This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Belgium

From OWASP
Revision as of 15:12, 29 May 2017 by Thomas Herlea (talk | contribs) (Linked to page with 2016 events instead of transcluding it.)

Jump to: navigation, search

OWASP Belgium

Welcome to the Belgium chapter homepage. The chapter leader is Sebastien Deleersnyder


Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

Btn donate SM.gif to this chapter or become a local chapter supporter. Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG


Upcoming events

Upcoming chapter meetings

See https://www.owasp.org/index.php/Belgium#Chapter_Meetings for more details.

Stay in touch

Meetup-logo-2x.png Join the list.png Follow-us-on-twitter.png Linkedin-button.gif

If you want to be invited for the next OWASP Belgium Chapter meetings, please drop us your contact info.

Structural Sponsors 2017

OWASP Belgium thanks its structural chapter supporters for 2017 and the OWASP BeNeLux Days 2016:

VeraCode logo.png Vest.jpg Intigriti verticaal.jpg Ecurify-2016.png HPE logo 250.png LogoToreon.jpg Zionsecurity.jpg Nviso logo RGB baseline 200px.png Whitehat-security hor.jpg

If you want to support our chapter, please contact Seba Deleersnyder

19 June 2017 Meeting

WHEN

Monday 19 June 2017

WHERE

Host
NVISO
Address
Sinter-Goedelevoorplein 5 Parvis Sainte Gudule,
1000 Brussels
(map, directions)

PROGRAM

The agenda:

  • 18h00 - 18h50: Welcome & sandwiches
  • 18h50 - 19h00: OWASP Update (by Sebastien Deleersnyder, OWASP)
Abstract: The OWASP Summit 2017 is a 5-day participant driven event, dedicated to the collaboration of Development and Security professionals, with a strong focus on DevSecOps. This session will be a debriefing of what was delivered by 130+ participants in 145 Working Sessions :-).
Bio: Sebastien is an OWASP volunteer, Summit co-organizer and application security consultant at Toreon."
Abstract: Everyone knows you ought to threat model, but in practical reality it turns out to be tricky. If past efforts to threat model haven't panned out, perhaps part of the problem is confusion over what works, and how the various approaches conflict or align. This talk captures lessons from years of work helping people throughout the software industry threat model more effectively. It's designed to help security pros, developers and systems managers, all of whom will leave with both threat modeling lessons from Star Wars and a proven foundation, enabling them to threat model effectively.
Bio: Adam is a consultant, entrepreneur, technologist, author and game designer. He's a member of the BlackHat Review Board, and helped found the CVE and many other things. He's currently helping a variety of organizations improve their security, and advising and mentoring startups as a Mach37 Star Mentor. While at Microsoft, he drove the Autorun fix into Windows Update, was the lead designer of the SDL Threat Modeling Tool v3 and created the "Elevation of Privilege" game. Adam is the author of "Threat Modeling: Designing for Security," and the co-author of "The New School of Information Security."
  • 20h30 - ... : Reception

REGISTRATION

Please register via EventBrite: https://owasp-belgium-2017-06-19.eventbrite.com

Coverage

29 May 2017 Meeting

WHEN

Monday 29 May 2017

WHERE

Host
Ernst & Young
Address
De Kleetlaan 2,
1831 Machelen
(map, directions)

PROGRAM

The agenda:

Abstract: Today, the classic infection vectors remain SMTP and HTTP. Many spam & phishing campaigns are delivered to the victim’s mailbox and usually the next step of the attack is performed on top of HTTP, by visiting a malicious website or downloading a piece of malicious code. This talk will be split in two parts. To begin, I’ll explain how HTTP techniques are used to make the life of security researchers and incident handlers more difficult (attackers use many techniques to prevent access to their juicy data). The next part will demonstrate that attackers are also humans and make mistakes like all of us. They also need to follow the OWASP Top-10! I’ll review some example of bad code / bad configuration that I found during my investigations.
Bio: Xavier Mertens is a freelance security consultant based in Belgium. His job focuses on protecting his customers by applying “offensive” (pentesting) as well as “defensive” security (incident handling, log management, SIEM, security visualisation, OSINT). Xavier is also a SANS Internet Storm Center handler (https://isc.sans.org). He’s also maintaining his security blog (https://blog.rootshell.be) and is a co-organizer of the BruCON security conference (http://www.brucon.org).
  • 19h45 - 20h30: Reverse engineering with Panopticon: a Libre Cross-Platform Disassembler (by Kai Michaelis)
Abstract: The Panopticon project aims to develop a tool to end the dominance of proprietary software for reverse engineering.
Panopticon is a graphical disassembler written in Rust that runs on GNU/Linux, Windows and OS X, which aims to create a free replacement for tools like IDA Pro and BinDiff.
What sets Panopticon apart from other free disassembler is the belief that an intuitive GUI is paramount to aid human analysts to understand as much of the binary as possible. As such Panopticon comes with an Qt 5 UI written in QML that allows browsing and annotating control flow graphs.
Bio: Kai Michaelis studies IT-Security in Bochum, Germany and works part-time on Free Software. When he's not on the campus you can meet him at the local hackerspace. His interests are program analysis, reverse engineering and cryptography.
  • 20h30 - ... : Reception

REGISTRATION

Please register via EventBrite: https://owasp-belgium-2017-05-29.eventbrite.com

Coverage

Photo from the 2017-05-29 meeting of the Belgian OWASP chapter

28 February 2017 Meeting

WHEN

Tuesday 28 Feburary 2017

WHERE

Host
Distrinet Research Group (KU Leuven) (Both speakers are faculty of the Secure Application Development course held in Leuven from 2017-02-27 to 2017-03-03.)
Address
Department of Computer Science (foyer at ground floor)
Celestijnenlaan 200 A
3001 Heverlee
(map, directions)

PROGRAM

The agenda:

Abstract: TBD
Bio: Jim Manico is the founder of Manicode Security where he trains software developers on secure coding and security engineering. Jim is a frequent speaker on secure software practices and is a member of the Java-One Rock Star speaker community. Jim was a Global Board Member for the OWASP foundation and is the author of "Iron-Clad Java: Building Secure Web Applications" from McGraw-Hill..
Abstract: Not a day goes by without a story on a Web security incident somewhere. A data breach disclosing millions of people’s details. A defacement of a major Web site. Malware served from a legitimate Web site to thousands of users. Contrary to popular belief, the people running these Web sites are generally not clueless about security, but getting it right is just not that easy. Recent evolutions, like the rise of public networks, or the strong dependence on third-party code, have made it easier to attack Web sites, and harder to defend them. Join us to get an overview of these threats, and to take a dive into HTTP Strict Transport Security (HSTS), one of the latest Web security technologies that really help you improve security.
Bio: Philippe De Ryck is a professional speaker and trainer on software security and web security. Since he obtained his PhD at the imec-DistriNet research group (KU Leuven, Belgium), he has been running the group's Web Security Training program, which ensures a sustainable knowledge transfer of the group’s security expertise towards practitioners.

REGISTRATION

Please register via EventBrite: https://owasp-belgium-2017-02-28.eventbrite.com

Coverage

Previous Years

The Belgium Chapter is supported by the following board:

  • Sebastien Deleersnyder, Toreon
  • Erwin Geirnaert, Zion Security
  • Philippe Bogaerts, AviNetworks
  • Lieven Desmet, KU Leuven
  • Bart De Win, PWC
  • David Mathy, Freelance
  • Adolfo Solero, Freelance
  • Stella Dineva, Ingenico Payment Services
  • Thomas Hermes, NVISO

Our goal is to professionalize the local OWASP functioning, provide in a bigger footprint to detect OWASP opportunities such as speakers/topics/sponsors/… and set a 5 year target on: Target audiences, Different events and Interactions of OWASP global – local projects.