This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Minneapolis St Paul"

From OWASP
Jump to: navigation, search
m (Updated Chapter Leaders)
 
(324 intermediate revisions by 13 users not shown)
Line 1: Line 1:
{{Chapter Template|chaptername=Minneapolis St Paul|extra=The chapter leader is [Kuai]|mailinglistsite=https://lists.owasp.org/mailman/listinfo/owasp-twincities|emailarchives=https://lists.owasp.org/pipermail/owasp-twincities}}
+
__NOTOC__ {{Chapter Template|chaptername=Minneapolis-St. Paul (OWASP MSP)|extra=The chapter leadership [mailto:alex.[email protected]owasp.org Alex Bauert].<br>
  
<h2>NEWS - OWASP becomes an affiliate of UMSA in support of the Secure 360 conference.</h2>
+
We use [http://www.meetup.com/OWASP-MSP-Meetup/?scroll=true Meetup.com] for announcements and sometimes, depending on the event [https://www.eventbrite.com Eventbrite.com] for RSVP's to organize events and meetings.
<b>Secure360°™ </b>is an annual conference providing high quality educational sessions and networking opportunities while working to identify developing trends in risk management, physical security, governance, audit, information security, contingency planning and human capital. As the host of Secure360°, UMSA strives to provide expert speakers, informative educational sessions and a wide range of exhibits for the collective membership and resources of individual associations, supplier partners and general public. (See the Members & Affiliates page for further information.)
 
http://www.secure360.org/index.html
 
  
 +
|mailinglistsite=https://lists.owasp.org/mailman/listinfo/owasp-twincities|emailarchives=https://lists.owasp.org/pipermail/owasp-twincities}}
 +
<br><br>
  
 +
== Corporate Sponsors  ==
 +
<!--
 +
<table border="0">
 +
<tr><td>
 +
<div style="background:#FFFFFF;padding:10px;width:340px;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;[[Image:Advance it minnesota logo.png|120px|link=http://advanceitmn.org]] </div>
 +
</td>
 +
<td>
 +
<div style="background:#FFFFFF;padding:10px; width:290px">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;[[Image:Best Buy logo.jpg|link=http://www.bestbuy.com/]]</div>
 +
</td>
 +
-->
 +
<table border="0">
 +
<tr>
 +
<td>
 +
<div style="background:#FFFFFF;padding:10px; width:290px">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;FICO</div>
 +
</td>
 +
</tr>
 +
<table>
 +
<br>
  
== Upcoming Speakers: ==
+
= Upcoming Meetings and Events =
 +
== OWASP-MSP Upcoming Chapter Meeting  ==
  
'''Gunnar Peterson''' will be presenting "Breaking Web Services" on July 7. See announcement below.
+
'''When:''' Reference [http://www.meetup.com/OWASP-MSP-Meetup/?scroll=true Meetup.com] for announcements.
 +
<!--
 +
'''Where:'''
 +
Ewald Conference Center
 +
1000 Westgate Drive #252
 +
St. Paul, MN
  
'''Brian Chess''' will speak Wednesday September 3rd -"Creating secure code requires more than just good intentions. Programmers need to know how to make their code safe in an almost infinite number of scenarios and configurations. Static source code analysis gives users the ability to review their work with a fine tooth comb and uncover the kinds of errors that lead directly to vulnerabilities. This talk frames the software security problem and shows how static analysis is part of the solution".
+
'''Presentation:''' Red Team
  
'''Gary McGraw''' - We are in the process of organizing a mini conference in Minneapolis for the month of October and are pleased to announce Gary McGraw has accepted our invitation to be our keynote speaker for this event. Stay tuned for more details!!
+
'''Presenter:''' Ryan Manship
 +
-->
 +
<!--
 +
'''Not sure if you are a current member?''' [https://docs.google.com/spreadsheets/d/142z7ByBQYMrszB1CGD30UC_XHpVX6zwvrkOgse5VO1Y/edit?usp=sharing Member Directory]
 +
-->
 +
<!--
 +
'''REGISTRATION LINK:''' [https://www.eventbrite.com/e/owasp-msp-september-2016-chapter-meeting-tickets-27533084196 Eventbrite Signup Link for Event]
 +
-->
 +
<!--
 +
== OWASP-MSP Upcoming Chapter meeting  ==
  
'''Andrew van der Stock''' has agreed to visit our chapter and discuss the new Enterprise Security API. We do not have an exact day yet, so stay tuned.
 
  
== Next meeting: Monday, July 7 at 6:00 pm ==
+
'''When:''' Wednesday, May 11th @ 6:00 - 8:00 PM
  
=== Gunnar Peterson - Breaking Web Services ===
+
'''Title:''' Evil Twin Attack with Wifiphisher
To help us ensure we have adequate space, '''please register''' at http://www.go-integral.net/?q=GunnarPjuly
 
  
==== Topic Overview ====
+
This presentation will revolve around Wifiphisher, a security tool which automates the process of Evil Twin attack in order to mount fast phishing attacks against Wi-Fi networks. It is an open-source software that is heavily used by the wireless hacking community and comes with
SOA and Web services promise wonderful interoperability, but distributed systems create lots of room for fantastic failures. This session will explore the gory details of unique vulnerabilities at each layer of the SOA stack - from the WSDL interfaces to XML processing (XSD, XPath and XQuery), to the implementation languages liike Java and C#, to new security standards like WS-Security and SAML.
+
its community-built templates for different phishing scenarios.  
  
Gunnar gave this talk with Brian Chess at the [https://cm.rsaconference.com/US08/catalog/controller/catalog 2008 RSA Conference].
 
  
==== Speaker Bio ====
+
Common defenses for reducing the associated risk will also be discussed, including Wireless Intrusion Detection & Prevention Systems, 802.1X Port Access Control for robust mutual authentication and security awareness
 +
training.
  
Gunnar Peterson is a Managing Principal at Arctec Group focused on architecture consulting and training. Peterson is an Associate Editor for IEEE Security & Privacy Journal; leads the OWASP XML Security Gateway Evaluation Criteria project; and contributor to the SEI and DHS Build Security In portal on software security. He maintains a blog at http://1raindrop.typepad.com.
+
'''Speaker:''' George Chatzisofroniou (@_sophron) is a security engineer at CENSUS S.A. His research interests include cryptography, Wi-Fi hacking, network security and web security. He is the lead developer of the popular open-source wireless hacking tool "Wifiphisher".
  
==== Location ====
+
'''Location:''' Best Buy - Headquarters 7601 Penn Ave S, Richfield, MN (Use the Visitor parking off Penn and the Visitor Entrance)
  
[http://www.minneapolis.edu/ Minneapolis Community and Technical College]<br />
+
'''RSVP:'''
1501 Hennepin Ave, Minneapolis<br />
 
Whitney Center, Room L3100 (3rd Floor)
 
  
'''Map''': http://www.minneapolis.edu/campusmaps/index.cfm
+
at Eventbrite [http://bit.ly/1TaCKb8]
  
Park in the ramp (R) - move through the T building (T) and go to Whitney Hall (L).
+
'''Agenda:''' <br/>
 +
5:30 PM Room opens for networking and CPE signup<br/>
 +
6:00 PM Welcome: OWASP chapter update and Chapter Presentation<br/>
 +
7:45 PM Wrap-up<br/>
 +
-->
 +
<!-- Thank You OWASP Chapter Budget for sponsoring our meeting location. -->
  
==== Agenda: ====
+
<!-- '''Follow''' OWASP MSP on your favorite social media sites:  
  
  6:00 pm - Introduction and Optional sign-in for CISSP credits
 
  6:10 pm - Welcome: OWASP chapter updates (Kuai Hinojosa)
 
  6:20 pm – Breaking Web Services (Gunnar Peterson)
 
  7:55 pm – Break
 
  8:05 pm – Book Giveaway
 
  8:10 pm  - Upcoming Events reminder and meeting wrap – up
 
  
==== Thank You ====
+
[[Image:Linkedin_mini.png|link=http://www.linkedin.com/groupInvitation?groupID=2184116]]
[http://www.strategicit.org/ Center for Strategic Information Technology and Security] for sponsoring our location.
+
[[Image:Twitter_mini.png|link=http://twitter.com/owaspmsp]] [[Image:Facebook_mini.png|link=http://www.facebook.com/pages/OWASP-Minneapolis-St-Paul-OWASP-MSP-OWASPMSP/113583361381]]  
  
[http://www.go-integral.com/ Integral] will be sponsoring refreshments for the meeting.
+
<br> -->
  
We are still looking for a book give-away sponsor and for sponsors for upcoming meetings.
 
Call Lorna at 651-338-0243 if you need directions or have questions.
 
  
== July Meeting: Monday, July 7, 6:00 p.m. ==
 
  
'''Gunnar Peterson''' (Arctec)  will be presenting "Breaking Web Services". Gunnar gave this talk with Brian Chess at the past RSA conference. Another interesting topic don't forget to bring lots of questions to this presentation as well.
+
<!-- = Media and Documents = -->
 +
<!--
 +
Videos of past meetings are available at the [[OWASPMSP Videos]] node, the [http://vimeo.com/channels/owaspmsp OWASP MSP Vimeo Channel], and [http://vimeo.com/owasp http://vimeo.com/owasp].  
 +
-->
 +
<!-- === Content  === -->
  
== September Meeting: Wednesday September 3rd ==
 
  
'''Brian Chess''' (Fortify Software)
 
  
Creating secure code requires more than just good intentions. Programmers need to know how to make their code safe in an almost infinite number of scenarios and configurations. Static source code analysis gives users the ability to review their work with a fine tooth comb and uncover the kinds of errors that lead directly to vulnerabilities. This talk frames the software security problem and shows how static analysis is part of the solution.
+
<!-- You can find our Chapter Videos at https://vimeo.com/user56799697 -->
 
Highlights include:
 
* The most common security short-cuts and why they lead to security failures
 
* Why programmers are in the best position to get security right
 
* Where to look for security problems
 
* How static analysis helps
 
* The critical attributes and algorithms that make or break a static analysis tool
 
 
We will look at how static analysis works, how to integrate it into the software development processes, and how to make the most of it during security code review.
 
  
<h2>Videos:</h2>
 
  
<p>Videos of several past meetings are available at https://www.owasp.org/index.php/Category:OWASP_Video#Videos</p>
 
  
<h2>Upcoming Events:</h2>
+
<!--
<p>We are working in a '''mini conference in Minneapolis''' for the week of October 21st. We are still working on the logistics, but we promise this going to be an interesting and unique event. Lots of great speakers and opportunities to participate. Stay tuned for more information. Also, please feel free to submit suggestions for this event and post an email to the mailing list owasp-twincities_at_lists.owasp.org</p>
+
Igor Matlin - Warning: Security Storms are Brewing in Your JavaScript - OWASP (MSP) - May 2015
  
<p>We are looking for sponsors! Contact Kuai or Lorna if you are interested, any contributions to the local chapter would be highly appreciated.</p>
+
Gene Kim - Rugged DevOps - OWASP (MSP) - 7 November 2011 (61 minutes) [http://vimeo.com/36342207 Vimeo Video]
  
<p>'''OWASP NYC AppSec 2008''' Sept 24-25th - Don't miss the NYC AppSec conference! <br />
+
Michael Coates - Attack Aware Applications (AppSensor) - OWASP (MSP) - 18 April 2011 (75 minutes) [https://owasp.webex.com/owasp/ldr.php?AT=pb&SP=MC&rID=87764002&rKey=14191b8f8c73dabc WebEx Replay]
http://www.owasp.org/index.php/OWASP_NYC_AppSec_2008_Conference/.</p>
 
  
<p>'''DC612''' meetings<br />
+
Dan Cornell - Smart Phones, Dumb Apps - OWASP (MSP) - 7 December 2010 (93 minutes) [http://vimeo.com/17692646 Vimeo Video]
2nd Thursday of the month<br />
 
http://www.dc612.org/</p>
 
  
<p>
+
Gunnar Peterson - Audit Logging Done Right - OWASP (MSP) - 20 September 2010 (55 minutes) [http://vimeo.com/15423426 Vimeo Video]
'''MN ISSA-''' Meets on Tuesday July 15th at the Four Points Sheraton, 1330 Industrial Blvd. Mpls, MN. For more information on speakers and topics.
 
http://www.mn-issa.org/html/chaptermeetings.html
 
</p>
 
  
<p>
+
Dinis Cruz - How OWASP Works - OWASP (MSP) - 10 August 2010 (55 minutes) [http://vimeo.com/14343350 Vimeo Video]
'''TCJUG (Twin Cities Java Users Group)''' meets July 14 at Intertech, Inc in Eagan. http://www.intertechtraining.com/UserGroups/JavaUserGroup.aspx
+
 
</p>
+
Dinis Cruz - O2 - OWASP (MSP) - 10 August 2010 (110 minutes) [http://vimeo.com/14392060 Vimeo Video]
 +
-->
 +
 
 +
= Security Associates =
 +
 
 +
=== Secure360  ===
 +
 
 +
[http://www.secure360.org/ Secure360] is an annual conference providing high quality educational sessions and networking opportunities while working to identify developing trends in risk management, physical security, governance, audit, information security, contingency planning and human capital.
 +
 
 +
=== DC612 Meetings  ===
 +
 
 +
DC612 meets the 2nd Thursday of the month.<br> [http://www.dc612.org/ http://www.dc612.org/]
 +
= Chapter Contacts =
 +
[mailto:[email protected].org Alex Bauert] and
 +
  [mailto:[email protected] Todd Dahl].
 +
<!--
 +
'''Leadership Team:''' [mailto:[email protected] Lorna Alamri]
 +
-->
 +
 
 +
<headertabs />  
 +
 
 +
{{Social Media Links}}
 +
 
 +
[[Category:Minnesota]]

Latest revision as of 19:30, 5 December 2019

OWASP Minneapolis-St. Paul (OWASP MSP)

Welcome to the Minneapolis-St. Paul (OWASP MSP) chapter homepage. The chapter leadership Alex Bauert.

We use Meetup.com for announcements and sometimes, depending on the event Eventbrite.com for RSVP's to organize events and meetings. 


Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

Btn donate SM.gif to this chapter or become a local chapter supporter. Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG



Corporate Sponsors

      FICO

OWASP-MSP Upcoming Chapter Meeting

When: Reference Meetup.com for announcements.






Secure360

Secure360 is an annual conference providing high quality educational sessions and networking opportunities while working to identify developing trends in risk management, physical security, governance, audit, information security, contingency planning and human capital.

DC612 Meetings

DC612 meets the 2nd Thursday of the month.
http://www.dc612.org/