This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Ottawa"

From OWASP
Jump to: navigation, search
(RSVP)
Line 15: Line 15:
 
K2K 2M5 [http://local.google.com/maps?f=q&source=s_q&hl=en&geocode=&q=+40+Hines+Road,+Kanata,+ON,+K2K3G1&ie=UTF8&ll=45.342991,-75.920634&spn=0.00831,0.013819&z=16&iwloc=addr Map]
 
K2K 2M5 [http://local.google.com/maps?f=q&source=s_q&hl=en&geocode=&q=+40+Hines+Road,+Kanata,+ON,+K2K3G1&ie=UTF8&ll=45.342991,-75.920634&spn=0.00831,0.013819&z=16&iwloc=addr Map]
  
== RSVP ==
+
== RSVP ==
Please RSVP to [email protected]. Please include name, company and how many attendees.
+
 
 +
Please RSVP to [email protected]. Please include name, company and how many attendees.  
  
 
'''Meeting Sponsor: '''  
 
'''Meeting Sponsor: '''  
Line 23: Line 24:
 
|-
 
|-
 
| [http://www.2keys.ca [[Image:2keys (big).jpg]]]  
 
| [http://www.2keys.ca [[Image:2keys (big).jpg]]]  
| [http://shopify.com [[Image:http://www.owasp.org/images/a/a6/Shopify-2010-black.png]]]
+
| [http://shopify.com [[Image:Shopify-2010-black.png|200x100px]]]
 
|}
 
|}
  
Line 44: Line 45:
 
==== Next Meeting: Thursday, February 10th, 2011  ====
 
==== Next Meeting: Thursday, February 10th, 2011  ====
  
 +
'''Speaker: Corey Nachreine''' - The Web is the Battleground; and Social Networks Lead the Charge
 +
 +
Our web browser has become the universal app. We no longer use it just to peruse static web pages, but to interact with a menagerie of complex online applications hosted “in the cloud.” While this evolution of web interactivity provides us with many new opportunities, and immense value, it has also made today’s web the most dangerous place on the Internet. Join WatchGuard Senior Network Security Strategist and CISSP, Corey Nachreiner, to hear why he believes web-based threats will pose a huge risk to your network in 2011. During the talk, you will learn how the three most common web-based attacks -- drive-by downloads, cross-site scripting (XSS), and SQL injection – work. You’ll even see them in action during sample attacks. Nachreiner will also discuss why Social Networks sites are the worst “web-threat” offenders of them all. He’ll highlight three attributes that make Social Networks a ripe target for attackers, and likely the primary source of malware in the coming years. Finally, and most importantly, you’ll learn practical steps you can take, and defenses you can erect, to protect yourself from these web-based threats. As the American cartoon, G.I. Joe, used to say, “Knowing is half the battle.” Join us at [EVENT] to get the knowledge you need to win this web battle!
  
 +
<br> <br> '''About The Speaker''' Corey Nachreiner has been with WatchGuard since 1999 and has since written more than a thousand concise security alerts and easily-understood educational articles for WatchGuard users. His security training videos have generated hundreds of letters of praise from thankful customers and accumulated more than 100,000 views on YouTube and Google Video. A Certified Information Systems Security Professional (CISSP), Corey speaks internationally and is often quoted by other online sources, including C|NET, eWeek, and Slashdot. Corey enjoys "modding" any technical gizmo he can get his hands on, and considers himself a hacker in the old sense of the word.
  
'''Speaker: Corey Nachreine''' - The Web is the Battleground; and Social Networks Lead the Charge
+
==== March, Thursday 10th 2011  ====
  
Our web browser has become the universal app. We no longer use it just to peruse static web pages, but to interact with a menagerie of complex online applications hosted “in the cloud.” While this evolution of web interactivity provides us with many new opportunities, and immense value, it has also made today’s web the most dangerous place on the Internet.
+
'''Speaker: Shan Gu - Accenture''' - Large enterprises are increasing their adoption of SOA at a rapid rate as interoperability standards and vendor product implementations mature and stabilize. However, moving enterprises into a loosely coupled IT paradigm introduces challenges around security and compliance. How do we address accountability, confidentiality, integrity, and trust in a large loosely couple ecosystem where consumers and providers don’t always maintain a permanent or stateful relationship? There are standards of course that help integrators and Architects design systems to communicate with each other in a secure manner, however these standards, when interpreted in their purest sense are complex and expensive to implement/maintain in large organizations. And systems that are operationally complex in terms of security are ironically the least secure.  
Join WatchGuard Senior Network Security Strategist and CISSP, Corey Nachreiner, to hear why he believes web-based threats will pose a huge risk to your network in 2011. During the talk, you will learn how the three most common web-based attacks -- drive-by downloads, cross-site scripting (XSS), and SQL injection – work. You’ll even see them in action during sample attacks.
 
Nachreiner will also discuss why Social Networks sites are the worst “web-threat” offenders of them all. He’ll highlight three attributes that make Social Networks a ripe target for attackers, and likely the primary source of malware in the coming years.
 
Finally, and most importantly, you’ll learn practical steps you can take, and defenses you can erect, to protect yourself from these web-based threats. As the American cartoon, G.I. Joe, used to say, “Knowing is half the battle.” Join us at [EVENT] to get the knowledge you need to win this web battle!
 
 
  
<br> '''About The Speaker''' Corey Nachreiner has been with WatchGuard since 1999 and has since written more than a thousand concise security alerts and easily-understood educational articles for WatchGuard users. His security training videos have generated hundreds of letters of praise from thankful customers and accumulated more than 100,000 views on YouTube and Google Video. A Certified Information Systems Security Professional (CISSP), Corey speaks internationally and is often quoted by other online sources, including C|NET, eWeek, and Slashdot. Corey enjoys "modding" any technical gizmo he can get his hands on, and considers himself a hacker in the old sense of the word.
+
<br>  
  
==== March, Thursday 10th 2011  ====
+
<br> '''About The Speaker''' Shan Gu - Manager in the Security Technologies Practice at Accenture
'''Speaker: Shan Gu - Accenture''' - Large enterprises are increasing their adoption of SOA at a rapid rate as interoperability standards and vendor product implementations mature and stabilize.  However, moving enterprises into a loosely coupled IT paradigm introduces challenges around security and compliance.  How do we address accountability, confidentiality, integrity, and trust in a large loosely couple ecosystem where consumers and providers don’t always maintain a permanent or stateful relationship?  There are standards of course that help integrators and Architects design systems to communicate with each other in a secure manner, however these standards, when interpreted in their purest sense are complex and expensive to implement/maintain in large organizations.  And systems that are operationally complex in terms of security are ironically the least secure.
 
  
+
Shan is a Security Architect from Accenture who specializes in Identity and Access Management and SOA Security. He has worked with clients in both the Public and Private sectors and in various industries spanning from Health, to Transport, to Financial Services. Shan has spent his recent years focused on helping clients adopt SOA within the enterprise and to do it in a secure and cost effective manner. Shan is a graduate from Carleton University’s Systems and Computer Engineering program, with a B.Eng and a Minor in Business.
  
<br> '''About The Speaker''' Shan Gu - Manager in the Security Technologies Practice at Accenture
+
==== April, Tuesday 12th 2011  ====
  
Shan is a Security Architect from Accenture who specializes in Identity and Access Management and SOA Security.  He has worked with clients in both the Public and Private sectors and in various industries spanning from Health, to Transport, to Financial Services.  Shan has spent his recent years focused on helping clients adopt SOA within the enterprise and to do it in a secure and cost effective manner.  Shan is a graduate from Carleton University’s Systems and Computer Engineering program, with a B.Eng and a Minor in Business.
+
'''Speaker: ''' - TBD
  
==== April, Tuesday 12th 2011  ====
+
<br>
'''Speaker: ''' - TBD
 
  
+
<br> '''About The Speaker''' TBD
  
<br> '''About The Speaker''' TBD
+
<br>  
  
 
 
==== May, Tuesday 8th 2011  ====
 
==== May, Tuesday 8th 2011  ====
'''Speaker: ''' - TBD
 
  
+
'''Speaker: ''' - TBD
 +
 
 +
<br>
 +
 
 +
<br> '''About The Speaker''' TBD
 +
 
 +
<br>
  
<br> '''About The Speaker''' TBD
 
 
 
 
==== Previous Meetings  ====
 
==== Previous Meetings  ====
  
September 10th, 2009 - Justin Foster - Speaker Notes: Download Here
+
September 10th, 2009 - Justin Foster - Speaker Notes: Download Here April 6th, 2009 - Rafal Los - Speaker Notes: Download Here July 16th, 2008 - John Linehan - Speaker Notes: Download Here November 28th, 2007 - Eric Klien - Make my day
April 6th, 2009 - Rafal Los - Speaker Notes: Download Here
 
July 16th, 2008 - John Linehan - Speaker Notes: Download Here
 
November 28th, 2007 - Eric Klien - Make my day
 
  
 
== <br> ==
 
== <br> ==

Revision as of 15:52, 1 March 2011

OWASP Ottawa

Welcome to the Ottawa chapter homepage. The chapter leaders are Sherif Koussa and Karim Nathoo [1]

<paypal>Ottawa</paypal>


Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

Btn donate SM.gif to this chapter or become a local chapter supporter. Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG


Meetings Location

Trend Micro: 40 Hines Rd Suite 200 Ottawa, Ontario, Canada K2K 2M5 Map

RSVP

Please RSVP to [email protected]. Please include name, company and how many attendees.

Meeting Sponsor:

2keys (big).jpg Shopify-2010-black.png






Meeting schedule:

6:00-6:30 Pizza, wings and pop
6:30-7:30 Main presentation
7:30-8:00 Open discussion and questions

Next Meeting: Thursday, February 10th, 2011

Speaker: Corey Nachreine - The Web is the Battleground; and Social Networks Lead the Charge

Our web browser has become the universal app. We no longer use it just to peruse static web pages, but to interact with a menagerie of complex online applications hosted “in the cloud.” While this evolution of web interactivity provides us with many new opportunities, and immense value, it has also made today’s web the most dangerous place on the Internet. Join WatchGuard Senior Network Security Strategist and CISSP, Corey Nachreiner, to hear why he believes web-based threats will pose a huge risk to your network in 2011. During the talk, you will learn how the three most common web-based attacks -- drive-by downloads, cross-site scripting (XSS), and SQL injection – work. You’ll even see them in action during sample attacks. Nachreiner will also discuss why Social Networks sites are the worst “web-threat” offenders of them all. He’ll highlight three attributes that make Social Networks a ripe target for attackers, and likely the primary source of malware in the coming years. Finally, and most importantly, you’ll learn practical steps you can take, and defenses you can erect, to protect yourself from these web-based threats. As the American cartoon, G.I. Joe, used to say, “Knowing is half the battle.” Join us at [EVENT] to get the knowledge you need to win this web battle!



About The Speaker Corey Nachreiner has been with WatchGuard since 1999 and has since written more than a thousand concise security alerts and easily-understood educational articles for WatchGuard users. His security training videos have generated hundreds of letters of praise from thankful customers and accumulated more than 100,000 views on YouTube and Google Video. A Certified Information Systems Security Professional (CISSP), Corey speaks internationally and is often quoted by other online sources, including C|NET, eWeek, and Slashdot. Corey enjoys "modding" any technical gizmo he can get his hands on, and considers himself a hacker in the old sense of the word.

March, Thursday 10th 2011

Speaker: Shan Gu - Accenture - Large enterprises are increasing their adoption of SOA at a rapid rate as interoperability standards and vendor product implementations mature and stabilize. However, moving enterprises into a loosely coupled IT paradigm introduces challenges around security and compliance. How do we address accountability, confidentiality, integrity, and trust in a large loosely couple ecosystem where consumers and providers don’t always maintain a permanent or stateful relationship? There are standards of course that help integrators and Architects design systems to communicate with each other in a secure manner, however these standards, when interpreted in their purest sense are complex and expensive to implement/maintain in large organizations. And systems that are operationally complex in terms of security are ironically the least secure.



About The Speaker Shan Gu - Manager in the Security Technologies Practice at Accenture

Shan is a Security Architect from Accenture who specializes in Identity and Access Management and SOA Security. He has worked with clients in both the Public and Private sectors and in various industries spanning from Health, to Transport, to Financial Services. Shan has spent his recent years focused on helping clients adopt SOA within the enterprise and to do it in a secure and cost effective manner. Shan is a graduate from Carleton University’s Systems and Computer Engineering program, with a B.Eng and a Minor in Business.

April, Tuesday 12th 2011

Speaker: - TBD



About The Speaker TBD


May, Tuesday 8th 2011

Speaker: - TBD



About The Speaker TBD


Previous Meetings

September 10th, 2009 - Justin Foster - Speaker Notes: Download Here April 6th, 2009 - Rafal Los - Speaker Notes: Download Here July 16th, 2008 - John Linehan - Speaker Notes: Download Here November 28th, 2007 - Eric Klien - Make my day