This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Perth Australia"

From OWASP
Jump to: navigation, search
(Updated previous presentations section.)
 
(41 intermediate revisions by 5 users not shown)
Line 1: Line 1:
{{Chapter Template|chaptername=Perth, Western Australia|extra=The chapter leaders are:
+
== Welcome ==
* [http://www.owasp.org/index.php/User:Xntrik Christian Frichot]
+
'''''Welcome to OWASP Perth, Western Australia.'''''
* [mailto:joshua@qwek.com Joshua Qwek]
 
* Timothy Bessant
 
* [mailto:[email protected] David Taylor]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Perth|emailarchives=http://lists.owasp.org/pipermail/owasp-Perth}}
 
  
<paypal>Perth Australia</paypal>
+
[https://docs.google.com/presentation/d/10wi1EWFCPZwCpkB6qZaBNN8mR2XfQs8sLxcj9SCsP6c/edit#slide=id.p4 OWASP Foundation] is a professional association of [[Membership|global members]] and is open to anyone interested in learning more about software security.
  
== Upcoming OWASP Events ==
+
Local chapters are run independently and guided by the [[Chapter Leader Handbook]].
  
Watch this space.
+
== Chapter Leaders ==
 +
The chapter leaders are [mailto:[email protected] Maxim Chernyshev] and [mailto:[email protected] Glen Scott].
  
 +
== Meetings ==
 +
{| class="wikitable"
 +
|-
 +
! Next Meeting
 +
|-
 +
| '''What:''' OWASP Chapter Meeting
  
 +
'''When:''' TBD - speakers needed!
  
== Previous OWASP Meetings ==
+
'''Where:''' TBD
 +
|}
 +
We use [https://www.meetup.com Meetup.com] to organise and announce local chapter events.
  
=== How mature is your software security process? (Perth AISA May 2010) ===
+
Please join our group to stay in touch and get updates on all upcoming activities:
  
==== [http://www.aisa.org.au/index.php?page=287 AISA Details] ====
+
https://www.meetup.com/OWASP-Perth/
  
As the security industry continues to change its focus to application
+
== Updates ==
security a lot of companies who rely on software, developed either
+
* [http://lists.owasp.org/mailman/listinfo/owasp-Perth Mailing list]
internally or externally, are wondering what they can do reduce the risk
+
* [https://owasp.slack.com/messages/CAP3F65DH OWASP Slack channel] ([https://owasp.herokuapp.com/ join] OWASP Slack)
of security flaws.  
 
  
Microsoft's Security Development Lifecycle (SDL) model can look
+
== Participation ==
appealing, however without a clear understanding of what your software
+
If you would like to be a speaker at a local chapter meeting, simply contact the chapter leader(s) with details of the proposed talk.
security processes look like, it may be difficult to achieve any real
 
improvements.  
 
  
Implementing a holistic end-to-end software security process can often
+
We are interested in all aspects of software security and related areas such as:
look like an impossible task, and while the end picture resembles Eden,
+
* Application security architectures
it's often the first steps that everyone stumbles on. As the saying goes
+
* Web, mobile, cloud and IoT app security
"You can't manage what you can't measure", and without a clear
+
* DevOps + Security = DevSecOps
understanding of what your software security processes look like now it's
+
* API security and integrations
unlikely that you can achieve any real improvements.  
+
* Secure Software Development Lifecycle (SDLC)
 +
* Security Code Reviews and others
 +
Several formats are available, including 60 min talks / technical workshops, 30 min talks and 10 min lightning talks.
  
OWASP's Open Software Assurance Maturity Model, or OpenSAMM, aims
+
Speakers our bound by the [[Speaker Agreement|OWASP Speaker Agreement]].
to assist organisations, both big and small, in evaluating their existing
 
software security practices and constructing a measurable, balanced
 
program to increase their software security.  
 
  
Wondering how this can help your internal development processes? Want
+
== Sponsorship and Memberships ==
to have a more rigid process to audit your externally developed software
+
[[File:Btn donate SM.gif|link=Local_Chapter_Supporter]] to this chapter or [[Membership|become]] a local chapter supporter.  
processes? Then perhaps OWASP's OpenSAMM project can assist.
 
  
This meeting will be co-hosted by both the local AISA chapter and the Perth OWASP chapter.
+
[[File:Join Button.png]]OWASP to help us serve [[About The Open Web Application Security Project|our mission]].
 
 
=== Perth OWASP - Perth AISA Technical Day (Dec 2009) ===
 
 
 
==== [http://www.owasp.org/index.php/File:AISA_Perth_TSD_2009_Brochure_-Final.pdf Brochure] ====
 
 
 
The local OWASP boys will be whipping out their flux capacitor to fit as much information as they possibly can into a 2 hour jam-packed session on web app security testing. By providing a flyby of the OWASP Testing Guide, David and Christian aim to demonstrate and explain how to detect security vulnerabilities in your own web applications, including: Cross Site Scripting; Injection Flaws; Cross Site Request Forgery and Session Management Flaws.
 
 
 
Demonstrations will utilise a number of open source and freely available tools, including OWASP's own WebScarab. To provide a yoga-like flexibility to the session all materials and testing environments (an Ubuntu wrapped VMware virtual machine) will be provided to attendees, allowing you to either chase us rapidly down the rabbit hole of the OWASP Top 10, or to take your own time after the session...
 
 
 
The perfect way to spend a lazy Sunday afternoon.
 
 
 
=== Web-based Malware (Sep 2009) ===
 
 
 
==== About the presenter ====
 
Shlomi Cohen joined IBM with the Watchfire acquisition at August 2007.
 
Over nine years of experience in web application security in both start-ups and established companies. Emphasis in strategic selling, sales consulting, technical sales and management.
 
* Leading the Security solution on the WW Rational Tiger sales team
 
* Work with the customers and the local sales team to form the right security solution
 
* Development of sale process for multiple products
 
* Working closely with customers and the product management team in driving the products roadmaps
 
* Assisting IBM’s growth in acquisition portfolio
 
 
 
Previous to the WW Rational Security Solution leader:
 
* Managing the technical sales team for Watchfire in the Americas group of IBM
 
* Watchfire Security Research team manager - A team responsible for various web application security aspects including web application vulnerability research, security product rule updates, enhanced security feature definition, security audits, customer support, marketing and sales assistance
 
* AppShield Development Manager - Managed the development and QA teams for the AppShield product - a client Server Web Application Firewall
 
 
 
=== Threat Modelling in the Software Development Lifecycle (Feb 2009) ===
 
 
 
One of the most important concepts being promoted in the security industry is security in the software development lifecycle. This concept is important due to two primary factors:
 
* It is generally recognised that by shifting security activities closer towards the requirements gathering stage, or the design stage, that less vulnerabilities will make their way into the production systems.
 
* It is also recognised that the cost of mitigating vulnerabilities increases later in the lifecycle.
 
By walking through a case study I hope to demonstrate the effectiveness of addressing risk during the earlier stage of the software development lifecycle, and that these activities are not solely the responsibility of the "security guy", but all participants in a software project including the project manager, business stakeholders and software designer.
 
==== About the presenter ====
 
Christian Frichot is currently employed by Bankwest working within the Security Consulting Services team. His core responsibilities include phishing and online fraud response, security assessments, information risk assessments and other ad-hoc information security consulting. Christian hopes to spend more time in '09 focusing on education and application security, where he feels more effort needs to be applied.
 
 
 
-Updated 18/11/09 by [mailto:[email protected] Christian Frichot]
 
  
 
[[Category:OWASP Chapter]]
 
[[Category:OWASP Chapter]]
[[Category:Australia]]
 

Latest revision as of 01:06, 20 June 2019

Welcome

Welcome to OWASP Perth, Western Australia.

OWASP Foundation is a professional association of global members and is open to anyone interested in learning more about software security.

Local chapters are run independently and guided by the Chapter Leader Handbook.

Chapter Leaders

The chapter leaders are Maxim Chernyshev and Glen Scott.

Meetings

Next Meeting
What: OWASP Chapter Meeting

When: TBD - speakers needed!

Where: TBD

We use Meetup.com to organise and announce local chapter events.

Please join our group to stay in touch and get updates on all upcoming activities:

https://www.meetup.com/OWASP-Perth/

Updates

Participation

If you would like to be a speaker at a local chapter meeting, simply contact the chapter leader(s) with details of the proposed talk.

We are interested in all aspects of software security and related areas such as:

  • Application security architectures
  • Web, mobile, cloud and IoT app security
  • DevOps + Security = DevSecOps
  • API security and integrations
  • Secure Software Development Lifecycle (SDLC)
  • Security Code Reviews and others

Several formats are available, including 60 min talks / technical workshops, 30 min talks and 10 min lightning talks.

Speakers our bound by the OWASP Speaker Agreement.

Sponsorship and Memberships

Btn donate SM.gif to this chapter or become a local chapter supporter.

Join Button.pngOWASP to help us serve our mission.

Retrieved from "https://wiki.owasp.org/index.php?title=Perth_Australia&oldid=252492"