OWASP Leeds UK
Welcome to the Leeds UK chapter homepage. This is a new chapter and we are looking for enthusiatic new members to make this one of the best OWASP chapters. We are hoping to accumalate a good proportion of subject matter experts who will in turn be able to provide guidance and presentations for the benefit of all chapter members. So please join the mailing list and contribute.
Details of your chapter Board members can be found here Leeds_UK_chapter_leaders
The chapter email address is [email protected]
OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.
to this chapter or become a local chapter supporter. Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member?
2010 Planned Meetings
Date: Wednesday 16th June
Location: Lecture Room EBA102A, Ellison Building, School of Applied Sciences, Northumbria University, Newcastle upon Tyne, NE1 8ST
The venue is being kindly provided by Northumbria University, an OWASP education sponsor. [www.northumbria.ac.uk]
Schedule: 18:00 for 18:20 start
18:20 - 18:30
OWASP Chapter introduction. OWASP values. Chapter information.
Jason Alexander - OWASP Leeds/Northern Chapter Board Member
18:30 - 18:50
ENISA Common Assurance Maturity Model
OWASP is contributing to the development of an international information assurance framework, principally aimed at identifying a set of security controls mapped to maturity levels for cloud computing services. The framework has been split into a number of domains and OWASP's contributors are working on the o "software development" domain. The presentation will discuss the project, work to-date on the maturity model and how this relates to OWASP SAMM.
Colin Watson -
18:50 - 19:20
Open Source Software Myths
(details to follow)
David Anumudu - Software Security Consultant for Fortify Software EMEA
19:20 - 20:05
SSL/TLS - Just when you thought it was safe to return
2009 was a serious year in breaking secure protocols. SSL/TLS was no different. Hacking SSL/TLS has a big return as a blackhat hacker, once you penetrate a corporate network, stealing login details and passwords are just the beginning. SSL VPN's can also be vulnerable to a number of attacks. There are a number of tools and techniques that are readily available that can make defeating SSL/TLS both simple and well within the reach of the unauthorized attackers.The talk focuses on the research and tools of Moxie Marlinspike, who has gained an excellent reputation as an independent security research. With some interesting attack vectors, you'll be surprised at the results one can achieve.
Arron Finnon - www.finux.co.uk
20:05 - 20:30
OWASP AppSensor - The Self-Aware Web Application
An overview of the AppSensor project which defines a conceptual framework and methodology on the implementation of an application layer intrusion detection and automated response system within a web application.
Colin Watson -