This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Leeds UK"

From OWASP
Jump to: navigation, search
Line 9: Line 9:
 
Jason has over 8 years of information security experience. He has an avid interest in web application security and especially web services security.
 
Jason has over 8 years of information security experience. He has an avid interest in web application security and especially web services security.
  
'''Nazli durrani''' Information Security Analyst/Auditor - NHS CFH
+
'''Nazli Durrani''' Information Security Analyst/Auditor - NHS CFH
 
Nazli is an experienced Information security analyst and auditor. She has an energetic interest in web application security.
 
Nazli is an experienced Information security analyst and auditor. She has an energetic interest in web application security.
  
Line 21: Line 21:
 
Martin is also the Vice chair of CREST Standards Committee and a very experienced security consultant.
 
Martin is also the Vice chair of CREST Standards Committee and a very experienced security consultant.
  
'''Mike woodhead''' Senior security consultant at Selex Communications ltd.  
+
'''Mike Woodhead''' Senior security consultant at Selex Communications ltd.  
 
Mike has over 9 years experience in the security industry, both as an ecommerce developer and penetration tester. While he has a well rounded skillset, mike prefers the challenge associated with web application testing.  
 
Mike has over 9 years experience in the security industry, both as an ecommerce developer and penetration tester. While he has a well rounded skillset, mike prefers the challenge associated with web application testing.  
  

Revision as of 20:10, 2 February 2010

OWASP Leeds UK

Welcome to the Leeds UK chapter homepage. This is a new chapter and we are looking for enthusiatic new members to make this one of the best OWASP chapters. We are hoping to accumalate a good proportion of subject matter experts who will in turn be able to provide guidance and presentations for the benefit of all chapter members. So please join the mailing list and contribute.


Chapter Board/Leaders

Jason Alexander Application Security Specialist - NHS Technology Office Jason has over 8 years of information security experience. He has an avid interest in web application security and especially web services security.

Nazli Durrani Information Security Analyst/Auditor - NHS CFH Nazli is an experienced Information security analyst and auditor. She has an energetic interest in web application security.

Nadim Nawaz SmoothWall Ltd Nadim is a Business Development Manager at SmoothWall Ltd. Nadim has over 8 years experience in the Internet Security Industry.

Simon Bennetts Technical Team Lead - Sage Ltd Simon is based in Manchester is leading up the OWASP Chapter meets for Manchester.

Martin Law Director - First Defence Information Security Limited Martin is also the Vice chair of CREST Standards Committee and a very experienced security consultant.

Mike Woodhead Senior security consultant at Selex Communications ltd. Mike has over 9 years experience in the security industry, both as an ecommerce developer and penetration tester. While he has a well rounded skillset, mike prefers the challenge associated with web application testing.

We can all be contacted through [email protected]


Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

Btn donate SM.gif to this chapter or become a local chapter supporter. Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG


<paypal>Leeds_UK</paypal>


Next Meetings

17th March 2010 June 16th 2010 September 15th 2010 December 8th 2010

More details to follow

Past Events

Date: 14th October 6:00pm

Location: Leeds Novotel, 4 Whitehall, Whitehall Quay, Leeds, LSI 4HR.

Schedule:

6:00pm - 6:15pm Registration & refreshments

6:15pm - 6:30pm OWASP Leeds Chapter Presentation - Jason Alexander

Introduction to OWASP and its charter. Leeds Chapter details.

6:30pm - 7:30pm "The right way to secure Oracle" - Pete Finnigan

The talk covers the process of securing an Oracle deatabase but with a proper focus to the task rather than simply following a checklist. A checklist is fine for general hardening but not for securing data as there is no method to ensure that the data that must be protected has indeed been protected.

7:30pm - 8:30pm "SQL Injection - how far does the rabbit hole go? " - Justin clarke

SQL Injection has been around for over 10 years, and yet it is still to this day not truly understood by many security professionals and developers. With the recent mass attacks against sites across the world it has again come to the fore of vulnerabilities under the spotlight, however many consider it to only be a data access issue, or parameterized queries to be a panacea. Explore some of the deeper, darker danger areas of SQL Injection, hybrid attacks, and exploiting obscure database functionality, and what we could possibly expect to see next out of this venerable application security issue.


Speaker Bio's

Jason Alexander

Currently a Security Specialist working for the NHS Technology Office. Jason has over 8 years of information security experience in a variety of business and public sectors from ISP's to goverment. Jason has a keen interest in web application and web services security and is the Leeds Chapter Leader.

Pete Finningan

Pete Finnigan specialises in the Security of Oracle databases. Pete has been interested in Oracle Security for many years and more recently in generally database security. Pete has also written the book "Oracle Security Step-by-step" and has produced many papers on the subject of oracle security. Pete has also produced a number of security tools that can aid in securing a database. More information can be found at Pete's web site http://www.petefinnigan.com

Justin Clarke

Justin has over 12 years experience in testing the security of networks, web applications and wireless networks for large financial, retail and technology clients from all around the globe. Justin is a contributing author to a number of security books and is the lead author of the book "SQL Injection Attacks and Defense" as well as a speaker at many conferences including Black Hat USA, RSA, SANS and OWASP. He is the author of the open source SQLBrute blind SQL injection exploitation tool, and is the chapter leader for the London chapter of OWASP. More information regarding Justin can be found on his company website http://www.gdssecurity.com/