This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Sweden"

From OWASP
Jump to: navigation, search
(Added link to Jim's slides)
(Redirecting to Stockholm chapter)
 
(6 intermediate revisions by 2 users not shown)
Line 1: Line 1:
{{Chapter Template|chaptername=Sweden|extra=The chapter co-leaders are [mailto:[email protected] John Wilander], [mailto:[email protected] Mattias Bergling], and [mailto:[email protected] Robert Malmgren]
+
#REDIRECT [[Stockholm]]
 
 
 
 
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-sweden|emailarchives=http://lists.owasp.org/pipermail/owasp-sweden}}
 
 
 
== The OWASP Sweden blog ==
 
 
 
For lengthy news and event reports please visit the [http://owaspsweden.blogspot.com/ OWASP Sweden blog] (in Swedish).
 
 
 
== Local News ==
 
 
 
'''Slides from the OWASP Sweden Meeting, Stockholm, March 20, 2012'''
 
 
 
[https://www.owasp.org/images/6/60/Manico_Developer_Top_Ten_Core_Controls_v4.1.ppt.zip Here are the slides (.ppt.zip)] from Jim Manico's presentation on "Web Application Access Control Design Excellence".
 
 
 
'''OWASP Sweden Meeting, Stockholm, March 20, 2012: "Web Application Access Control Design Excellence"'''
 
 
 
Welcome to an OWASP Sweden seminar March 20, with Jim Manico. Book your seat at [https://owaspsweden200312.eventbrite.com/ Eventbrite].
 
 
 
This event will be in English.
 
 
 
Sponsors for this event are:
 
* F5 who is sponsoring for Jim's travel and hotel
 
* .SE sponsoring with the venue
 
* Cybercom who will supply you with beverage and snacks during the evening
 
 
 
The Speaker
 
Jim Manico is a profile in the OWASP community working with the OWASP podcasts and ESAPI amongst other things. During march he is doing a nordic tour and will be visiting the chapters in Finland, Sweden, Norway and Denmark and we have the pleasure of welcoming him to Stockholm on March 20.
 
Read more on the OWASP webpage https://www.owasp.org/index.php/User:Jmanico
 
 
 
Abstract for Jim´s talk:
 
 
 
'''Web Application Access Control Design Excellence'''
 
 
 
Access Control is a necessary security control at almost every layer within a web application. This talk will discuss several of the key access control anti-patterns commonly found during website security audits. These access control anti-patterns include hard-coded security policies, lack of horizontal access control, and "fail open" access control mechanisms. In reviewing these and other access control problems, we will discuss and design a positive access control mechanism that is data contextual, activity based, configurable, flexible, and deny-by-default - among other positive design attributes that make up a robust web-based access-control mechanism.
 
 
 
'''OWASP Sweden SSL Day, Stockholm, November 23 2011'''
 
OWASP Sweden, Stockholm branch is happy to announce a full-day on the topic of SSL in cooperation with Internetdagarna
 
http://www.internetdagarna.se/ind11/program/seminarium/92
 
 
 
The speakers are
 
* Jakob Schlyter, Kirei
 
* John Wilander, OWASP Sweden and Handelsbanken
 
* Andreas Jonson, Romab
 
* Henrich Pöhls, University of Passau
 
* Robert Malmgren, OWASP Sweden and Romab
 
 
 
'''OWASP Sweden Meeting March 7 2011, "Security impact of SVG" + ""ECMA Script 5, a frozen DOM and the eradication of XSS'''
 
Mario Heiderich works as a researcher for the Ruhr-University in Bochum, Germany and currently focuses on HTML5, SVG security and security implications of the ES5 specification draft while finishing his PhD thesis.
 
 
 
We're very happy to invite Mario to OWASP Sweden in March. His two talks will be given in English at Royal Institute of Technology (KTH).
 
 
 
Get your ticket now at [http://marioheiderich.eventbrite.com/ Eventbrite].
 
 
 
Mario's slides:<br>
 
[[Media:Mario_Heiderich_OWASP_Sweden_The_image_that_called_me.pdf‎]] "The Image That Called Me" on SVG security<br>
 
[[Media:Mario_Heiderich_OWASP_Sweden_Locking_the_throneroom.pdf‎]] "Locking the Throneroom" on locking the DOM to eradicate XSS
 
 
 
 
 
'''OWASP Sweden Meeting, Jan 31 2011, "HTTP-säkerhet"'''
 
Daniel Stenberg, Martin Holst Swende, and John Wilander will give talks for OWASP Sweden on Jan 31, 5:30 pm - 21 pm. The topics are Websockets, the new Cookie RFC, Content Security Policy, HTTP Strict Transport Security, and X-Frame-Options. We will be in lecture hall "New York", World Trade Center, Stockholm ([http://www.hitta.se/SearchMixed.aspx?vad=world%20trade%20center&var=stockholm map]).
 
 
 
[http://www.omegapoint.se Omegapoint] are sponsors and there will be lighter food and beers.
 
 
 
'''OWASP Sweden reaches 500 members ... and gets three leaders'''
 
OWASP Sweden now has a stunning 500 members on the mailing list. From now the chapter will be lead by three co-leaders: John Wilander, Mattias Bergling, and Robert Malmgren.
 
 
 
 
 
'''OWASP Sweden invites Samy Kamkar, October 4, 2010'''
 
Samy Kamkar, famous for the [http://en.wikipedia.org/wiki/Samy_(XSS) Samy XSS attack on MySpace] in 2005 will be giving a talk for OWASP Sweden on October 4, 5:30 pm - 22 pm. We will be in Ljusgården, Årstaängsvägen 19, Marievik/Liljeholmen, Stockholm ([http://www.hitta.se/LargeMap.aspx?var=%c5rsta%e4ngsv%e4gen+19%2c+Liljeholmen%2fMarievik%2c+Stockholm map]).
 
 
 
Nexus Safe and Data@UrService are sponsors and there will be lighter food and beers.
 
 
 
[[Media:OWASP_Sweden_Samy_Kamkar_oktober_2010.pdf]]
 
 
 
Go to [http://samykamkar.eventbrite.com/ EventBrite] and register for free now!
 
 
 
 
 
'''OWASP-Sweden + FOSS Sthlm "Community Hack" September 4-5 2010'''
 
The first weekend of September OWASP Sweden together with FOSS Sthlm invite our members to Community Hack II in Stockholm. A full weekend of hacking on open projects, testing new security hacks, trying out tools (for instance the favorite OWASP tool you've always wanted to learn), or writing new, open guidelines.
 
 
 
Go to [http://communityhack2.eventbrite.com/ EventBrite] and register for free now!
 
 
 
 
 
'''OWASP AppSec Research 2010 in Stockholm, June 21-24 2010'''
 
June 21-24, 2010 appsec people will meet in beautiful Stockholm, Sweden. The OWASP chapters in Sweden, Norway, and Denmark together with Stockholm University host the [http://www.owasp.org/index.php/OWASP_AppSec_Research_2010_-_Stockholm,_Sweden OWASP AppSec Research 2010].
 
 
 
 
 
'''OWASP-Sweden Meeting January 21st 2010 -- The Big Protocols'''
 
Stiftelsen för Internetinfrastruktur (.SE) and Swedish Network Users' Society (SNUS) invite us to three seminars on the big protocols: BGP, DNSSEC, and SSL/TLS.
 
 
 
Program and invitation (in Swedish): [[File:OWASP_Sweden_-_De_stora_protokollen_2010-01-21.pdf]]
 
 
 
 
 
'''OWASP-Sweden Meeting December 2nd 2009 -- OWASP Top 10 2010 (rc1)'''
 
Omegapoint invites us to discuss the release candidate of OWASP Top 10 2010 that was presented at OWASP AppSec DC November 13th. The invitation in Swedish is found [[File:OWASP_Sweden_Top_10_december_2009.pdf | here]].
 
'''Don't forget to send an email to John Wilander ([email protected]) no later than November 23rd to say you're coming.''' Seats usually fill up fast.
 
 
 
 
 
'''OWASP AppSec Research 2010, June 21-24 in Stockholm, Sweden'''
 
OWASP Sweden, Norway, and Denmark invite you to OWASP AppSec Research 2010, June 21-24 in Stockholm. Read more on the [https://www.owasp.org/index.php/OWASP_AppSec_Research_2010_-_Stockholm%2C_Sweden conference wiki page].
 
 
 
 
 
'''OWASP-Sweden Meeting April 28th 2009 -- Code Analysis and Review'''
 
 
 
The second chapter meeting of 2009 will be held on Tuesday April 28th at Clarion Hotel Stockholm. The focus is code analysis and code review. Fortify sponsors the event and welcome the chapter members to refreshments, starting at 17.30.
 
 
 
The program:
 
 
 
* Fredrik Möller (Fortify) will biefly present Fortify and their support of OWASP
 
* David Anumudu (Fortify) will present and do a live demo of Fortify Solution
 
* James Dickson (Simovits Consulting) will give a talk on code review
 
 
 
'''Don't forget to send an email to John Wilander ([email protected]) no later than April 23rd to say you're coming.''' We need to know how many will turn up.
 
 
 
 
 
'''OWASP-Sweden Meeting March 26th 2009 -- XSS & CSRF'''
 
 
 
The first meeting of 2009 will be held Thursday March 26th at LabCenter, Oxtorgsgränd 2, Stockholm. The focus is cross-site scripting and cross-site request forgery, attacks and countermeasures. Inspect it and LabCenter sponsor the event and welcome the chapter members to refreshments, starting at 17.00.
 
 
 
The program:
 
 
 
* Hasain Alshakarti, TrueSec: "XSS & CSRF -- A Deadly Cocktail"
 
* Sergio Molero, Concrete IT: "Skydd mot XSS och CSRF"
 
 
 
'''Don't forget to send an email to Mattias Bergling ([email protected]) no later than March 23rd to say you're coming.''' We need to know how many will turn up.
 
 
 
 
 
'''OWASP-Sweden Meeting November 19th 2008 -- PCI DSS'''
 
 
 
The next chapter meeting is Wednesday November 19th. The focus of the seminars is on PCI-DSS, i.e. security in payment card handling on the Internet.
 
The program:
 
* Mats Henriksson, Pan Nordic Card Assoc: "PCI DSS - Tre goda anledningar"
 
* Pål Göran Stensson, Defensor Sverige AB: "PCI DSS - Externa krav och konsulten"
 
* Bengt Berg, Cybercom Sweden East AB: "Olika angreppssätt på PCI DSS"
 
 
 
'''The meeting is fully booked. But do send an email to John Wilander ([email protected]) to say you're interested and we'll let you know if seats become available.'''
 
 
 
 
 
'''OWASP Sweden Hosts the OWASP AppSec Europe Conference 2010'''
 
 
 
We're hosting the European OWASP AppSec conference in 2010! Please read the [http://www.owasp.org/index.php/OWASP_AppSec_Europe_2010_-_Sweden announcement].
 
 
 
 
 
'''OWASP-Sweden Meeting October 6th 2008 -- Security in the Open Source Process'''
 
 
 
The next chapter meeting is Monday October 6th at Clarion Hotel Stockholm (Skanstull). The focus of the seminars will be on "Security in the Open Source Process". Refreshments will be served from 16:30 and the seminars will commence at 17:30. Except for a closing panel discussion the program contains the following:
 
 
 
* Simon Josefsson, SJD: ”Anekdoter och lärdomar från granskning av säkerhetsprogram”
 
* Daniel Stenberg, daniel.haxx.se: ”Säker kod och utveckling i cURL-projektet”
 
* Anders Karlsson, MySQL och Sun Microsystems: ”MySQL: Säkerhet i ett kommersiellt open source-projekt”
 
 
 
'''Don't forget to send an email to Robert Malmgren ([email protected]) no later than September 29th to say you're coming.''' We need to know how many will turn up.
 
 
 
 
 
'''OWASP-Sweden Meeting May 27th 2008 - SQL Injection, Web Scarab'''
 
 
 
OWASP-Sweden welcomes its members to the next chapter meeting - Tuesday May 27th at Clarion Hotel Stockholm. Refreshments will be served from 17:00, demos will be shown from 17:30, and the seminars will commence at 18:00. The main attractions are:
 
 
* Patrik Karlson, Inspect it: "SQL injection, identifiering och utnyttjande"
 
* Johannes Gumbel, TrueSec: "WebScarab—funktioner, fördelar och nackdelar"
 
 
 
'''Don't forget to send an email to Mattias Bergling ([email protected]) no later than May 21st to say you're coming.''' We need to know how many will turn up.
 
 
 
 
 
'''Kick-Off Meeting for OWASP-Sweden April 1st 2008'''
 
 
 
The OWASP-Sweden kick-off will be held at WTC in Stockholm on April 1st. Yeah, it's April Fool's Day but we go under the tagline "Application Security is Not a Joke". The presentation program includes:
 
 
 
* Andrei Sabelfeld, well-known security researcher from Chalmers
 
* Michael Anderberg, Chief Security Advisor at Microsoft Sweden
 
* Per Mellstrand, software analyst at Sony Ericsson and researcher at Blekinge Institute of Technology
 
 
 
'''Don't forget to send an email to John Wilander ([email protected]) no later than March 27 to say you're coming.''' We need to know how many will turn up.
 
 
 
We're kicking off!
 
 
 
 
 
'''OWASP-Sweden in Computer Sweden - 08:44, 19 Dec 2007 (EDT)'''
 
 
 
Today the Swedish national IT newspaper 'Computer Sweden' published an article on the new OWASP-Sweden chapter - [http://computersweden.idg.se/2.2683/1.137387 ''Mecka för säker programmering till Sverige''], or ''A Mecka for Secure Programming Reaches Sweden'' in English. While OWASP is more than a programmer's guide, Mattias Bergling and I are very happy to get the news out to a large part of Sweden's IT industry.
 
 
 
'''To become a member of Owasp-Sweden just join the [http://lists.owasp.org/mailman/listinfo/owasp-sweden mailing list].'''
 
 
 
 
 
'''OWASP-Sweden opens! - 22:25, 01 Oct 2007 (EDT)'''
 
 
 
Finally, Sweden has joined the OWASP movement and John Wilander, the local chapter leader, welcomes members to the Stockholm-based OWASP-Sweden. Please, join our mailing list. Plans for meetings and seminars will be made.
 
 
 
Are you interested in helping out? Do you have ideas for great invited speakers or workshop meetings? Feel free to contact the chapter.
 
[[Category:Sweden]]
 

Latest revision as of 13:41, 26 March 2015

Redirect to: