|
|
(103 intermediate revisions by 8 users not shown) |
Line 1: |
Line 1: |
− | {{Chapter Template|chaptername=Ireland|extra= [[File:Ireland-logo.jpg]]| mailinglistsite=https://lists.owasp.org/mailman/listinfo/owasp-ireland}} become a [http://www.owasp.org/index.php/Membership#Categories_of_Membership_.26_Supporters Member or Annual Chapter Sponsor(s)]. <br>
| |
| | | |
− | == OWASP Ireland Board ==
| + | [[File:Owasp_logo_ireland_small.jpg]] |
| | | |
− | Should you have a question about the local chapter, would like to get more involved contact ANY of the following people below <br><br>
| + | |
| + | |meetupurl=https://www.meetup.com/OWASP-Dublin/|region=Europe}} |
| | | |
− | *'''President''' [mailto:fcerullo(at)owasp.org Fabio Cerullo] +353877817468<br>
| + | == Local News == |
− | *'''Vice President/Global Board Member''' [[User:EoinKeary | Eoin Keary]] <br>
| |
− | *'''Secretary''' [mailto:rahim.jina(at)owasp.org Rahim Jina] TBD<br>
| |
| | | |
− | <br>'''OWASP Ireland'''<br>23 The Chandler, Rahtborne Village <br>Ashtown, Dublin 15, Ireland <br>Tel: +353877817468 | Fax: +353877817468 <br><paypal>Ireland</paypal> <br>
| + | Everyone is welcome to join us at our chapter meetings. |
| | | |
− | == OWASP Ireland 2010 ==
| + | [[Category:OWASP Chapter]] |
− | Click [[OWASP IRELAND 2010]] for more information <br><br>
| |
− | | |
− | == OWASP Ireland 2010 Agenda ==
| |
− | | |
− | <br>
| |
− | | |
− | ==== APR 2010 ====
| |
− | | |
− | == OWASP Live CD - An open environment for Web Application Security ==
| |
− | | |
− | '''When:''' 16/4/2010 2:30pm - 5:00pm <br>
| |
− | | |
− | '''Where:''' Ernst & Young, Harcourt Street, Dublin 2, Opposite the Odeon Pub, Dublin, Ireland
| |
− | | |
− | '''Sponsors:''' [[File:Ey_logo.gif]]<br>
| |
− | | |
− | '''Title:''' OWASP Live CD - An open environment for Web Application Security <br>
| |
− | '''Abstract:''' This CD collects some of the best open source security projects in a single environment. Web developers, testers and security professionals can boot from this Live CD and have access to a full security testing suite. This presentation aims to provide a showcase for the great OWASP tools and documentation materials available in the CD, tips and tricks, and also some introductory stuff regarding code review and penetration testing.
| |
− | <br>
| |
− | Training is aimed at introductory /intermediate level in terms of pen testing, code review and tools.
| |
− | | |
− | '''Presenters:'''
| |
− | | |
− | '''Rahim Jina'''
| |
− | <br>
| |
− | Rahim Jina currently works as a senior consultant for Ernst & Young's Risk Advisory Services in Dublin. He has worked there for nearly four years primarily delivering penetration testing services to clients globally, focusing on web applications and secure code review.
| |
− | He has been involved with OWASP for the past two years, being involved in the Summer of Code 2008 as lead reviewer for the Code Review Guide 2009. He has also made contributions to the SAMM project (OpenSAMM).
| |
− | He holds an MSC in Security and Forensic Computing from DCU and a degree in computer science from Trinity college.
| |
− | <br>
| |
− | '''Eoin Keary'''
| |
− | <br>
| |
− | Eoin is a long time member of OWASP and have contributed year on year to OWASP projects and the OWASP mission of fighting the causes of software insecurity. He is based in Dublin, Ireland and run the Ernst & Young application security team across Europe. His OWASP contributions to date include the OWASP Code Review Guide, OWASP Testing Guide, OWASP SAMM, and OWASP ASVS. He is a member of the OWASP Global Industry Committee, chair of the OWASP Conferences Committee and member of the OWASP Global Board. Eoin founded the OWASP Ireland chapter back in 2004 and currently serves as Vice President of the OWASP Ireland Board.
| |
− | | |
− | '''Pictures from the event:'''
| |
− | | |
− | <center>
| |
− | <table>
| |
− | <tr>
| |
− | <td>
| |
− | [http://www.owasp.org/images/d/db/P1040923_1024.JPG http://www.owasp.org/images/2/24/P1040923_small.jpg]<br>[http://www.owasp.org/images/d/db/P1040923_1024.JPG zoom]
| |
− | </td>
| |
− | <td>
| |
− | [http://www.owasp.org/images/f/f3/P1040927_1024.JPG http://www.owasp.org/images/e/ec/P1040927_small.jpg]<br>[http://www.owasp.org/images/f/f3/P1040927_1024.JPG zoom]
| |
− | </td>
| |
− | <td>
| |
− | [http://www.owasp.org/images/6/64/P1040929_1024.JPG http://www.owasp.org/images/b/b1/P1040929_small.jpg]<br>[http://www.owasp.org/images/6/64/P1040929_1024.JPG zoom]
| |
− | </td>
| |
− | </tr>
| |
− | </table>
| |
− | </center>
| |
− | | |
− | | |
− | | |
− | == APPSEC IRELAND INFORMAL MEET-UP ==
| |
− | | |
− | This is a informal gathering to meet others in information security and have a pint ;) all are welcome <br>
| |
− | | |
− | '''When:''' Odeon Pub <br>
| |
− | | |
− | '''Where:''' After OWASP Live CD training <br>
| |
− | | |
− | '''Sponsors:''' In case you want to sponsor this event, please contact [mailto:fcerullo(at)owasp.org Fabio Cerullo]. <br>
| |
− | | |
− | ==== JUN 2010 ====
| |
− | | |
− | == APPSEC IRELAND INFORMAL MEET-UP ==
| |
− | | |
− | This is a informal gathering to meet others in information security and have a pint ;) all are welcome <br>
| |
− | | |
− | '''When:''' TBD <br>
| |
− | | |
− | '''Where:''' TBD <br>
| |
− | | |
− | '''Sponsors:''' In case you want to sponsor this event, please contact [mailto:fcerullo(at)owasp.org Fabio Cerullo]. <br>
| |
− | | |
− | ==== JUL 2010 ====
| |
− | | |
− | == APPSEC IRELAND INFORMAL MEET-UP ==
| |
− | | |
− | This is a informal gathering to meet others in information security and have a pint ;) all are welcome <br>
| |
− | | |
− | '''When:''' TBD <br>
| |
− | | |
− | '''Where:''' TBD <br>
| |
− | | |
− | '''Sponsors:''' In case you want to sponsor this event, please contact [mailto:fcerullo(at)owasp.org Fabio Cerullo]. <br>
| |
− | | |
− | ==== AUG 2010 ====
| |
− | | |
− | == APPSEC IRELAND INFORMAL MEET-UP ==
| |
− | | |
− | This is a informal gathering to meet others in information security and have a pint ;) all are welcome <br>
| |
− | | |
− | '''When:''' TBD <br>
| |
− | | |
− | '''Where:''' TBD <br>
| |
− | | |
− | '''Sponsors:''' In case you want to sponsor this event, please contact [mailto:fcerullo(at)owasp.org Fabio Cerullo]. <br>
| |
− | | |
− | ==== SEP 2010 ====
| |
− | | |
− | == APPSEC IRELAND 2010 ==
| |
− | | |
− | Due to popular demand we are hosting the 2nd OWASP IRELAND event, '''OWASP Ireland 2010'''.
| |
− | <br> Continuing last years highly successful conference, with more than 150 attendees from across the globe OWASP is happy to repeat this positive experience.
| |
− | <br>Delegates from numerous industry verticals attended the 2009 event; from government to finance to telecoms.
| |
− | Share your thoughts at this open event with some of the most experienced individuals in the information security industry.
| |
− | | |
− | <br>''More info about this upcoming event coming soon.''<br>
| |
− | | |
− | '''When:''' '''September 2010 - exact date to be confirmed'''<br>
| |
− | | |
− | '''Where:''' Trinity College Dublin, The Hamilton Building <br>
| |
− | | |
− | '''Sponsors:''' In case you want to sponsor this event, please contact [[Eoin_Keary|Eoin Keary]]. <br>
| |
− | | |
− | '''Subscribe to the OWASP Ireland [https://lists.owasp.org/mailman/listinfo/owasp-ireland mail list] for the up-to-date information.'''
| |
− | | |
− | | |
− | ==== OCT 2010 ====
| |
− | | |
− | == APPSEC IRELAND INFORMAL MEET-UP ==
| |
− | | |
− | This is a informal gathering to meet others in information security and have a pint ;) all are welcome <br>
| |
− | | |
− | '''When:''' TBD <br>
| |
− | | |
− | '''Where:''' TBD <br>
| |
− | | |
− | '''Sponsors:''' In case you want to sponsor this event, please contact [mailto:fcerullo(at)owasp.org Fabio Cerullo]. <br>
| |
− | | |
− | ==== NOV 2010 ====
| |
− | | |
− | == APPSEC IRELAND INFORMAL MEET-UP ==
| |
− | | |
− | This is a informal gathering to meet others in information security and have a pint ;) all are welcome <br>
| |
− | | |
− | '''When:''' TBD <br>
| |
− | | |
− | '''Where:''' TBD <br>
| |
− | | |
− | '''Sponsors:''' In case you want to sponsor this event, please contact [mailto:fcerullo(at)owasp.org Fabio Cerullo]. <br>
| |
− | | |
− | ==== DEC 2010 ====
| |
− | | |
− | == APPSEC IRELAND INFORMAL MEET-UP ==
| |
− | | |
− | This is a informal gathering to meet others in information security and have a pint ;) all are welcome <br>
| |
− | | |
− | '''When:''' TBD <br>
| |
− | | |
− | '''Where:''' TBD <br>
| |
− | | |
− | '''Sponsors:''' In case you want to sponsor this event, please contact [mailto:fcerullo(at)owasp.org Fabio Cerullo]. <br>
| |
− | | |
− | | |
− | ==== 2010 Chapter Plan ====
| |
− | | |
− | '''Special Project:'''Educational Outreach<br>Summary: Drive education awareness of OWASP among Irish Universities and Third Level Institutions. <br>Plan: <insert plan> <br>Next Milestone: Update the plan<br>Participants: Fabio Cerullo <br><br>
| |
− | | |
− | '''Special Project:'''Industry Outreach<br>Summary: Raise awareness of OWASP among Irish industry.<br>Plan: <insert plan> <br>Next Milestone: Update the plan<br>Participants: Eoin Keary<br><br>
| |
− | | |
− | '''Special Project:'''Membership Drive <br>Summary: Increase local chapter members individuals and corporate supporters <br>Plan: <insert> <br>Next Milestone: Update the plan<br>Project Participants: Rahim Jina<br><br>
| |
− | | |
− | '''Special Project:'''Hands-On Training<br>Summary: Provide 1-day, 3-day and 5-day hands-on classroom / online training classes<br>Next Milestone: Organize Training Offerings<br>Project Participants: Fabio Cerullo<br><br>
| |
− | | |
− | | |
− | Call For Presentations for 2010 is now open - please contact fcerullo(@)owasp.org / +353877817468 if you would like to speak or can host a meeting. <br><br>*Note meeting hosts are provided with annual chapter sponsorship and free seats in training classes. The OWASP Foundation, Ireland chapter focuses on implementation of efforts defined by the [http://www.owasp.org/index.php/Global_Committee_Pages Global Committee] as well as new concepts and ideas defined locally. Below are a list of ACTIVE projects assigned to individual active members and teams within the local chapter. If you would like to help out on ANY of these efforts, contact them directly to get involved
| |
− | | |
− | ==== FEB 2010 ====
| |
− | | |
− | == OWASP Ireland Event - What is the O2 Platform? ==
| |
− | | |
− | '''When:''' 19/2/2010 3:00pm - 5:00pm <br>
| |
− | | |
− | '''Where:''' Ernst & Young, Harcourt Street, Dublin 2, Opposite the Odeon Pub, Dublin, Ireland
| |
− | | |
− | '''Sponsors:''' [[File:Ey_logo.gif]]<br>
| |
− | | |
− | '''Title:''' OWASP O2 Platform - Open Platform for automating application security knowledge and workflows <br>'''Abstract:''' In this talk Dinis Cruz will show the OWASP O2 Platform which is an open source toolkit specifically designed for developers and security consultants to be able to perform quick, effective and thorough 'source-code-driven' application security reviews. The OWASP O2 Platform (http://www.owasp.org/index.php/OWASP_O2_Platform) consumes results from the scanning engines from Ounce Labs, Microsoft's CAT.NET tool, FindBugs, CodeCrawler and AppScan DE, and also provides limited support for Fortify and OWASP WebScarab dumps. In the past, there has been a very healthy skepticism on the usability of Source Code analysis engines to find commonly found vulnerablities in real world applications. This presentation will show that with some creative and powerful tools, it IS possible to use O2 to discover those issues. This presentation will also show O2's advanced support for Struts and Spring MVC.
| |
− | | |
− | '''Presenter:''' Dinis Cruz is a Security Consultant based in London (UK) and specialized in: ASP.NET/J2EE Application Security, Application Security audits and .NET Security Curriculum Development. For the past years Dinis has focused on the field of Static Source Code analysis, from May 2007 to Dec 2009 he worked as a independent consultant for Ounce Labs (bought by IBM in July 2009) where during active security engagements using Ounce's technology he developed the Open Source codebase which now is the foundation of the OWASP O2 Platform. Dinis is currently focused on making the O2 Platform the industry standard for consuming, instrumenting and data-sharing between the multiple WebAppSec tools, the Security consultants and the final developers. Dinis is a also active trainer on .Net security having written and delivered courses for IOActive, Foundstone, Intense School and KPMG (at multiple locations including BlackHat), and has delivered a number of presentations and keynote speeches at multiple OWASP and Security related conferences. At OWASP, Dinis is the leader of the [[OWASP O2 Platform]] project, member of the OWASP [[Global Projects Committee]], chair of the [[OWASP Connections Committee]] and member of the [[About_The_Open_Web_Application_Security_Project#Global_Board_Members|OWASP Board]].
| |
− | | |
− | '''Download Presentation:''' http://www.o2-ounceopen.com/files-binaries-source-and-demo/old-documents-and-presentations/OWASP_O2_Platform_-_AppSec_Ireland_Sep_2009.pdf
| |
− | | |
− | == IISF/OWASP – February Chapter Meeting ==
| |
− | | |
− | '''When:''' 25/2/2010 2:00pm - 4:00pm <br>
| |
− | | |
− | '''Where:''' Georgian Suite, Buswells Hotel, Molesworth St., Dublin 2
| |
− | | |
− | '''Title:''' An overview of Web Application Security threats and technologies.
| |
− | Practical advice and techniques for improving Application Security, presented by OWASP.
| |
− | | |
− | 2:00 - Introduction by IISF Chairman
| |
− | | |
− | 2:05 - Presentation : “Practical advice for improving Application Security”
| |
− | - Introduction to OWASP and OWASP Top Ten
| |
− | - Demonstration video of typical web based attacks with high level explanation
| |
− | - Live SQL injection demo using WebGoat & WebScarab
| |
− | - Live Cross Site Scripting demo using WebGoat & WebScarab
| |
− | | |
− | '''Download Presentation:''' [[File:IISF_250210_part1.ppt]]
| |
− | | |
− | 3:00 - Coffee
| |
− | | |
− | 3:20 – Presentation continues
| |
− | - Application Security: "The problems we are faced with"
| |
− | - The Application Security Verification Standard
| |
− | - SDLC & Security Assurance Maturity Model
| |
− | - Code Review versus traditional Runtime Testing.
| |
− | - Q&A
| |
− | | |
− | '''Download Presentation:''' [[File:IISF_250210_part2.pptx]]
| |
− | | |
− | 4:00 - Close of Meeting
| |
− | | |
− | 4:05 - Traditional networking in Buswells Bar
| |
− | | |
− | | |
− | ==== MAR 2010 ====
| |
− | | |
− | == APPSEC IRELAND INFORMAL MEET-UP - 26/3/2010 ==
| |
− | | |
− | This is a informal gathering to meet others in information security and have a pint ;) all are welcome <br>
| |
− | | |
− | '''When:''' TBD <br>
| |
− | | |
− | '''Where:''' TBD <br>
| |
− | | |
− | '''Sponsors:''' In case you want to sponsor this event, please contact [mailto:fcerullo(at)owasp.org Fabio Cerullo]. <br>
| |
− | | |
− | | |
− | | |
− | | |
− | | |
− | __NOTOC__ <headertabs />
| |
− | | |
− | [[Category:Ireland]]
| |
Everyone is welcome to join us at our chapter meetings.