


Hotels nearby:

maps.google.nl/maps

Organisation

The BeNeLux Day 2010 Program Committee:

Sponsorship

Contact netherlands <at> owasp.org for sponsorship

<paypal>BeNeLux OWASP Day 2010</paypal>

Social Event

There will be a social conference evening at the eve of the first day, December 1st
Details to be posted soon!
Made possible by our sponsors:

Ascure_Logo.jpg        50px-F5_50px.jpg Zionsecurity.jpg Rad_logo.gif SAIT_Zenitel.jpg Sogeti_Nederland_b_v_Logo.jpg



Supported by:
Bnl10 Fontys.jpg