This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Nigeria"

From OWASP
Jump to: navigation, search
m
(OWASP Nigeria August 2017)
Line 66: Line 66:
 
|}
 
|}
 
== Chapter Meetings - 2017 ==
 
== Chapter Meetings - 2017 ==
=== OWASP Lagos January Event ===
+
=== August 2017 Event: OWASP Top 10 Workshop Series - Understanding SQL Injection and XSS ===
 
{| style="vertical-align:top;width:90%;background-color:#white;padding:10px;border:1px solid silver;" align="center" cellspacing="5"
 
{| style="vertical-align:top;width:90%;background-color:#white;padding:10px;border:1px solid silver;" align="center" cellspacing="5"
 
|-
 
|-
| colspan="2" align="center" height="30" style="background:#CCCCEE;" | '''Chapter Meeting - January 28, 2017'''  
+
| colspan="2" align="center" height="30" style="background:#CCCCEE;" | '''Chapter Meeting - August 12, 2017'''  
 
|-
 
|-
 
|-
 
|-
Line 77: Line 77:
 
|-
 
|-
 
|-
 
|-
| valign="middle" bgcolor="#EEEEEE" align="center" | ''' Saturday January 28, 2017<br><br>''' Doors: 12:00PM <br> Talks Start: 12:15PM
+
| valign="middle" bgcolor="#EEEEEE" align="center" | ''' Saturday August 12, 2017<br><br>''' Doors: 12:00PM <br> Talks Start: 12:15PM <br>End: 2:30PM
 
| valign="middle" bgcolor="#EEEEEE" align="left" | '''Venue Location: CC-HUB<br>'''
 
| valign="middle" bgcolor="#EEEEEE" align="left" | '''Venue Location: CC-HUB<br>'''
 
Venue Address: Co-creation hub, 6th Floor, 294 Herbert Macaulay Rd, Lagos, Nigeria'''<br>'''
 
Venue Address: Co-creation hub, 6th Floor, 294 Herbert Macaulay Rd, Lagos, Nigeria'''<br>'''
Line 90: Line 90:
  
  
In this meetup up, we'll be rolling up our sleeves and digging into practical application threat modeling and risk analysis.
+
'''OWASP Top 10 Workshop Series - Understanding SQL Injection and XSS'''<br />
  
Hope to see you there.
+
Please join us for the first workshop of our [[Top_10_2013-Top_10|OWASP Top 10]] series. In this exciting series, we will explore the top web application security vulnerabilities, and how to prevent them.
  
 +
The [[Top_10_2013-Top_10|OWASP Top 10]] is a list of the most pertinent security issues that affect web applications today.
  
'''Designing Secure Applications'''
+
In this workshop, we will cover:
 +
#[[Top_10_2013-A1-Injection|OWASP Top 10 A1 (Injection)]]: Injection flaws, such as SQL, OS, and LDAP injection occur when untrusted data is sent to an interpreter as part of a command or query. The attacker’s hostile data can trick the interpreter into executing unintended commands or accessing data without proper authorization.
 +
#[[Top_10_2013-A3-Cross-Site_Scripting_(XSS)|OWASP Top 10 A3 (Cross-Site Scripting, XSS)]]: XSS flaws occur whenever an application takes untrusted data and sends it to a web browser without proper validation or escaping. XSS allows attackers to execute scripts in the victim’s browser which can hijack user sessions, deface web sites, or redirect the user to malicious sites.
  
Threat modeling is the art of application risk analysis that helps you to identify, quantify, and address the security risks associated with the application.
 
  
In this participatory workshop, we'll unlock the shrouded mysteries of threat modeling, revealing the inner secrets. We will grapple with thorny issues like decomposition of the system architecture, appropriate architectural views, and assessing risk. Our practical examples and exercises will relevant to different software types such as web applications, mobile and desktop thick clients.
+
Please try to arrive 15 - 30 minutes early.
 
 
At the end of the session, you should prepared to commence the rewarding journey of architecting and designing secure applications.
 
 
 
 
 
 
 
Chapter meetings are provided free of charge although OWASP membership is encouraged and besides supporting the organisation, will provide the holder with benefits in other areas such as free/discounted entry to conferences, etc.
 
 
|-
 
|-
 
|}
 
|}

Revision as of 03:30, 24 July 2017

OWASP Nigeria

Welcome to the Nigeria chapter homepage. The chapter leaders are 

- Abuja: Idara Akpan and Abdullahi Arabo 
- Lagos: Seun Ogunrinde, Damilare Fagbemi, Ayodeji Okikiolu, and Olufuwa Tayo


Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

Btn donate SM.gif to this chapter or become a local chapter supporter. Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG


Local News

Meeting Location: Co-creation hub, 6th Floor, 294 Herbert Macaulay Rd, Lagos, Nigeria

Everyone is welcome to join us at our chapter meetings.

Chapter Meetings - 2016

OWASP Lagos February Event

Chapter Meeting - February 13, 2016
When Where
Saturday February 13 2016

 Doors: 12:00PM
Talks Start: 12:15PM 		Venue Location: CC-HUB

Venue Address: Co-creation hub, 6th Floor, 294 Herbert Macaulay Rd, Lagos, Nigeria
 Venue Map: Google Maps
(Registration. Register here)

DESCRIPTION

Sponsors: Cchub.png    Inits.png


The inaugural OWASP Lagos, Nigeria meeting is taking place on Saturday February 16 at CC-HUB from 12:00PM - 5:00PM.

Hope to see you there.

There are three talks lined up including an Intro of OWASP and the chapter leaders:

Intro: Chapter leads - our background, how we got into security, stuff we're exploring or hope to learn and what we hope to achieve in starting OWASP Lagos. About OWASP: A look at OWASP, her objectives, some flagship projects (tools, guidelines, cheat sheets)


Talk 1: Introduction to OWASP ZAP

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. This talk will describe the tool and how to use it for validating web application security.


Talk 2: Exploiting a Vulnerable website to steal user credentials and gain root

This talk will describe how user authentication credentials can hijacked on a vulnerable website, using a practical demo. It will also demonstrate the compromise of a webserver hosting a vulnerble web application.


Talk 3: The OWASP Web Security Shepherd

The OWASP Security Shepherd project is a web and mobile application security training platform. Security Shepherd has been designed to foster and improve security awareness among a varied skill-set demographic. In this session we'll introduce the security shepherd and use it to learn SQL Injection . PLEASE BRING YOUR LAPTOPS.

Chapter Meetings - 2017

August 2017 Event: OWASP Top 10 Workshop Series - Understanding SQL Injection and XSS

Chapter Meeting - August 12, 2017
When Where
Saturday August 12, 2017

 Doors: 12:00PM
Talks Start: 12:15PM
End: 2:30PM 		Venue Location: CC-HUB

Venue Address: Co-creation hub, 6th Floor, 294 Herbert Macaulay Rd, Lagos, Nigeria
 Venue Map: Google Maps
(Registration. Register here)

DESCRIPTION

Sponsors: Cchub.png


OWASP Top 10 Workshop Series - Understanding SQL Injection and XSS

Please join us for the first workshop of our OWASP Top 10 series. In this exciting series, we will explore the top web application security vulnerabilities, and how to prevent them.

The OWASP Top 10 is a list of the most pertinent security issues that affect web applications today.

In this workshop, we will cover:

  1. OWASP Top 10 A1 (Injection): Injection flaws, such as SQL, OS, and LDAP injection occur when untrusted data is sent to an interpreter as part of a command or query. The attacker’s hostile data can trick the interpreter into executing unintended commands or accessing data without proper authorization.
  2. OWASP Top 10 A3 (Cross-Site Scripting, XSS): XSS flaws occur whenever an application takes untrusted data and sends it to a web browser without proper validation or escaping. XSS allows attackers to execute scripts in the victim’s browser which can hijack user sessions, deface web sites, or redirect the user to malicious sites.


Please try to arrive 15 - 30 minutes early.

Retrieved from "https://wiki.owasp.org/index.php?title=Nigeria&oldid=231829"