This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Bristol"
| Line 14: | Line 14: | ||
| − | '''Date''': Thursday, | + | '''Date''': Thursday, 17th March 2016, 19:00 |
| − | '''Location''': | + | '''Location''': Cray - Broad Quay House, Broad Quay, Bristol BS1 4DJ, Bristol |
| − | '''Registration''': | + | '''Registration''': http://www.meetup.com/OWASP-Bristol/events/228380487/ |
| − | '''Event sponsors''': | + | '''Event sponsors''': Cray Supercomputers |
| + | |||
| + | '''Agenda''': | ||
| + | |||
| + | * 7:00pm - Social | ||
| + | * 7:25pm - OWASP updates / Speakers intro | ||
| + | * 7:30pm - Presentation 1: Dinis Cruz - "New Era of Software with modern Application Security" | ||
| + | * 8:15pm - Presentation 2: Scott Alexander-Bown - "Android app security on a shoestring budget" | ||
| + | |||
| + | '''Presentation 1''': New Era of Software with modern Application Security | ||
| + | |||
| + | '''Abstract''': This presentation will start with an overview of the current state of Application Insecurity (with practical examples). This will make the attendees think twice about what is about to happen to their applications. The solution is to leverage a new generation of application security thinking such as: TDD, Docker, Test Automation, Static Analysis, cleaver Fuzzing, JIRA Risk workflows, Kanban, micro web services visualization, and ELK. These practices will not only make applications/software more secure/resilient, but it allow them to be developed in a much more efficient, cheaper and productive way. | ||
| + | |||
| + | '''Bio''': Dinis is focused on creating Application Security teams and providing Application Security assurance across the SDL (from development, to operations, to business processes, to board-level decisions). His focus is in the alignment of the business’s risk appetite with the reality created by Applications developed internally, outsourced or purchased. He is also an active Developer and Application Security Engineer focused on how to develop secure applications. A key drive is on 'Automating Application Security Knowledge and Workflows' which is the main concept behind the OWASP O2 Platform. | ||
| + | |||
| + | |||
| + | |||
| + | '''Presentation 2''': Android app security on a shoestring budget | ||
| + | |||
| + | '''Abstract''': Even with all the time & budget in the world you can't make a completely bulletproof app, so how do you stand a chance with a real world app? Real world apps have limited budget, are short on time and the task priorities are often decided by the security oblivious client/project managers. | ||
| + | |||
| + | So what can we developers do to increase our app’s security and help protect our professional reputation? Where should we focus our app security effort? Isn’t security really difficult? and what gives us the biggest bang for our buck? | ||
| + | |||
| + | We will answer these questions and show that improving your security need not be technically challenging or time consuming. Also I’ll illustrate that it doesn’t necessarily need buy-in from stakeholders. | ||
| + | |||
| + | We’ll be using commercially viable open source libraries to level up your app’s network verification, tamper protection, device integrity checks and more! while keeping in mind a shoestring budget! | ||
| + | |||
| + | Many of the presented security protection techniques can be applied to iOS apps too, however the focus and examples will be Android. | ||
| + | |||
| + | '''Bio''': Scott is a Lead Android Developer and co-author of the Android Security Cookbook. Founder of SWmobile, a mobile developer focused meetup.com group with 650+ members. Creator of several open source Android security libraries. Enjoys spending time with his young family, running, Mexican food, Belgium beer and reading. | ||
| + | |||
| + | |||
| + | '''Date''': Friday, 20th May 2016, 18:00 | ||
| + | |||
| + | '''Location''': KMPG | ||
| + | |||
| + | '''Registration''': | ||
| + | |||
| + | '''Event sponsors''': KPMG | ||
= Past Events = | = Past Events = | ||
Revision as of 18:35, 9 March 2016
OWASP Bristol, UK
Welcome to the Bristol, UK chapter homepage. Details of the chapter leaders are here Bristol_Chapter_Leaders.
Participation
OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.
Sponsorship/Membership
to this chapter or become a local chapter supporter.
Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? 
<paypal>Bristol UK</paypal>
Please contact Bristol Chapter Leaders if you have further questions.
Chapter Sponsors
The following are the list of OWASP Corporate Members who have generously aligned themselves with the Bristol chapter, therefore contributing funds to our chapter:
Meeting Sponsors
The following is the list of organisations who have generously provided us with space for Bristol chapter meetings:
Chapter Meetings
Date: Thursday, 17th March 2016, 19:00
Location: Cray - Broad Quay House, Broad Quay, Bristol BS1 4DJ, Bristol
Registration: http://www.meetup.com/OWASP-Bristol/events/228380487/
Event sponsors: Cray Supercomputers
Agenda:
- 7:00pm - Social
- 7:25pm - OWASP updates / Speakers intro
- 7:30pm - Presentation 1: Dinis Cruz - "New Era of Software with modern Application Security"
- 8:15pm - Presentation 2: Scott Alexander-Bown - "Android app security on a shoestring budget"
Presentation 1: New Era of Software with modern Application Security
Abstract: This presentation will start with an overview of the current state of Application Insecurity (with practical examples). This will make the attendees think twice about what is about to happen to their applications. The solution is to leverage a new generation of application security thinking such as: TDD, Docker, Test Automation, Static Analysis, cleaver Fuzzing, JIRA Risk workflows, Kanban, micro web services visualization, and ELK. These practices will not only make applications/software more secure/resilient, but it allow them to be developed in a much more efficient, cheaper and productive way.
Bio: Dinis is focused on creating Application Security teams and providing Application Security assurance across the SDL (from development, to operations, to business processes, to board-level decisions). His focus is in the alignment of the business’s risk appetite with the reality created by Applications developed internally, outsourced or purchased. He is also an active Developer and Application Security Engineer focused on how to develop secure applications. A key drive is on 'Automating Application Security Knowledge and Workflows' which is the main concept behind the OWASP O2 Platform.
Presentation 2: Android app security on a shoestring budget
Abstract: Even with all the time & budget in the world you can't make a completely bulletproof app, so how do you stand a chance with a real world app? Real world apps have limited budget, are short on time and the task priorities are often decided by the security oblivious client/project managers.
So what can we developers do to increase our app’s security and help protect our professional reputation? Where should we focus our app security effort? Isn’t security really difficult? and what gives us the biggest bang for our buck?
We will answer these questions and show that improving your security need not be technically challenging or time consuming. Also I’ll illustrate that it doesn’t necessarily need buy-in from stakeholders.
We’ll be using commercially viable open source libraries to level up your app’s network verification, tamper protection, device integrity checks and more! while keeping in mind a shoestring budget!
Many of the presented security protection techniques can be applied to iOS apps too, however the focus and examples will be Android.
Bio: Scott is a Lead Android Developer and co-author of the Android Security Cookbook. Founder of SWmobile, a mobile developer focused meetup.com group with 650+ members. Creator of several open source Android security libraries. Enjoys spending time with his young family, running, Mexican food, Belgium beer and reading.
Date: Friday, 20th May 2016, 18:00
Location: KMPG
Registration:
Event sponsors: KPMG
We are looking for organizations to sponsor the Bristol chapter.
You can sponsor the chapter for one year at the following levels:
- £2000 Platinum
- £1000 Gold
- £500 Silver
If you are interested in sponsoring the chapter then please get in touch with one of the Bristol Chapter Leaders.
Call for Presentations
As a speaker please review the OWASP speaker agreement
Stay in contact:
|
|
|
