Disclaimer: Banner ads are not endorsements and reflect the messages of the advertiser only. | More Information
Welcome to the Milwaukee chapter homepage. Click here to join the local chapter mailing list.
Call For Papers
If you are a builder, breaker, or defender, we would love to have you share your knowledge with us. We may even hold a few meetings dedicated to FireTalk style presentations, so feel free to submit talks of any length. Additionally, if you would really like to learn about a specific topic, please feel free to share ideas with the group. Someone may already have experience and be willing to present. Email Us with your submission (it doesn't have to be anything too formal).
The chapter leader is Trenton Ivey. Additional Chapter leaders are:
September 30th, 2014
- What: Talk: All of the bad things hackers can do to your unprotected mobile apps
- Abstract: Recently, there has been a new addition to the OWASP Mobile Top Ten Risks. At AppSec California, OWASP debuted the 2014 list and briefly highlighted examples of threats in the new M10 category. In this talk, we discuss the new category in much more depth. This presentation educates the audience about the prevalence of binary risks in both iPhone and Android mobile apps. We will highlight mobile app risks that relate to this new category, as well as others, and how to leverage particular OWASP Projects for the solution. By the end of this talk, attendees will have a solid understanding of binary risk and how to begin thinking about solutions to this mobile app risks.
- Who: Matt Clemens is a Security Solutions Architect for Arxan Technologies, focusing on application security. Before joining Arxan in 2013 Matt spent 20 years in a variety of roles in the semiconductor and embedded processor industries.
- When: 6:00 PM
- Where: 247 W. Freshwater Way, Milwaukee, WI 53204
- Note: Please use the S. 3rd street entrance. Parking is available just north of the intersection of Freshwater Way and S 3rd Street
- Online Stream: https://plus.google.com/u/1/events/ctubnn1q91ri7hsue473at2u6d8
- Note: We were told that the wireless may be spotty. If there are issues with streaming the talk live, we will post it online afterwards.
- August 26th, 2014 Informal dinner get together @Mo's Irish Pub with MilSec
- July 29th, 2014 Informal dinner get together @Mo's Irish Pub with MilSec
- June 24th, 2014: Informal dinner get together @Mo's Irish Pub with MilSec
- May 27th, 2014: Talk: A History of Hiding Things
- April 29th, 2014: Informal dinner get together @Mo's Irish Pub
- March 25th, 2014: OWASP Trivia Night @MATC Mequon Campus
- February 25th, 2014: Informal dinner get together @Mo's Irish Pub
- January 28th, 2014: snOWASP 2014 - Cancled Due to Weather
- December 31st, 2013: - No Meeting for the New Year
- November 26th, 2013: 2013 OWASP Top Ten (Talk by Trenton Ivey)
- Description: The OWASP Top Ten provides information about the most critical web application security flaws found on the internet. OWASP recently updated the list. This talk reviewed the 2013 OWASP Top Ten. There were be plenty of demos to help explain the security flaws on the list.
- October 29th, 2013: Informal dinner get together @Mo's Irish Pub
- September 24th, 2013: Talk by Doug Rogahn: Low Tech Hacking
- Description: Doug spoke about Low(er) Tech ways to hack and how to prevent physical security vulnerabilities. Your web server is only as secure as the place it is stored. This talk provided an opertunity to learn how to pick door locks, clone RFID cards, lift fingerprints for biometric readers, and escape from handcuffs (note: if you use your skills for good, you probably will never need this last skill. OWASP does not endorse criminal activity.)
- Speaker Bio: Doug has worked as an Ethical Hacker and Application Penetration Tester for FIS for the last 3 ½ years. He has always had an interest in finding out how things work and finding interesting ways to accomplish tasks. He enjoys combining his knowledge of how things work to find unintended ways of bypassing safeguards. As an ethical hacker for FIS Doug has championed the cause of needing to test all possible entry points including physical security. He has been picking locks as a hobby for nearly 20 years but recently has brought his knowledge to the next level through additional training and practice.
- August 27th, 2013: Informal dinner get together @Mo's Irish Pub
- July 30th, 2013: Talk by Zach Grace: Web Application Fuzzing Techniques
- Description: Zach demonstrated web application fuzzing techniques using Burp Intruder and fuzzdb. The techniques included parameter fuzzing, URL fuzzing, brute forcing, and results analysis. Zach showed how fuzzing can help zero in on application flaws quicker, making testing more efficient.
- Speaker Bio: Zach Grace is the Manager of Penetration Testing and a penetration tester at 403 Labs. Zach spends most of his time exploring and exploiting client systems that range from large corporations and financial institutions, to universities and small mom and pop shops. Zach enjoys analyzing the subtle nuances of his penetration testing targets, so he can continue challenge himself while evolving his techniques.
- June 25th, 2013:Informal dinner get together @Mo's Irish Pub
- May 28th, 2013: Talk by Neal Bridges: Ninja Tactics
- Neal Bridges, a former Network Warfare Operator for the Air Force, a SANS instructor, and a Senior Network Penetration Tester at FIS will be talking about Ninja Tactics (i.e. covert hacking) and how to detect and avoid Ninja's in your network.
- April 30th, 2013: Informal dinner get together @Mo's Irish Pub
- March 26th, 2013: Firetalks:
- Phil Gonzalez: 5up34 1337 [email protected] (or more accurately, getting back to basics)
- Trenton Ivey: An Intro to RSA Cryptography
- February 26th, 2013: Cancelled Due to Weather
- January 30th, 2013: Informal dinner get together @Mo's Irish Pub
OWASP facilitates many projects. As OWASP Milwaukee contributes to these projects, we will add updates to this tab.
OWASP Foundation (Overview Slides) is a professional association of global members and is and open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.
Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member?