This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Belfast"

From OWASP
Jump to: navigation, search
Line 40: Line 40:
 
== Local News ==
 
== Local News ==
  
'''OWASP Belfast Chapter Session - Wednesday November 25th'''
+
'''OWASP Belfast Chapter Session - Monday March 14th'''
  
'''Hands on Hacking with OWASP Security Shepherd'''
+
7:00 PM Queens Ashby Building
 +
Stranmillis Rd, Belfast BT9 5AG, Belfast
  
OWASP Belfast's November session will be a presentation and hands on hacking experience with the OWASP Security Shepherd team. 
+
Register at http://www.meetup.com/OWASP-Belfast/events/228894486/
  
We are excited to have Mark and Paul, the creators of Security Shepherd, joining us for the night to talk us through the web site hacking tool that educates the user while allowing them to hack their specialized site.
+
OWASP Belfasts' March session has two great talks planned, along with the usual pizza and beers (kindly sponsored by Vertical Structure).
  
We will be meeting in the large lecture theatre in Queen's Ashby Building for the night.  Participants should bring their laptops along as Mark and Paul talk us through the Security Shepherd tool and allow us to hack our way through it.  No previous experience of hacking web sites is required (in fact the tool starts the user from basic hacks up to the most advanced).
+
'''Top 10 WebHacks of 2015'''
  
Participants without laptops can still attend and learn about the tool and hacking techniques involved.  Participants can also form teams to share their laptops and hack the site faster.  The session is expected to run from 6:30pm to around 8pm.
 
  
Unfortunately there will not be any pizza at this session, however there will be an opportunity to socialize with Mark, Paul and the other attendees afterwards.
+
Kuskos - Threat Center Manager at Whitehat
  
Note: To prepare your laptop for the session, please install the Firefox browser (or Google Chrome) and a proxy such as OWASP ZAP (free) or Burp.  
+
Every year the security community produces a stunning number of new Web hacking techniques that are published in various white papers, blog posts, magazine articles, mailing list emails, conference presentations, etc. Within the thousands of pages are the latest ways to attack websites, Web browsers, Web proxies, and their mobile platform equivalents. Beyond individual vulnerabilities with CVE numbers or system compromises, we are solely focused on new and creative methods of Web-based attack. Now in its tenth year, the Top 10 Web Hacking Techniques list encourages information sharing, provides a centralized knowledge base, and recognizes researchers who contribute excellent research. 
 +
 
 +
 
 +
'''Open Source Security – What Security Testing Tools Miss'''
 +
 
 +
Mike Pittenger - VP of Security Strategy for Blackduck
 +
 
 +
Static analysis, dynamic analysis, and other testing tools are all essential weapons against adversaries. But for the 80%+ of companies worldwide that use open source software in their application development these tools are ineffective in identifying and mitigating open source security risks . This presentation will cover:
 +
• The value of static and dynamic tools, and where they best fit in the Secure Development Lifecycle
 +
• Why these tools are not useful in identifying known vulnerabilities in open source components
 +
• Controls development and security professionals can deploy to select, detect, manage and monitor open source for existing and newly disclosed vulnerabilities.  
  
You can RSVP for the event at the OWASP Belfast Meetup group at http://www.meetup.com/OWASP-Belfast/events/226561409/
 
  
 
Sign-up for the OWASP Belfast mailing list for more information about this session, and other security related topics, at http://lists.owasp.org/mailman/listinfo/owasp-Belfast
 
Sign-up for the OWASP Belfast mailing list for more information about this session, and other security related topics, at http://lists.owasp.org/mailman/listinfo/owasp-Belfast

Revision as of 14:01, 10 March 2016

OWASP Belfast

Welcome to the Belfast chapter homepage.


Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

Btn donate SM.gif to this chapter or become a local chapter supporter. Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG


OWASP Belfast Sponsorship Opportunities

There are many ways you can help the OWASP Belfast Chapter spread the word about computer security and secure coding. Including the following:

  • If you have a room available to hold a meeting, let us know.
  • Companies can cover the OWASP membership costs of their employees.
  • Supply a speaker on a topic of interest to the OWASP Belfast members, or cover their costs to present.
  • Sponsor food and drink for a session.
  • Further sponsorship can be provided directly to the OWASP Belfast Chapter itself, using the link above. Direct sponsorship allows the OWASP Belfast Board to use the funds as needed to run events.

In return for any sponsorship we can add your company to our list of sponsors on the OWASP Wiki and Meetup sites, and share communications with session attendees. Contact the OWASP Belfast Board (below) for more details.

OWASP Belfast Board

The OWASP Belfast Chapter Leaders are:


About OWASP Belfast

What is OWASP Belfast?

OWASP Belfast is just one of over 100 OWASP Chapters around the world, including 4 in Ireland and 12 in the UK, where people meet to learn about and discuss software security topics. The OWASP organization also has lots of active projects that volunteers can participate in to create code and documents for the worldwide security community. The OWASP Top 10 project is the most famous of those projects.

Who is OWASP Belfast for?

It's for programmers, testers, students, project managers, development managers and security experts to collaborate and drive discussion on application security topics. Participation in the mailing lists and attendance at the OWASP Belfast sessions are free, in fact many of the events will provide food and drinks to attendees.

Why be part of OWASP Belfast?

  • The community organizes sessions where experts from across the industry (and globe) give presentations and seminars about application security topics.
  • Attendance and participation in the community increases knowledge and skills, allowing people to stand out from the crowd.
  • Opportunity to network with other Software Professionals and keep in touch with job opportunities in the region.


Local News

OWASP Belfast Chapter Session - Monday March 14th

7:00 PM Queens Ashby Building Stranmillis Rd, Belfast BT9 5AG, Belfast

Register at http://www.meetup.com/OWASP-Belfast/events/228894486/

OWASP Belfasts' March session has two great talks planned, along with the usual pizza and beers (kindly sponsored by Vertical Structure).

Top 10 WebHacks of 2015


Kuskos - Threat Center Manager at Whitehat

Every year the security community produces a stunning number of new Web hacking techniques that are published in various white papers, blog posts, magazine articles, mailing list emails, conference presentations, etc. Within the thousands of pages are the latest ways to attack websites, Web browsers, Web proxies, and their mobile platform equivalents. Beyond individual vulnerabilities with CVE numbers or system compromises, we are solely focused on new and creative methods of Web-based attack. Now in its tenth year, the Top 10 Web Hacking Techniques list encourages information sharing, provides a centralized knowledge base, and recognizes researchers who contribute excellent research.


Open Source Security – What Security Testing Tools Miss

Mike Pittenger - VP of Security Strategy for Blackduck

Static analysis, dynamic analysis, and other testing tools are all essential weapons against adversaries. But for the 80%+ of companies worldwide that use open source software in their application development these tools are ineffective in identifying and mitigating open source security risks . This presentation will cover: • The value of static and dynamic tools, and where they best fit in the Secure Development Lifecycle • Why these tools are not useful in identifying known vulnerabilities in open source components • Controls development and security professionals can deploy to select, detect, manage and monitor open source for existing and newly disclosed vulnerabilities.


Sign-up for the OWASP Belfast mailing list for more information about this session, and other security related topics, at http://lists.owasp.org/mailman/listinfo/owasp-Belfast