This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Guadalajara"

From OWASP
Jump to: navigation, search
(OWASP 4th chapter meeting 2012 update)
Line 33: Line 33:
  
 
== Conferences, Meetings and Workshops ==
 
== Conferences, Meetings and Workshops ==
 +
 +
'''OWASP Guadalajara - 4th Chapter Meeting 2012'''
 +
 +
'''Location''': Intel Guadalajara
 +
 +
'''Address''':  Anillo Periferico Sur No. 7980 Edif. 4 E, Santa Maria Tequepexpan 44680 Guadalajara, Jalisco. Infront of “Centro Sur” within “Parque Industrial Intermex”.
 +
 +
'''Meeting Schedule''': Tuesday, December 4th, 2012. From 18:00 to 19:30.
 +
 +
'''Agenda'''
 +
 +
'''OWASP Updates'''
 +
Manuel Lopez and Eduardo Cerna - OWASP Guadalajara
 +
 +
'''How to secure .NET Web Applications'''
 +
Raul Villavicencio Hoyos—Sr Analyst - Apps Prog .NET—Bank of America
 +
'''Objective:'''  Present to IT Developers the .NET Framework built in  features to protect .NET  Web Applications and take advantage of them to avoid the most common attacks,
 +
'''BIO:''' Raul Villavicencio is a Developer/hands on Software Development Life Cycle based in Guadalajara Jalisco. His career span over 6 years including BA Continnum Mexico, Softtek, Jatco Mexico, Nissan Mexicana, Intramart and as Independent Consultant, Education includes Bachelor in Computational Systems Engineering from Universidad Autonoma de Aguascalientes,  Microsoft Technology Specialist/Microsoft Professional Developer on ASP.NET 3.5.
 +
 +
'''PenTest con Herramientas Open Source'''
 +
Santiago Monterrosas—Security Engineer at MCM Telecom
 +
Duramte Julio-Septiembre del presente año se realizo un proyecto de pentesting para un firma de viajes que opera en México y algunos países extranjeros principalmente EU y Europa,  la firma se dedica al turismo y vende reservaciones de hotel, avión, transportación, a personas y grupos, vía Internet. Para realizar los hallazgos en esta fase se acudio a herramientas tradicionales de hacking y para realizar ataques a los objetivos con direcciones IP Públicas se utilizo principalmente backtrack 5. En los ataques se utilzarón dos enfoques, uno basado en la métodología propuesta por Stutard Dafydd y Pinto, Marcus y otro en el enfoque de aplicar tantas herramientas como hallazgos se realicen pero siguiendo el top 10 de OWASP.
 +
 +
----
  
 
'''Festival de Software Libre 2012'''
 
'''Festival de Software Libre 2012'''

Revision as of 05:15, 21 November 2012

OWASP Guadalajara

Welcome to the Guadalajara chapter homepage. The chapter leaders are Manuel Lopez and Eduardo Cerna.


Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

Btn donate SM.gif to this chapter or become a local chapter supporter. Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG


Local News

General Information of OWASP Membership and benefits as well as the Local Chapter offer is here: Media:OWASP_Guadalajara_InfoGral.pptx

Flyer: Media:Membership Flyer Template_Guadalajara.pptx

Meeting Location

Everyone is welcome to join us at our chapter meetings.


OWASP Guadalajara Newsletter

OWASP Guadalajara Monthly Newsletter - Jul2012

Media:OWASP_Guadalajara_NEWSLETTER_JUL_2012.pdf‎


OWASP Guadalajara Monthly Newsletter - May2012

Media:OWASP_Guadalajara_NEWSLETTER_MAY_2012.pdf‎

OWASP Guadalajara Monthly Newsletter - April 2012

Please find the Monthly Bulleting of the OWASP Guadalajara. Please send us your comments and suggestions.

Media:OWASP_Guadalajara_NEWSLETTER_APRIL_2012.pdf


Conferences, Meetings and Workshops

OWASP Guadalajara - 4th Chapter Meeting 2012

Location: Intel Guadalajara

Address: Anillo Periferico Sur No. 7980 Edif. 4 E, Santa Maria Tequepexpan 44680 Guadalajara, Jalisco. Infront of “Centro Sur” within “Parque Industrial Intermex”.

Meeting Schedule: Tuesday, December 4th, 2012. From 18:00 to 19:30.

Agenda

OWASP Updates Manuel Lopez and Eduardo Cerna - OWASP Guadalajara

How to secure .NET Web Applications Raul Villavicencio Hoyos—Sr Analyst - Apps Prog .NET—Bank of America Objective: Present to IT Developers the .NET Framework built in features to protect .NET Web Applications and take advantage of them to avoid the most common attacks, BIO: Raul Villavicencio is a Developer/hands on Software Development Life Cycle based in Guadalajara Jalisco. His career span over 6 years including BA Continnum Mexico, Softtek, Jatco Mexico, Nissan Mexicana, Intramart and as Independent Consultant, Education includes Bachelor in Computational Systems Engineering from Universidad Autonoma de Aguascalientes, Microsoft Technology Specialist/Microsoft Professional Developer on ASP.NET 3.5.

PenTest con Herramientas Open Source Santiago Monterrosas—Security Engineer at MCM Telecom Duramte Julio-Septiembre del presente año se realizo un proyecto de pentesting para un firma de viajes que opera en México y algunos países extranjeros principalmente EU y Europa, la firma se dedica al turismo y vende reservaciones de hotel, avión, transportación, a personas y grupos, vía Internet. Para realizar los hallazgos en esta fase se acudio a herramientas tradicionales de hacking y para realizar ataques a los objetivos con direcciones IP Públicas se utilizo principalmente backtrack 5. En los ataques se utilzarón dos enfoques, uno basado en la métodología propuesta por Stutard Dafydd y Pinto, Marcus y otro en el enfoque de aplicar tantas herramientas como hallazgos se realicen pero siguiendo el top 10 de OWASP.


Festival de Software Libre 2012

Location: Hotel Holiday Inn, Puerto Vallarta, Jalisco, Mexico

Meeting Schedule: November 1st to November 3rd



OWASP Guadalajara - 3rd Chapter Meeting 2012

Location: Tata Consultancy Services Guadalajara: Auditorium TCS - 2nd. Floor. Av . Camino al Iteso # 8900 int C3 Colonia Pinar de la Calma Tlaquepaque, Jalisco México

Meeting Schedule: Monday September 17th at 17:00-19:30hrs

Material Reviewed

Media:Web_Application_Security_with_OWASP.pptx

Pictures of the Event

3.jpg
4.jpg



Software Guru Conference and Expo

Location: Centro de Convenciones Los Candiles Polanco, Mexico City

Meeting Schedule: Thursday, June 21st, 2012. From 9:00 to 10:00.

Overview

OWASP Guadalajara was invited by Software Guru magazine to participate in one of the most important events for developers in Mexico "Software Guru Conference and Expo 2012". We participated by presenting the topic "OWASP Top 10 Web Application Vulnerabilities". It was a great opportunity to meet with developers and professionals from the IT industry in Mexico but most important, to continue spreading the OWASP word and objective among developers, making them aware about the main risks and vulnerabilities that can be found on web applications as well as the main countermeasures that can prevent those vulnerabilities of being presented on their Web Apps.

We also had the opportunity to talk about the ESAPI and AppSensor OWASP projects and the benefits to implement them; moreover, we discussed about the various OWASP cheat sheets and OWASP Development guides. The audience was very interested and the time was not enough to continue talking about these topics. At the end, they were satissfied with the information provided and the links where they can find all resources needed to build secure applications. The raing of our speech was rated with 4.25/5; being 5 the highest grade!

We are looking forward to continue working with Software Guru!

Material Reviewed

Media:OWASP_Top_10_-_2010_Presentation_SGC.pptx

Pictures of the Event

166015 486522481361507 19875902 n.jpg
528089 486104368069985 1226805377 n.jpg



OWASP Guadalajara - 2nd Chapter Meeting 2012

Location: Intel Guadalajara

Address: Anillo Periferico Sur No. 7980 Edif. 4 E, Santa Maria Tequepexpan 44680 Guadalajara, Jalisco. Infront of “Centro Sur” within “Parque Industrial Intermex”.

Meeting Schedule: Wednesday, June 20th, 2012. From 18:30 to 20:00.

Speakers Background

Jaime Olmos de la Cruz—IPv6 Task Force Mexico IPv6 Task Force Mexico is by definition a National community integrated by engineers, network designers, operators, ISPs, investigators, students and volunteers motivated to archive a common goal, the development and deploy of networks aware of IPv6 protocol.

Somen Das— Cross-Site Request Forgery Application Security Analyst for Tata Consultancy Services Ltd. Specialized in Static & Dynamic application vulnerability assessment techniques, main focus is spreading awareness on secure application development and related guidelines across industry verticals. Local Chapter Leader - OWASP Bhubaneswar (India).

Eduardo Cerna Meza— Developing Secure Source Code (First Part) Information Security Engineer at Bank of America. Eduardo has over 15 years of experience in IT Management, Network Security and Operations. Core knowledge and skill areas include: Application Security, Vulnerability scanning, Intrusion Detection and Penetration Testing. (Black-Box, Grey-Box, White-Box).

Agenda

Media:OWASP_Guadalajara_Chapter_Meeting_June_20_2012.pdf

Material Reviewed

Media:OWASP Guadalajara_Jun20th_2012.pdf

Pictures of the Event

La foto 1.JPG
La foto 2.JPG
La foto 3.JPG
La foto 4.JPG
 



OWASP Guadalajara - Workshop at the DIVEC FEST 2012

Location: Faculty of Engineering of the University of Guadalajara

Address: Av. Revolución #1500 entre calle Corregidora y Calzada Olímpica. Tlaquepaque, Jalisco.

Meeting Schedule: Tuesday, March 20th, 2012. From 16:00 to 19:00.

Topic: OWASP - Application Security

Description: We will review two of the most common Web Application Attacks and Countermeasures for SQL Injection and Cross-Site Scripting (XSS) by using PAROS and WebGoat.

It was a great experience sharing this time with the students from the Faculty of Engineering of "Universidad de Guadalajara". We had the opportunity to teach the main concepts of SQL injection and Cross-Site Scripting. In addition, they had the chance to practice these concepts by using WebGoat and Paros in conjuction with the OWASP Cheat Sheets.

They showed interest at all time and we had a successfull session. All of them were really excited to know new techniques on Application Security. Be aware of our next event that will be held on April. We will keep you posted!

Here we have some pictures of the event.

DSCN5986.JPG
DSCN5983.JPG
DSCN5985.JPG
DSCN5990.JPG
 


Material Reviewed During the Session

Media:OWASP_Guadalajara_2012.pdf



OWASP Guadalajara - 1st Chapter Meeting 2012

Location: American Society of Jalisco

Address: Avenida San Francisco 3332, Col Chapalita, Guadalajara, Jalisco.

Meeting Schedule: Friday, March 2nd, 2012. From 19:30 to 21:00.

Topic: Anatomy of the Most Recent atacks from Anonymous and Contermeasures.

Description: Studying and anlyzing the most recent atacks performed by Anonymous. Theorical and practical session to identify risks and potential countermeasures on Web Applications.

Agenda

Media:OWASP Guadalajara Chapter Meeting - Mar 2nd 2012.pdf

Material Reviewed During the Session

As mentioned during the meeting, we will encourage you to bring your laptops in order to give each of you the opportunity to perform and to practice the excercises as well as to clarify all technical questions you may have.

Media:OWASP_Guadalajara.pdf‎