|
|
(4 intermediate revisions by 2 users not shown) |
Line 1: |
Line 1: |
| + | |
| | | |
| |meetupurl=https://www.meetup.com/OWASP-Gwalior-Chapter/|region=Asia/Pacific/Middle East}} | | |meetupurl=https://www.meetup.com/OWASP-Gwalior-Chapter/|region=Asia/Pacific/Middle East}} |
Line 5: |
Line 6: |
| | | |
| '''Meeting Location''' | | '''Meeting Location''' |
− | ==Past Events==
| |
− |
| |
− | === '''2018 Past Events''' ===
| |
− |
| |
− | '''March 2018 - AppDynamics'''
| |
− |
| |
− | • 6:30 - Doors open
| |
− |
| |
− | • 7:00-7:30 - HUNT: Data Driven Web Hacking & Manual Testing (JP Villanueva)
| |
− |
| |
− | • 7:35-8:05 - Detecting suspicious activity: Time-based analysis of DNS traffic (Barak Raz)
| |
− |
| |
− | • 8:05-9:00 - Networking
| |
− |
| |
− | '''March 2018 - Intuit'''
| |
− |
| |
− | • 6:30 - Doors open
| |
− |
| |
− | • 7:00-7:30 New Attacks Against Unencrypted Traffic (Travis Hassloch)
| |
− |
| |
− | • 7:35-8:05 - "Offensive Defense" - The best defense is a good offense (Stephan Chenette)
| |
− |
| |
− | • 8:05-9:00 - Networking
| |
− |
| |
− | '''*Special Event* - February 2018 - HackerOne'''
| |
− |
| |
− | Hacker Thursday - Mobile Application Security
| |
− |
| |
− | '''*Special Event* - January 2018 - CircleCI'''
| |
− |
| |
− | Hacker Thursday - Application Security Automation with OWASP ZAP 2.7.0
| |
− |
| |
− | '''January 2018 - Smyte'''
| |
− |
| |
− | • 6:30 - Doors open
| |
− |
| |
− | • 6:45 - 6:55 News Bites (Lina)
| |
− |
| |
− | • 7:00-7:30 - Simple is Better: Fighting Online Abuse with Rate Limiter
| |
− |
| |
− | • 7:35-8:05 - Reporter -> P.I. -> Security Engineer - How Curiosity Led to an InfoSec Career (Tad Whitaker)
| |
− |
| |
− | • 8:10-8:40 - XXE Vulnerabilities: From the Beginning Till Now (Ivan Novikov)
| |
− |
| |
− | • 8:40-9:00 - Networking
| |
− |
| |
− | === '''2017 Past Events''' ===
| |
− |
| |
− | '''*Special Event* - December 2017 - Shape Security'''
| |
− |
| |
− | Hacker Thursday - Unorthodox Security Assessment: OSINT for Intelligent Attacks
| |
− |
| |
− | Nutan Kumar Panda
| |
− |
| |
− | '''December 2017 - Contrast Security'''
| |
− |
| |
− | • 6:30 - Doors open
| |
− |
| |
− | • 6:45-7:00 - Welcome
| |
− |
| |
− | • 7:00-8:00 - Three Ways of Security (Jeff Williams)
| |
− |
| |
− | • 8:00-9:00 - Networking and Giveaways!
| |
− |
| |
− | '''November 2017 - Credit Karma'''
| |
− |
| |
− | • 6:30 - Doors open
| |
− |
| |
− | • 6:45-7:00 - News with Hardeep Singh
| |
− |
| |
− | • 7:00-7:30 - Three Keys for SecDevOps Success (Frank Kim)
| |
− |
| |
− | • 7:35-8:05 - TLS for Microservices (Michael Cline)
| |
− |
| |
− | • 8:05-9:00 - Networking
| |
− |
| |
− | '''*Special Event* - November 2017 - Credit Karma'''
| |
− |
| |
− | Hacker Thursdays: Learn secure coding with a live tournament
| |
− |
| |
− | Stephen Allor
| |
− |
| |
− | '''*Special Event* - October 2017 - ShieldX Networks'''
| |
− |
| |
− | Hacker Thursdays:- Dissecting Injection vulnerabilities
| |
− |
| |
− | Matt Torbin
| |
− |
| |
− | '''September 2017 - Distil Networks'''
| |
− |
| |
− | • 6:30 Doors Open
| |
− |
| |
− | • 6:45 - 7:15 "The Great Bot Gift Card Heist" - Kevin Bottomley
| |
− |
| |
− | • 7:20 - 7:50 "Scaling Application Security with DevSecOps" - Abhay Bhargav
| |
− |
| |
− | • 7:55 - 8:25 "The Struts Vulnerability" - Prashant Venkatesh
| |
− |
| |
− | • 8:25 - 9:00 Networking
| |
− |
| |
− | • 9 Doors Close
| |
− |
| |
− | '''September 2017 - Intuit'''
| |
− |
| |
− | • 6:30 Doors Open
| |
− |
| |
− | • 6:45 - 7:15 "Making Vulnerability Management Less Painful with OWASP DefectDojo" - Greg Anderson
| |
− |
| |
− | • 7:20 - 7:50 "Crikey! Pirates Be Lurkin' at the Single Sign-On Watering Hole" - Mike Hunter
| |
− |
| |
− | • 7:55 - 8:25 "There’s a new sheriff in town; dynamic security group recommendations with Grouper and Dredge" - Kevin Glisson
| |
− |
| |
− | • 8:25 - 9:00 Networking
| |
− |
| |
− | • 9 Doors Close
| |
− |
| |
− | '''September 2017 - Lending Club'''
| |
− |
| |
− | • 6:30 Doors Open
| |
− |
| |
− | • 6:45 - 7:25 "Introducing the OWASP Game Security Framework" - Daniel Miessler
| |
− |
| |
− | • 7:30 - 8:10 "Motherhood, Mental Health, and a Career in CyberSecurity" - Caroline Wong
| |
− |
| |
− | • 8:10 - 9 Networking
| |
− |
| |
− | • 9 Doors Close
| |
− |
| |
− | '''*Special Event* - September 2017 - Lending Club'''
| |
− |
| |
− | Web Application Penetration Basics
| |
− |
| |
− | Ty Sbano
| |
− |
| |
− | '''June 2017 - Lending Club'''
| |
− |
| |
− | • 6:30 Doors Open
| |
− |
| |
− | • 6:45 - 7:25 "Introducing the OWASP Game Security Framework" - Daniel Miessler
| |
− |
| |
− | • 7:30 - 8:10 "Motherhood, Mental Health, and a Career in CyberSecurity" - Caroline Wong
| |
− |
| |
− | • 8:10 - 9 Networking
| |
− |
| |
− | • 9 Doors Close
| |
− |
| |
− | '''May 2017 - Netflix (videos on youtube)'''
| |
− |
| |
− | • 6:30 Doors Open
| |
− |
| |
− | • 6:45 - 7:15 "All you email are belong to us: exploiting vulnerable email clients via domain name collision" - Ilya Nesterov and Maxim Goncharov
| |
− |
| |
− | • 7:20 - 7:40 "Attacking & Defending DevOps" - Patrick Thomas
| |
− |
| |
− | • 7:45 - 8:05 "LISA - Location Independent Security Approach" - Bryan Zimmer
| |
− |
| |
− | • 8:05 - 9 Networking and Netflix OSS expo
| |
− |
| |
− | • 9 Doors Close
| |
− |
| |
− | '''April 2017 - Pandora (videos on youtube)'''
| |
− |
| |
− | • 6:30 Doors Open
| |
− |
| |
− | • 6:45 - 7:30 "Effective AppSec Metrics" - Caroline Wong
| |
− |
| |
− | • 7:35 - 8:20 "IoT Exploitation 101" - Aditya Gupta
| |
− |
| |
− | • 8:25 - 9:00 Networking
| |
− |
| |
− | • 9:00 Doors Close
| |
− |
| |
− | '''March 2017 (2) - Ebay'''
| |
− |
| |
− | • 6:30 Doors Open
| |
− |
| |
− | • 6:45 - 7:15 "Cracking Financial Systems" - John Menerick
| |
− |
| |
− | • 7:20 - 7:50 "Hacking Mainframes" - Philip Young
| |
− |
| |
− | • 7:55 - 8:25 "Hacking Smart Door Locks with Bluetooth Relay Attacks" - Mike Ryan
| |
− |
| |
− | • 8:25 - 9 Networking
| |
− |
| |
− | • 9 Doors Close
| |
− |
| |
− | '''March 2017 - NetSpi'''
| |
− |
| |
− | • 6:30 Doors Open
| |
− |
| |
− | • 6:45 - 7:15 "Cracking Financial Systems" - John Menerick
| |
− |
| |
− | • 7:20 - 7:50 "SQL Server Security" - Scott Sutherland
| |
− |
| |
− | • 7:50 - 9 Networking
| |
− |
| |
− | • 9 Doors Close
| |
− |
| |
− | '''January 2017 (2) - Synack'''
| |
− |
| |
− | • 6:30 Doors Open
| |
− |
| |
− | • 6:45 - 7:30 Talk 1
| |
− |
| |
− | Robert Wood - Bringing Red Teaming to the Board Room
| |
− |
| |
− | • 7:45 - 8:30 Panel Discussions
| |
− |
| |
− | • 8:30+ Networking
| |
− |
| |
− | • 9 Doors Close
| |
− |
| |
− | '''January 2017 - Bleacher Report'''
| |
− |
| |
− | • 6:30 Doors Open
| |
− |
| |
− | • 6:45 - 7:30 Talk 1
| |
− |
| |
− | Robert Wood - Bringing Red Teaming to the Board Room
| |
− |
| |
− | • 7:45 - 8:30 Talk 2
| |
− |
| |
− | Rob Witoff - Security Automation With Immutable Infrastructure
| |
− |
| |
− | • 8:30+ Networking
| |
− |
| |
− | • 9 Doors Close
| |
− |
| |
− | === '''2016 Past Events''' ===
| |
− | '''November (2) 2016 - Linkedin'''
| |
− |
| |
− | • 6:30 Doors Open
| |
− |
| |
− | • 6:45 - 7:30 Talk 1 (Rohit Pitke, Mukul Khullar - A walkthrough on AWS Security Pitfalls)
| |
− |
| |
− | • 7:45 - 8:30 Talk 2 (Scott Behrens - Cleaning Your Applications' Dirty Laundry With Scumblr )
| |
− |
| |
− | • 8:30+ Networking
| |
− |
| |
− | '''November 2016 - Salesforce'''
| |
− |
| |
− | • 6:30 Doors Open
| |
− |
| |
− | • 6:45 - 7:30 Talk 1 -Will Bengston and Travis McPeak - Jumpstart a Bandit Program in Your Organization
| |
− |
| |
− | • 7:45 - 8:30 Talk 2 - Kuba Sendor (@jsendor), Yelp - "Slicing Apples with Ninja Sword: Fighting Malware at the Corporate Level"
| |
− |
| |
− | '''September 2016 - Twitter'''
| |
− |
| |
− | • 6:30 Doors Open
| |
− |
| |
− | • 6:45 - 7:30 Talk 1 - Ron Hamilton, Performance Technology Partners (PTP)
| |
− |
| |
− | • 7:45 - 8:30 Talk 2 - Luca Carettoni, LinkedIn Defending against Java Deserialization Vulnerabilities
| |
− |
| |
− | '''June 2016 - Visa'''
| |
− |
| |
− | 6:30 - Doors Open
| |
− |
| |
− | 6:45 - Talk 1 - Secure by Default Stack: Web Application Security Infrastructure - Pritam Mungse, Visa
| |
− |
| |
− | 7:30 - Break
| |
− |
| |
− | 7:40 - Talk 2 - Research on HTTPS error storage policies, Adrienne Porter Felt, Google
| |
− |
| |
− | 8:30 - Networking
| |
− |
| |
− | '''May 2016 - Thoughtworks'''
| |
− |
| |
− | • 6:30 Doors Open
| |
− |
| |
− | • 6:45-7:45 Chris Steipp, Security Team - Wikimedia (How the Wikimedia Foundation promotes security in the open-source projects)
| |
− |
| |
− | • 7:50 - 8:20 Michael Coates, TISO at Twitter & Kyle Randolph, Principal Security Engineer at Optimizely - Strategies for growing your AppSec team & influence
| |
− |
| |
− | • 8:20+ Networking
| |
− |
| |
− | '''April 2016 - Lending Club'''
| |
− |
| |
− | 6:30- Doors Open
| |
− |
| |
− | 6:40 - 7:15 - Joe Rozner, Richard Meester, Prevoty - Sinking Your Hooks in Applications (from AppSecUSA 2015)
| |
− |
| |
− | 7:20 - 7:55 - Martin Vigo, Salesforce - Attacks on LastPass (from BlackHat 2015)
| |
− |
| |
− | 8:00 - 8:25 - Russell Sherman and Jonathan Carter, Lending Club –Adventures in Running Your Own CTF
| |
− |
| |
− | '''February 2016 - RiskIQ'''
| |
− |
| |
− | === 2015 Past Events ===
| |
− | OWASP AppSecUSA was held in San Francisco in September, 2015 - the biggest OWASP conference to date!
| |
− |
| |
− |
| |
− | ==== Older Events ====
| |
− | [[Owasp Gwalior Past Events]]
| |