This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Leeds UK"

From OWASP
Jump to: navigation, search
(2010 Planned Meetings)
(Next Meeting)
Line 23: Line 23:
 
'''Date:''' Wednesday 16th June   
 
'''Date:''' Wednesday 16th June   
  
No confirmed speakers or Bio's as yet - Any volunteers should contact either Jason or one of the other [[Leeds_UK_chapter_leaders]]
+
'''Location:''' Lecture Room EBA102A, Ellison Building, School of Applied Sciences, Northumbria University, Newcastle upon Tyne, NE1 8ST
 +
 
 +
The venue is being kindly provided by Northumbria University, an OWASP education sponsor. [www.northumbria.ac.uk]
 +
 
 +
'''Schedule: 18:00 for 18:20 start'''
 +
 
 +
'''18:20 - 18:30'''
 +
 
 +
OWASP Chapter introduction. OWASP values. Chapter information.
 +
 
 +
''Jason Alexander - OWASP Leeds/Northern Chapter Board Member''
 +
 
 +
'''18:30 - 18:50'''
 +
 
 +
ENISA Common Assurance Maturity Model
 +
 
 +
OWASP is contributing to the development of an international
 +
information assurance framework, principally aimed at identifying a
 +
set of security controls mapped to maturity levels for cloud computing
 +
services.  The framework has been split into a number of domains and
 +
OWASP's contributors are working on the o "software development"
 +
domain.  The presentation will discuss the project, work to-date on
 +
the maturity model and how this relates to OWASP SAMM.
 +
 
 +
''Colin Watson -''
 +
 
 +
'''18:50 - 19:20'''
 +
 
 +
Open Source Software Myths
 +
 
 +
(details to follow)
 +
 
 +
''David Anumudu - Software Security Consultant for Fortify Software EMEA''
 +
 
 +
'''19:20 - 20:05'''
 +
 
 +
SSL/TLS - Just when you thought it was safe to return
 +
 
 +
2009 was a serious year in breaking secure protocols.  SSL/TLS was no different.  Hacking SSL/TLS has a big return as a blackhat hacker, once
 +
you penetrate a corporate network, stealing login details and passwords are just the beginning.  SSL VPN's can also be vulnerable to a number of attacks.  There are a number of tools and techniques that are readily available that can make defeating SSL/TLS both simple and well within the reach of the unauthorized attackers.The talk focuses on the research and tools of Moxie Marlinspike, who has gained an excellent reputation as an independent security research. With some interesting attack vectors, you'll be surprised at the results one can achieve.
 +
 
 +
''Arron Finnon - www.finux.co.uk''
 +
 
 +
'''20:05 - 20:30'''
 +
 
 +
OWASP AppSensor - The Self-Aware Web Application
 +
 
 +
An overview of the AppSensor project which defines a conceptual framework and methodology on the implementation of an application layer intrusion detection and automated response system within a web application.
 +
 
 +
''Colin Watson -''
  
 
== Past Events ==
 
== Past Events ==

Revision as of 16:20, 24 May 2010

OWASP Leeds UK

Welcome to the Leeds UK chapter homepage. This is a new chapter and we are looking for enthusiatic new members to make this one of the best OWASP chapters. We are hoping to accumalate a good proportion of subject matter experts who will in turn be able to provide guidance and presentations for the benefit of all chapter members. So please join the mailing list and contribute.

Details of your chapter Board members can be found here Leeds_UK_chapter_leaders

The chapter email address is [email protected]


Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

Btn donate SM.gif to this chapter or become a local chapter supporter. Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG


<paypal>Leeds_UK</paypal>


2010 Planned Meetings

September 15th

December 8th

Next Meeting

Date: Wednesday 16th June

Location: Lecture Room EBA102A, Ellison Building, School of Applied Sciences, Northumbria University, Newcastle upon Tyne, NE1 8ST

The venue is being kindly provided by Northumbria University, an OWASP education sponsor. [www.northumbria.ac.uk]

Schedule: 18:00 for 18:20 start

18:20 - 18:30

OWASP Chapter introduction. OWASP values. Chapter information.

Jason Alexander - OWASP Leeds/Northern Chapter Board Member

18:30 - 18:50

ENISA Common Assurance Maturity Model

OWASP is contributing to the development of an international information assurance framework, principally aimed at identifying a set of security controls mapped to maturity levels for cloud computing services. The framework has been split into a number of domains and OWASP's contributors are working on the o "software development" domain. The presentation will discuss the project, work to-date on the maturity model and how this relates to OWASP SAMM.

Colin Watson -

18:50 - 19:20

Open Source Software Myths

(details to follow)

David Anumudu - Software Security Consultant for Fortify Software EMEA

19:20 - 20:05

SSL/TLS - Just when you thought it was safe to return

2009 was a serious year in breaking secure protocols. SSL/TLS was no different. Hacking SSL/TLS has a big return as a blackhat hacker, once you penetrate a corporate network, stealing login details and passwords are just the beginning. SSL VPN's can also be vulnerable to a number of attacks. There are a number of tools and techniques that are readily available that can make defeating SSL/TLS both simple and well within the reach of the unauthorized attackers.The talk focuses on the research and tools of Moxie Marlinspike, who has gained an excellent reputation as an independent security research. With some interesting attack vectors, you'll be surprised at the results one can achieve.

Arron Finnon - www.finux.co.uk

20:05 - 20:30

OWASP AppSensor - The Self-Aware Web Application

An overview of the AppSensor project which defines a conceptual framework and methodology on the implementation of an application layer intrusion detection and automated response system within a web application.

Colin Watson -

Past Events

2010 Dates

17th March - Leeds

2009 Dates

14th October 2009 - Leeds