Difference between revisions of "Birmingham"

Latest revision as of 15:30, 12 August 2019

1 OWASP Birmingham, UK
2 Participation
3 Sponsorship/Membership
4 Next Meeting / Event

OWASP Birmingham, UK

Welcome to the Birmingham, UK chapter homepage. The Chapter Leaders are Nathan Britton and Jim Gumbley.

Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

to this chapter or become a local chapter supporter. Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member?

Next Meeting / Event

Would love to see you join us at our second OWASP Birmingham Chapter meetup since its reboot.

Location: Join us @Trowers & Hamlins LLP on Colmore Row (5 mins from New Street Station) on Thursday 11th July for two great infosec talks!

Meetup Schedule:

5.45pm - Doors open

6.00pm - Welcome and Food

6.30pm - TALK: “The Rise of Cryptocurrency Exploits and Facebook’s Libra” - Vladlena Benson (PDF)

7.15pm - Break and gathering input on future events

7.30pm - TALK: “Advances in modern Attack Bots” - David Warburton (PDF)

8.15pm - Close

Here are details of the talks!

“The Rise of Cryptocurrency Exploits and Facebook’s Libra” - Vladlena Benson is Director of the Cybersecurity & Innovation Cluster at #

Aston Business School and a Professor of Cybersecurity

With Facebook plans to launch its cryptocurrency Libra, Vladena asks, should we be concerned? Does the data usage of Facebook users

jeopardise the anonymity of cryptocurrency payments? Will the involvement of a number of data giants/monopolies further take the

data ownership away from users? Can regulation stay up to speed with cryptocurrencies? Can the security of cryptocurrencies which rely

on existing algorithms remain secure when constantly challenged by cyber attackers?

“Advances in modern Attack Bots” - David Warburton is an information security threat researcher for F5 Labs where he works on identifying

emerging cyber threats

Bots are a nuisance and the weapon of choice for DDoS attacks. But modern bots are capable of much more and are claimed to be behind

three quarters of all attacks that hit web sites and APIs. Bots now evade controls which try to differentiate between bots and humans.

Techniques to prevent attacks need to evolve. David will explain what bots are and how they’re created, what they’re now capable of,

which industries are most affected by them and how they are evolving to avoid our current defences.

Here is Trowers page on finding the location: https://www.trowers.com/offices/birmingham/location

You will need to be registered to be granted entry. So please do register.

See you all there. Can't wait.

Nathan + Jim

@@ Line 1: / Line 1: @@
+{{Chapter Template|chaptername=Birmingham, UK|extra= The Chapter Leaders are [mailto:[email protected] Nathan Britton] and [mailto:[email protected] Jim Gumbley].
-{{Chapter Template|chaptername=Birmingham, UK|extra=Details of your our Chapter Leaders are  here [[Birmingham_Chapter_Leaders]] |mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-birmingham|emailarchives=http://lists.owasp.org/pipermail/owasp-birmingham}}
+|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-birmingham|emailarchives=http://lists.owasp.org/pipermail/owasp-birmingham}}
-If you would like to submit a talk then please [https://docs.google.com/a/fishermansenemy.com/spreadsheet/viewform?formkey=dEtraldFSkh4YWxPWkxwdVFfcGNGRHc6MQ#gid=0 fill in this form]
-OWASP is a charitable organisation. Our chapter meetings are free to attend but there are always costs associated with running them. Any amount of donation is appreciated and will be used entirely to enhance the chapter meetings: <paypal>Birmingham UK</paypal>
+== Next Meeting / Event ==
+Would love to see you join us at our second OWASP Birmingham Chapter meetup since its reboot.
-== Sponsors ==
+'''Location:''' Join us '''@Trowers & Hamlins LLP''' on Colmore Row (5 mins from New Street Station) on Thursday 11th July for two great infosec talks!
-Many thanks to our first silver sponsor, [https://www.hedgehogsecurity.co.uk/ Hedgehog Security]
+Meetup Schedule:
-[[File:Hedgehogsec.jpg|200px|thumb|left]]
+.45pm - Doors open
+.00pm - Welcome and Food
+.30pm - TALK: “The Rise of Cryptocurrency Exploits and Facebook’s Libra” - Vladlena Benson ([[Media:OWASPBham_July2019_The_Rise_of_Cryptocurrency_Malware.pdf|PDF]])
+.15pm - Break and gathering input on future events
+.30pm - TALK: “Advances in modern Attack Bots” - David Warburton ([[Media:OWASPLondon_20190718_AdvancedBots_warburtr0n.pdf|PDF]])
+.15pm - Close
+Here are details of the talks!
+'''“The Rise of Cryptocurrency Exploits and Facebook’s Libra”'''  - ''Vladlena Benson is Director of the Cybersecurity & Innovation Cluster at #''
+''Aston Business School and a Professor of Cybersecurity''
+With Facebook plans to launch its cryptocurrency Libra, Vladena asks, should we be concerned? Does the data usage of Facebook users
-= Next Meeting =
+jeopardise the anonymity of cryptocurrency payments? Will the involvement of a number of data giants/monopolies further take the
-== Date ==
+data ownership away from users? Can regulation stay up to speed with cryptocurrencies? Can the security of cryptocurrencies which rely
-th August at 18:30
-== Location ==
-Birmingham Science Park
-Faraday Wharf, Holt Street,
-Birmingham, B7 4BB, UK
-== Tickets ==
+on existing algorithms remain secure when constantly challenged by cyber attackers?
-'''Tickets''' at [http://owaspbrum.eventbrite.co.uk eventbrite]
+'''“Advances in modern Attack Bots”''' - ''David Warburton is an information security threat researcher for F5 Labs where he works on identifying''
-== Talks ==
+''emerging cyber threats''
-SC magazine rising star award winner '''David Rook''' will be back in Birmingham to give this months first talk.
-'''Windows Phone 7 platform and application security overview'''
+Bots are a nuisance and the weapon of choice for DDoS attacks. But modern bots are capable of much more and are claimed to be behind
-Windows Phone 7 is the latest mobile operating system from Microsoft and is the youngest of all the major smartphone operating systems. Since it was released in late 2010 it has gained a small share of the smartphone market but this is likely to increase significantly with Nokia now using it as the OS for their flagship models.
+three quarters of all attacks that hit web sites and APIs. Bots now evade controls which try to differentiate between bots and humans.
-The young age of the OS and the small market share size means there has been very little security research carried out against this platform so far. This means that developers and security professionals are working with this platform without a detailed understanding of the security features and potential shortcomings.
+Techniques to prevent attacks need to evolve. David will explain what bots are and how they’re created, what they’re now capable of,
-Security should be part of the DNA of any application which stores or transmits sensitive data but how many of the developers with published applications understand common mobile application security vulnerabilities and more importantly how many know how to prevent them in their own applications?
+which industries are most affected by them and how they are evolving to avoid our current defences.
-This presentation will detail the security features of Windows Phone 7 with an emphasis on how developers can produce Windows Phone 7 apps that are free from common mobile application security vulnerabilities.
+Here is Trowers page on finding the location: '''<nowiki>https://www.trowers.com/offices/birmingham/location</nowiki>'''
-This talk will start by looking at why we should care about mobile security, what the implications are for developers and security professionals and how mobile manufacturers and network operators are now a big part of your threat models and how their approach to security could undermine your application security efforts.
+You will need to be registered to be granted entry. So please do register.
-I will then focus on the security model and features of Windows Phone 7 and how these features compare to those found in the iOS and Android operating systems.
+See you all there. Can't wait.
-The final part of this talk will focus on the types of vulnerabilities seen in mobile applications over the past few years and how developers can ensure their Windows Phone 7 apps are free from these vulnerabilities. This will include reviews of insecure and secure code samples from real world applications.
-This talk will arm developers and security professionals with an understanding of the Windows Phone 7 security features and the guidance they need to produce secure Windows Phone 7 apps.
-This talk will include demonstrations of Windows Phone 7 security tools that I'm developing such as the Windows Phone App Analyser.
-'''David Rook''' is the Application Security Lead at Realex Payments in Dublin. He is a contributor to several OWASP projects including the code review guide and the Cryptographic Storage Cheat Sheet. He has presented at leading information security conferences including DEF CON, BlackHat USA and RSA Europe. In addition to his work with OWASP David created a security resource website and blog called Security Ninja.
-The Security Ninja blog was nominated for five awards including the best technology blog at the Irish Blog Awards, the Computer Weekly IT Security blog award and was a finalist for the Irish Web Awards Best Technology Site. In 2011 David received a Developer Security MVP award from Microsoft and the SC Magazine Rising Star 2012. David strives to practice what he preaches and has backed up his work experience by developing two open source security code review tools called Agnitio and the Windows Phone App Analyser.
-'''Jamie Riden''' will be giving a short talk on web application honeypots, from history to current work and how they can be of use in researching current techniques of attackers, and in protecting web servers from exploitation even in the face of programming failures.
-The talk will include a live demo of a honeypot
-'''Jamie''' is a published security researcher, specifically in the field of honeypots. He is an active member of the Honeynet Project, having helped set up the current incarnation of the Project's web server, and has supervised students for various honeypot-related projects for the Google Summer of Code.
-He has published several articles on the subject of honeypots, intrusion detection and incident response. He has contributed signatures to the community Snort signature project, http://www.emergingthreats.net/ and has written portions of code for the open source IDS, Suricata
-== Participate ==
-If you'd like to present at one of our meetings then don't forget to fill in the [https://docs.google.com/a/fishermansenemy.com/spreadsheet/viewform?formkey=dEtraldFSkh4YWxPWkxwdVFfcGNGRHc6MQ#gid=0 speaker form]
-= Planned Chapter Meetings =
-August 30th 2012 Venue:Birmingham Science Park
-December 2012 Venue:TBC
-= Past Events =
-[[2012_06_06_Birmingham|6th June]]
-[[2012_23_03_Birmingham|23rd March]]
-[[2011_15_12_Birmingham|15th December]]
-<headertabs />
+Nathan + Jim
 [[Category:OWASP Chapter]]
-[[Category:United Kingdom]]
+[[Category:Europe]]

Difference between revisions of "Birmingham"

Latest revision as of 15:30, 12 August 2019

OWASP Birmingham, UK

Participation

Sponsorship/Membership

Next Meeting / Event

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Reference

Tools