This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Switzerland"

From OWASP
Jump to: navigation, search
(Added local chapter meeting dates for 2012)
m
 
(156 intermediate revisions by 3 users not shown)
Line 1: Line 1:
 
__NOTOC__  
 
__NOTOC__  
  
= Welcome =
+
= Welcome =
  
[[File:owasp_switzerland_logo.png|180px|thumb|right]]
+
[[File:owasp_switzerland_logo.png|150px|right|OWASP Switzerland Chapter Logo]]
  
 
Welcome to the Home Page of the OWASP Switzerland Chapter.  
 
Welcome to the Home Page of the OWASP Switzerland Chapter.  
  
*The chapter leader is [mailto:sven.vetsch__AT__disenchant.ch Sven Vetsch] supported by the members of the board [mailto:antonio.fontes__AT___owasp.org Antonio Fontes] and Alexis FitzGerald. Please contact us with any questions about the chapter.  
+
*If you want to give a talk, provide a venue or in case of other questions regarding this chapter - just ping one of our '''Chapter Leaders: [mailto:sven.vetsch@owasp.org Sven Vetsch] and [mailto:robert.schneider@owasp.org Robert Schneider].'''
*Please subscribe to the [http://lists.owasp.org/mailman/listinfo/owasp-switzerland mailing list] for meeting announcements and other news related to OWASP in Switzerland.  
+
 
*You can follow us on Twitter as [http://twitter.com/owasp_ch @OWASP_ch]
+
*Please join us on [https://www.meetup.com/de-DE/OWASPSwitzerland/ Meetup] and/or subscribe to our (low-traffic) [https://groups.google.com/a/owasp.org/forum/#!forum/switzerland-chapter mailing list] for meeting announcements and other news related to OWASP in Switzerland.  
  
 
<br> If you're living in the French speaking part of Switzerland, please also visit the '''[[Geneva|OWASP Geneva chapter]]''' for more information.  
 
<br> If you're living in the French speaking part of Switzerland, please also visit the '''[[Geneva|OWASP Geneva chapter]]''' for more information.  
  
 
= Next Meetings  =
 
= Next Meetings  =
 
+
Please see our list of upcoming meetings on Meetup:
Chapter meetings are held several times a year, typically at a location provided by our current facility sponsor. <!-- There are no planned meetings yet. Keep yourself informed and up-to-date over our [http://lists.owasp.org/mailman/listinfo/owasp-switzerland mailinglist]. -->
+
[[Image:Meetup-button.png|left|alt=See our planned meeting and register for them here|link=https://www.meetup.com/de-DE/OWASPSwitzerland/]]
 
+
<br>
'''14. February 2012''' | Local Chapter Meeting<br> No presentation and location fixed yet.
+
<br>
 
 
'''10. April 2012''' | Local Chapter Meeting<br> No presentation and location fixed yet.
 
 
 
'''12. June 2012''' | Local Chapter Meeting<br> No presentation and location fixed yet.
 
 
 
'''14. August 2012''' | Local Chapter Meeting<br> No presentation and location fixed yet.
 
 
 
'''9. October 2012''' | Local Chapter Meeting<br> No presentation and location fixed yet.
 
 
 
'''11. December 2012''' | Local Chapter Meeting<br> No presentation and location fixed yet.
 
 
 
<br>  
 
  
 
= Past Meetings  =
 
= Past Meetings  =
 +
<!--
 +
Please use the following template for events (if an information is not available simple remove the specific part):
 +
[SAMPLE]
  
'''13. December 2011''' | Local Chapter Meeting<br> All information about the meeting can be found [https://lists.owasp.org/pipermail/owasp-switzerland/2011-December/000223.html here]
+
|-
 
+
| 2013-12-17
'''11. October 2011''' | Local Chapter Meeting<br> All information about the meeting can be found [https://lists.owasp.org/pipermail/owasp-switzerland/2011-September/000218.html here]
+
| <center>[[Image:info.png|20px|link=https://lists.owasp.org/pipermail/owasp-switzerland/2013-October/000258.html]]</center>
 
+
| <center>[[Image:person.png|20px|link=User:USERNAME]]</center>
'''09. August 2011''' | Local Chapter Meeting<br> Foundation of OWASP Switzerland as an association.<br> Location: Niederdorfstrasse 76, 8001 Zürich
+
| <center>[[Image:location.png|20px|link=http://www.owasp.ch]]</center>
 
+
| <center>[[Image:slides.png|20px|link=File:FILENAME.pdf]]</center>
'''14. June 2011''' | Local Chapter Meeting<br> Lightning Talks<br> Location: Niederdorfstrasse 76, 8001 Zürich<br> More information can be found at http://techup.ch/111/owasp-switzerland-meeting
+
| Chapter Meeting (or as an example: Area41)
 
+
| Node security
'''12. May 2011 | Swiss Cyber Storm III'''<br> Slides: [https://www.owasp.org/index.php/File:SwissCyberStorm3-Do_you_know_OWASP.pdf here].
 
 
 
'''12. April 2011 | Local Chapter Meeting'''<br> More information can be found [https://lists.owasp.org/pipermail/owasp-switzerland/2011-April/000204.htmll here].
 
 
 
'''08. February 2011 | Local Chapter Meeting'''<br> Meeting had to be canceled because we had no speakers.
 
 
 
'''12. April 2010 | Local Chapter Meeting'''<br> More information can be found [https://lists.owasp.org/pipermail/owasp-switzerland/2010-February/000152.html here].
 
 
 
'''25. June 2009 | Local Chapter Meeting'''<br> More information can be found [https://lists.owasp.org/pipermail/owasp-switzerland/2009-June/000144.html here] (the start time has changed to 17:15).
 
 
 
'''7. April 2009 | Local Chapter Meeting'''<br> More information can be found [https://lists.owasp.org/pipermail/owasp-switzerland/2009-March/000140.html here].
 
 
 
'''8. September 2008 | Local Chapter Meeting'''<br> All information about the meeting can be found at [https://lists.owasp.org/pipermail/owasp-switzerland/2008-August/000132.html here]
 
 
 
'''1. April 2008 | Global OWASP Week'''<br>
 
 
 
The following was the official invitation mail:
 
<pre>
 
Dear Receiver,
 
in the name of the OWASP (http://owasp.org) I'd like to invite you to
 
our next event, which is part of the Global OWASP Week 2008. If you're
 
interested in web application security, this is something for you.
 
 
 
  
Date and time:
+
[END OF SAMPLE]
1.April 2008 -&gt; WebAppSec Is No Joke
+
-->
18:00 - ca. 21:00
 
  
Where:
+
Please see our list of past meetings on Meetup:
The event takes place at the ETH Zurich, in the main building, room
+
[[Image:Meetup-button.png|left|alt=See our past meeting and register for them here|link=https://www.meetup.com/de-DE/OWASPSwitzerland/]]
HG F26.5
+
<br>
 +
<br>
 +
<br>
 +
<br>
  
Who:
+
Previous meetings "prior" Meetup:
  As at all of our meetings, everyone is welcome. If you know someone
+
{| class="wikitable sortable" border="0"
  who could also be interested in this event, ask him/her to come too.
+
|-
 
+
! scope="col" | Date
Content:
+
! scope="col" class="unsortable" | Speaker
  We'll have three interesting Talks.
+
! scope="col" class="unsortable" | Host
 
+
! scope="col" | Slides
- Taking Apache access logs to the next level: Complying to PCI DSS
+
! scope="col" | Event
  for fun and profit
+
! scope="col" | Topic
  (Christian Folini - Technical Consultant at netnea)
+
|-
 
+
|2017-08-16
    The PCI DSS is rather vague, when it comes to logfiles. It does
+
|<center>[[Image:person.png|20px|link=http://www.christian-folini.ch/]]</center>
    make clear, that writing logfiles and reading them is a
+
|<center>[[Image:location.png|20px|link=https://www.swisscom.ch/]]</center>
    requirement though. But it leaves it up to you to define your
+
|<center>[[Image:slides.png|20px|link=File:20170816-Introducing_the_OWASP_ModSecurity_Core_Rule_Set_3-Christian_Folini.pdf]]</center>
    setup and your processes. Apache brings numerous logging
+
|Chapter Meeting
    possibilities, but they are rarely used in practice. Based on a
+
|Introducing the OWASP ModSecurity Core Rule Set 3.0
    sample enterprise setup, I will discuss key items of a
+
|-
    revision-proof architecture. System components and methods will be
+
| 2016-10-04
    examined and a few interesting techniques presented.
+
| <center>[[Image:person.png|20px|link=https://www.xing.com/profile/Florian_Badertscher]]</center>
 
+
| <center>[[Image:location.png|20px|link=https://www.swissre.com/]]</center>
  - Implementing an Application Security Lifecycle programme
+
| <center>[[Image:slides.png|20px|link=File:20161004-Bug_Bounty_progams_in_Switzerland-Florian_Badertscher.pdf]]</center>
    (Alessandro Moretti - Executive director for IT security risk
+
| Chapter Meeting
    management at UBS Investment Bank)
+
| Bug Bounty programs in Switzerland?
 
+
|-
    Topic:
+
| 2016-06-07
    A case study at UBS Investment Bank - how the Application Security
+
| <center>[[Image:person.png|20px|link=https://twitter.com/fenceposterror]]</center>
    Lifecycle Programme aims to implement proactive and reactive IT
+
| <center>[[Image:location.png|20px|link=https://www.swisscom.ch/]]</center>
    security management and promote application security across the
+
| <center>[[Image:slides.png|20px|link=File:20160607-xssi-the_tale_of_a_fameless_but_widepsread_vulnerability-Veit_Hailperin.pdf]]</center>
    global UBS IT community.
+
| Chapter Meeting
 
+
| XSSI - The Tale of a Fameless but Widespread Vulnerability
    Short description:
+
|-
    UBS IT Security Risk Management will provide an overview of the
+
| 2015-12-15
    risk strategy, and an insight into the strategic initiative, based
+
| <center>[[Image:person.png|20px|link=http://intothesymmetry.blogspot.ch/]]<br>[[Image:person.png|20px|link=https://www.xing.com/profile/Pascal_Buchbinder]]</center>
    partly on OWASP, to enhance the application security with each
+
| <center>[[Image:location.png|20px|link=https://www.liip.ch/]]</center>
    phase of the software development lifecycle. The presentation will
+
| <center>[[Image:slides.png|20px|link=File:20151215-Top_X_OAuth_2_Hacks-asanso.pdf]]<br>[[Image:slides.png|20px|link=File:20151215-Reliable_log_data_transfer-Pascal_Buchbinder.pdf]]</center>
    provide details on the vision, the overall programme approach and
+
| Chapter Meeting
    on selected deliverables as part of the programme. Topics include,
+
| Top X OAuth 2 Hacks<br>Reliable log data transfer: about syslog, logstash and log data signing
    security education, risk management, source code testing,
+
|-
    penetration testing and web application firewalls. A question and
+
| 2015-10-14
    answer session will follow.
+
| <center>[[Image:person.png|20px|link=https://twitter.com/blitzfranklyn]]</center>
 
+
| <center>[[Image:location.png|20px|link=https://www.ergon.ch/]]</center>
  - WebAppSec the Big Picture
+
| <center>[[Image:slides.png|20px|link=File:20151014-Application_Security_Testing_by_Static_Code_Analysis-blitzfranklyn.pdf]]</center>
    (Sven Vetsch - Security Tester at Dreamlab Technologies)
+
| Chapter Meeting
 
+
| Application Security Testing by Static Code Analysis
    Most of the actual vulnerabilities which security researchers and
+
|-
    also bad guys (doesn't) report every day, are related to web
+
| 2015-08-19
    applications. Even if this is the case, the security community
+
| <center>[[Image:person.png|20px|link=]][[Image:person.png|20px|link=]][[Image:person.png|20px|link=]][[Image:person.png|20px|link=]]</center>
    didn't get the big picture of what security related problems we've
+
| <center>[[Image:location.png|20px|link=https://www.swisscom.ch/]]</center>
    got through web applications. In this demonstration, we will show
+
|
    you an overview of the most important web vulnerabilities like SQL
+
| Chapter Meeting
    Injections, XSS, CSRF, Path Traversal, Session Fixation and much
+
| BarCamp
    more. The focus in this demonstration is not to show you the
+
|-
    latest research results in webappsec, it's to show you the big
+
| 2015-06-17
    picture of this topic.
+
| <center>[[Image:person.png|20px|link=http://eprints.hsr.ch/414/]][[Image:person.png|20px|link=http://eprints.hsr.ch/414/]]</center>
 
+
| <center>[[Image:location.png|20px|link=http://www.csnc.ch/]]</center>
 
+
| <center>[[Image:slides.png|20px|link=File:OWASP_Switzerland_Meeting_2015-06-17_XSLT_SSRF_ENG.pdf]]</center>
If there are any further questions, don't hesitate to contact me at:
+
| Chapter Meeting
sven.vetsch _at_ disenchant.ch
+
| XSLT Processing Security and Server Side Request Forgeries
 
+
|-
Regards,
+
| 2015-04-15
Sven Vetsch
+
| <center>[[Image:person.png|20px|link=http://www.floyd.ch/]]</center>
Leader OWASP Switzerland
+
| <center>[[Image:location.png|20px|link=https://www.credit-suisse.com/ch/]]</center>
 
+
| <center>[[Image:slides.png|20px|link=File:20150415-Android_apps_in_sheeps_clothing-Tobias_Ospelt-modzero.pdf]]</center>
</pre>  
+
| Chapter Meeting
'''11. December 2007 | Local Chapter Meeting'''<br> All information can be found [http://lists.owasp.org/pipermail/owasp-switzerland/2007-November/000105.html here] and [http://lists.owasp.org/pipermail/owasp-switzerland/2007-November/000106.html here].
+
| Android apps in sheep's clothing
 
+
|-
'''19. and 20. September 2007 | Security-Zone'''<br> [[Image:Securityzonelogo 07.jpg]]<br> The Security-Zone will take place on the 19. and 20. September 2007 and it's the most important security event we've got in Switzerland. You can find all information on the [http://www.security-zone.info/ official Security-Zone website]. There will be much OWASP publicity and we will also be actively participating in this event. For more information on what we do, you can read [http://www.disenchant.ch/blog/owasp-switzerland-goes-public/80 Sven's blog posting] about this and you can order your own free ticket [http://security-zone.adim.ch/Anmeldung.php?client=1&lang=1&idcatart=75&o=owasp%22%20target=%22_new here].
+
| 2015-02-18
 
+
| <center>[[Image:person.png|20px|link=https://miki.it/]]</center>
'''24. July 2007 | Local Chapter Meeting'''<br> A summary for the meeting can be found [http://lists.owasp.org/pipermail/owasp-switzerland/2007-July/000095.html here] in our mailinglist archive.
+
| <center>[[Image:location.png|20px|link=http://www.swisscom.com/]]</center>
 
+
| <center>[[Image:slides.png|20px|link=File:20150218-Abusing_JSONP_with_Rosetta_Flash-miki.it.pdf]]</center>
The presentation about "Dependability for Java Mobile" Code" by Pierre Parrend can be found [https://www.owasp.org/index.php/Mobile_Java_Security here], including a small abstract.  
+
| Chapter Meeting
 
+
| Abusing JSONP with Rosetta Flash
'''26. April 2007 | Local Chapter Meeting and "Swiss Security Dinner"'''<br> A summary for the meeting can be found [http://lists.owasp.org/pipermail/owasp-switzerland/2007-April/000086.html here] in our mailinglist archive.
+
|-
 
+
| 2014-12-10
'''12. February 2007 | Local Chapter Meeting'''<br> A summary for the meeting can be found [http://lists.owasp.org/pipermail/owasp-switzerland/2007-February/000079.html here] in our mailinglist archive.
+
| <center>[[Image:person.png|20px|link=User:Disenchant]]</center>
 
+
| <center>[[Image:location.png|20px|link=http://www.vorbahnhof.ch/]]</center>
The presentation about "XSS-Worms" (in OWASP template) by [http://disenchant.ch Sven Vetsch] can be found [http://www.owasp.org/images/f/fe/Pres_20070206_04_svetsch_xss_worms_owasp.zip here]
+
|
 
+
| Chapter Meeting
'''11. November 2006 | OWASP Switzerland Local Chapter Kickoff Meeting'''
+
| OWASP Switzerland Fondue
 
+
|-
Switzerland have a Local Chapter for a while now but there were never some meetings or some other activities. Now, a few members of the OWASP Switzerland Local Chapter mailinglist met each other in Zurich to do a real kick-off for this Chapter.
+
| 2014-11-12
 
+
| <center>[[Image:person.png|20px|link=http://www.christian-folini.ch/]]</center>
In the Switzerland Local Chapter, we decided that at the moment the most important thing for us would be to build a network of people in Switzerland which are interested in the OWASP too and at the same time to promote it that the folks which didn't know the OWASP yet will get in touch with it. In future meetings we also want to do some presentations and/or workshop for having an active knowledge transfer.  
+
| <center>[[Image:location.png|20px|link=https://www.open.ch/]]</center>
 +
| <center>[[Image:slides.png|20px|link=File:Owasp-ch-folini-nov-2014.pdf]]</center>
 +
| Chapter Meeting
 +
| Living on the Edge - Advanced ModSecurity to Save Your Ass
 +
|-
 +
| 2014-08-20
 +
| <center>[[Image:person.png|20px|link=http://www.arcus-security.ch/]]</center>
 +
| <center>[[Image:location.png|20px|link=http://www.kshp.ch/]]</center>
 +
| <center>[[Image:slides.png|20px|link=File:20140820-Flash_Security_by_Arcus_Security.pdf]]</center>
 +
| Chapter Meeting
 +
| (Client-Side) Flash Security
 +
|-
 +
| 2014-06-17
 +
| <center>[[Image:person.png|20px|link=https://www.sec-consult.com/]]</center>
 +
| <center>[[Image:location.png|20px|link=http://www.credit-suisse.ch/]]</center>
 +
| <center>[[Image:slides.png|20px|link=File:20140617-XSS_and_beyond-Rene.pdf]]</center>
 +
| Chapter Meeting
 +
| XSS and beyond
 +
|-
 +
| 2014-04-09
 +
| <center>[[Image:person.png|20px|link=https://twitter.com/dobinrutis]]</center>
 +
| <center>[[Image:location.png|20px|link=http://www.ubs.com/ch/]]</center>
 +
| <center>[[Image:slides.png|20px|link=File:20140409-SSL_TLS_jungle-Dobinrutis.pdf]]</center>
 +
| Chapter Meeting
 +
| SSL/TLS jungle - bringing light into the cipher forest
 +
|-
 +
| 2014-02-19
 +
| <center>[[Image:person.png|20px|link=User:Schattenbaum]]</center>
 +
| <center>[[Image:location.png|20px|link=http://www.swisscom.ch/]]</center>
 +
| <center>[[Image:slides.png|20px|link=File:20140219-SSDLC_Ready_for_Clouds-Robert.pdf]]</center>
 +
| Chapter Meeting
 +
| S-SDLC – Ready for the Cloud?
 +
|-
 +
| 2013-12-17
 +
| <center>[[Image:person.png|20px|link=User:Disenchant]]</center>
 +
| <center>[[Image:location.png|20px|link=http://www.credit-suisse.ch/]]</center>
 +
|
 +
| Chapter Meeting
 +
| Annual Review & Outlook
 +
|-
 +
| 2013-10-22
 +
| <center>[[Image:person.png|20px|link=https://www.xing.com/profiles/Alexandre_Herzog]]</center>
 +
| <center>[[Image:location.png|20px|link=http://www.colab-zurich.ch/]]</center>
 +
| <center>[[Image:slides.png|20px|link=File:20131022-advances_in_secure_aspnet_development-alexandre.pdf]]</center>
 +
| Chapter Meeting
 +
| Advances in secure (ASP).NET development – Break the hacker's spirit
 +
|-
 +
| 2013-10-22
 +
| <center>[[Image:person.png|20px|link=User:Disenchant]]</center>
 +
| <center>[[Image:location.png|20px|link=http://www.colab-zurich.ch/]]</center>
 +
| <center>[[Image:slides.png|20px|link=File:20131022-node_security-disenchant.pdf]]</center>
 +
| Chapter Meeting
 +
| Node.js Security
 +
|-
 +
| 2013-04-09
 +
| <center>[[Image:person.png|20px|link=User:Disenchant]]</center>
 +
| <center>[[Image:location.png|20px|link=http://www.securesafe.com/]]</center>
 +
|
 +
| Chapter Meeting
 +
| Tools (not) to use
 +
|-
 +
| 2012-09-19
 +
| <center>[[Image:person.png|20px|link=User:Disenchant]]</center>
 +
| <center>[[Image:location.png|20px|link=http://www.security-zone.info/]]</center>
 +
| <center>[[Image:slides.png|20px|link=File:Owasp_top_10_mobile_risks.pdf]]</center>
 +
| Security-Zone
 +
| OWASP Top 10 Mobile Risks
 +
|-
 +
| 2012-06-12
 +
| <center>[[Image:person.png|20px|link=https://www.xing.com/profile/Tobias_Ospelt]]</center>
 +
| <center>[[Image:location.png|20px|link=http://www.rheinfelder.ch/]]</center>
 +
|
 +
| Chapter Meeting
 +
| Reversing Android Apps
 +
|-
 +
| 2012-02-14
 +
| <center>[[Image:person.png|20px|link=https://www.blackhat.com/html/bh-us-12/speakers/Gianni-Gnesa.html]]</center>
 +
| <center>[[Image:location.png|20px|link=http://www.rheinfelder.ch/]]</center>
 +
|
 +
| Chapter Meeting
 +
| Analysis of the RSA Security Breach
 +
|-
 +
| 2011-12-13
 +
| <center>[[Image:person.png|20px|link=https://www.xing.com/profile/Alexis_FitzGerald]]</center>
 +
| <center>[[Image:location.png|20px|link=http://www.rheinfelder.ch/]]</center>
 +
|
 +
| Chapter Meeting
 +
| AppSec - Why is it important
 +
|-
 +
| 2011-12-13
 +
| <center>[[Image:person.png|20px|link=https://www.xing.com/profile/Stephan_Berger37]][[Image:person.png|20px|link=https://plus.google.com/106548980928636767176/posts]]</center>
 +
| <center>[[Image:location.png|20px|link=http://www.rheinfelder.ch/]]</center>
 +
|
 +
| Chapter Meeting
 +
| Dangers of Firefox Add-On's
 +
|-
 +
| 2011-10-11
 +
| <center>[[Image:person.png|20px|link=https://www.xing.com/profile/Cyrill_Brunschwiler]]</center>
 +
| <center>[[Image:location.png|20px|link=http://www.itacs.ch/]]</center>
 +
|
 +
| Chapter Meeting
 +
| Presentation of the OWASP Top 10 & a hands-on session
 +
|-
 +
| 2011-08-09
 +
| <center>[[Image:person.png|20px|link=User:Disenchant]]</center>
 +
| <center>[[Image:location.png|20px|link=http://www.rheinfelder.ch/]]</center>
 +
|
 +
| Chapter Meeting
 +
| Foundation of OWASP Switzerland Association
 +
|-
 +
| 2011-06-14
 +
| <center>[[Image:person.png|20px|link=https://www.xing.com/profiles/Pascal_Buchbinder]]</center>
 +
| <center>[[Image:location.png|20px|link=http://www.rheinfelder.ch/]]</center>
 +
| <center>[[Image:slides.png|20px|link=File:Owasl_lcm_20110614_mod_sslcrl.pdf]]</center>
 +
| Chapter Meeting
 +
| Automatic CRL updates for the Apache Web server
 +
|-
 +
| 2011-06-14
 +
| <center>[[Image:person.png|20px|link=User:Disenchant]]</center>
 +
| <center>[[Image:location.png|20px|link=http://www.rheinfelder.ch/]]</center>
 +
| <center>[[Image:slides.png|20px|link=File:OWASP_Browser_Security.pdf]]</center>
 +
| Chapter Meeting
 +
| New Standards and upcoming Technologies in Browser Security (Slides by [https://www.owasp.org/index.php/User:Tgondrom Tobias Gondrom])
 +
|-
 +
| 2011-05-12
 +
| <center>[[Image:person.png|20px|link=User:Afontes]]</center>
 +
| <center>[[Image:location.png|20px|link=https://www.swisscyberstorm.com/]]</center>
 +
| <center>[[Image:slides.png|20px|link=https://www.owasp.org/index.php/File:SwissCyberStorm3-Do_you_know_OWASP.pdf]]</center>
 +
| Swiss Cyber Storm III
 +
| Do you know OWASP?
 +
|-
 +
| 2011-04-12
 +
| <center>[[Image:person.png|20px|link=https://www.xing.com/profiles/Alexandre_Herzog]]</center>
 +
| <center>[[Image:location.png|20px|link=http://www.rheinfelder.ch/]]</center>
 +
| <center>[[Image:slides.png|20px|link=File:20110412-aspnet_viewstate_security-alexandre.pdf]]</center>
 +
| Chapter Meeting
 +
| ASP.NET & ViewState Security
 +
|-
 +
| 2010-04-12
 +
| <center>[[Image:person.png|20px|link=https://www.xing.com/profiles/Tobias_Christen]]</center>
 +
| <center>[[Image:location.png|20px|link=http://www.rheinfelder.ch/]]</center>
 +
|
 +
| Chapter Meeting
 +
| Usability vs. Security
 +
|-
 +
| 2010-04-12
 +
| <center>[[Image:person.png|20px|link=https://www.xing.com/profiles/Michael_Tschannen]]</center>
 +
| <center>[[Image:location.png|20px|link=http://www.rheinfelder.ch/]]</center>
 +
|
 +
| Chapter Meeting
 +
| 2-factor authentication for mobile devices: a secure and practical approach
 +
|-
 +
| 2009-06-25
 +
| <center>[[Image:person.png|20px|Jerry Hoff]][[Image:person.png|20px|Jason Li]]</center>
 +
| <center>[[Image:location.png|20px|link=https://www.avantec.ch/]]</center>
 +
|
 +
| Chapter Meeting
 +
| Benefits of a security API such as ESAPI
 +
|-
 +
| 2009-06-25
 +
| <center>[[Image:person.png|20px|link=https://www.xing.com/profile/Bruno_Blumenthal]]</center>
 +
| <center>[[Image:location.png|20px|link=https://www.avantec.ch/]]</center>
 +
|
 +
| Chapter Meeting
 +
| Advanced SQL injection exploitation to operating system full control
 +
|-
 +
| 2009-04-07
 +
| <center>[[Image:person.png|20px|link=https://www.xing.com/profile/Tobias_Christen]]</center>
 +
| <center>[[Image:location.png|20px|link=https://www.avantec.ch/]]</center>
 +
|
 +
| Chapter Meeting
 +
| Open security architecture (www.opensecurityarchitecture.org)
 +
|-
 +
| 2009-04-07
 +
| <center>[[Image:person.png|20px|link=https://www.xing.com/profile/Cyrill_Brunschwiler]]</center>
 +
| <center>[[Image:location.png|20px|link=https://www.avantec.ch/]]</center>
 +
|
 +
| Chapter Meeting
 +
| XSRF and JSON hijacking & a hands-on session
 +
|-
 +
| 2008-09-08
 +
| <center>[[Image:person.png|20px|link=https://www.xing.com/profile/Pascal_Buchbinder]]</center>
 +
| <center>[[Image:location.png|20px|link=http://www.swissre.com/]]</center>
 +
|
 +
| Chapter Meeting
 +
| Quality of services for web applications (Hands-On Workshop)
 +
|-
 +
| 2008-09-08
 +
| <center>[[Image:person.png|20px|link=https://www.xing.com/profile/Cyrill_Brunschwiler]]</center>
 +
| <center>[[Image:location.png|20px|link=http://www.swissre.com/]]</center>
 +
|
 +
| Chapter Meeting
 +
| XML Security (Hands-On Workshop)
 +
|-
 +
| 2008-09-08
 +
| <center>[[Image:person.png|20px|link=https://www.xing.com/profile/Alessandro_Moretti]]</center>
 +
| <center>[[Image:location.png|20px|link=http://www.swissre.com/]]</center>
 +
|
 +
| Chapter Meeting
 +
| ISC2/Application security
 +
|-
 +
| 2008-04-01
 +
| <center>[[Image:person.png|20px|link=https://www.xing.com/profiles/Christian_Folini]]</center>
 +
| <center>[[Image:location.png|20px|link=https://www.ethz.ch/]]</center>
 +
|
 +
| Global OWASP Week
 +
| Taking Apache access logs to the next level
 +
|-
 +
| 2008-04-01
 +
| <center>[[Image:person.png|20px|link=https://www.xing.com/profiles/Alessandro_Moretti]]</center>
 +
| <center>[[Image:location.png|20px|link=https://www.ethz.ch/]]</center>
 +
|
 +
| Global OWASP Week
 +
| Implementing an Application Security Lifecycle programme
 +
|-
 +
| 2008-04-01
 +
| <center>[[Image:person.png|20px|link=User:Disenchant]]</center>
 +
| <center>[[Image:location.png|20px|link=https://www.ethz.ch/]]</center>
 +
|
 +
| Global OWASP Week
 +
| WebAppSec the Big Picture
 +
|-
 +
| 2007-12-11
 +
| <center>[[Image:person.png|20px|link=https://www.xing.com/profile/Thomas_Bader]]</center>
 +
| <center>[[Image:location.png|20px|link=http://www.zurich.com/]]</center>
 +
|
 +
| Chapter Meeting
 +
| Certified Secure Web
 +
|-
 +
| 2007-12-11
 +
| <center>[[Image:person.png|20px|link=https://www.xing.com/profile/Tobias_Christen]]</center>
 +
| <center>[[Image:location.png|20px|link=http://www.zurich.com/]]</center>
 +
|
 +
| Chapter Meeting
 +
| Secure Development Life Cycle
 +
|-
 +
| 2007-12-11
 +
| <center>[[Image:person.png|20px|Daniel Hulliger]]</center>
 +
| <center>[[Image:location.png|20px|link=http://www.zurich.com/]]</center>
 +
|
 +
| Chapter Meeting
 +
| Securing my Assets (Presentation & Demo)
 +
|-
 +
| 2007-09-20
 +
| <center>[[Image:person.png|20px|link=User:Disenchant]]</center>
 +
| <center>[[Image:location.png|20px|link=http://www.security-zone.info/]]</center>
 +
|
 +
| Security-Zone
 +
| OWASP Testing Guide
 +
|-
 +
| 2007-09-19
 +
| <center>[[Image:person.png|20px|link=User:Disenchant]]</center>
 +
| <center>[[Image:location.png|20px|link=http://www.security-zone.info/]]</center>
 +
|
 +
| Security-Zone
 +
| OWASP Top 10
 +
|-
 +
| 2007-07-24
 +
| <center>[[Image:person.png|20px|link=User:Disenchant]]</center>
 +
| <center>[[Image:location.png|20px|link=https://www.zurich.ch/]]</center>
 +
|
 +
| Chapter Meeting
 +
| OWASP - An Overview
 +
|-
 +
| 2007-07-24
 +
| <center>[[Image:person.png|20px|link=https://www.xing.com/profiles/Pierre_Parrend]]</center>
 +
| <center>[[Image:location.png|20px|link=https://www.zurich.ch/]]</center>
 +
| <center>[[Image:slides.png|20px|link=Mobile_Java_Security]]</center>
 +
| Chapter Meeting
 +
| Dependability for Java Mobile Code
 +
|-
 +
| 2007-07-24
 +
| <center>[[Image:person.png|20px|link=https://www.xing.com/profile/HansPeter_Waldegger]][[Image:person.png|20px|link=https://www.xing.com/profiles/Pascal_Buchbinder]]</center>
 +
| <center>[[Image:location.png|20px|link=https://www.zurich.ch/]]</center>
 +
|
 +
| Chapter Meeting
 +
| OWASP Top 10 (Demo)
 +
|-
 +
| 2007-04-26
 +
| <center>[[Image:person.png|20px|link=http://www.linkedin.com/in/bchess]]</center>
 +
| <center>[[Image:location.png|20px|link=https://www.zurich.ch/]]</center>
 +
|
 +
| Chapter Meeting
 +
| Risk metrics
 +
|-
 +
| 2007-02-12
 +
| <center>[[Image:person.png|20px|link=User:Disenchant]]</center>
 +
| <center>[[Image:location.png|20px|link=https://www.zurich.ch/]]</center>
 +
| <center>[[Image:slides.png|20px|link=File:20070212-xss_worms-disenchant.pdf]]</center>
 +
| Chapter Meeting
 +
| XSS-Worms
 +
|-
 +
| 2006-11-11
 +
| <center>[[Image:person.png|20px|link=User:Disenchant]]</center>
 +
|
 +
|
 +
| Chapter Meeting
 +
| OWASP Switzerland Chapter Kick-Off Meeting
 +
|}
  
 
= Participation  =
 
= Participation  =
  
OWASP Local Chapter meetings are free and open. Our chapter's meetings are informal and encourage open discussion of all aspects of application security. Anyone in our area interested in application security is welcome to attend. We encourage attendees to give short presentations about specific topics.  
+
OWASP Chapter meetings are free and open. Our chapter's meetings are informal and encourage open discussion of all aspects of application security. Anyone in our area interested in application security is welcome to attend. We encourage attendees to give short presentations about specific topics.  
  
 
<br> Our main topics are:  
 
<br> Our main topics are:  
  
 +
*DevOps
 
*Security testing  
 
*Security testing  
 
*Secure development  
 
*Secure development  
Line 168: Line 437:
 
*Secure Architectures
 
*Secure Architectures
  
<br> If you would like to give a presentation, or have any questions about the OWASP Switzerland Local Chapter, send an email to [mailto:sven.vetsch__AT__disenchant.ch Sven Vetsch].  
+
<br> If you would like to give a presentation (make sure that you have read and understood the [[Speaker_Agreement|speaker agreement]]), or have any questions about the OWASP Switzerland Chapter, send an email to [mailto:robert.schneider__AT__owasp.org Robert Schneider].  
 
 
= Twitter  =
 
 
 
<!-- Twitter Box --> {| | style="border: 1px solid rgb(204, 204, 204); width: 100%; font-size: 95%; color: rgb(0, 0, 0); background-color: rgb(236, 236, 236);" | '''You can follow us on Twitter as [http://twitter.com/OWASP_ch @OWASP_ch]''' <twitter>295722279</twitter>
 
 
 
| style="width: 110px; font-size: 95%; color: rgb(0, 0, 0);" | |}
 
  
 
= Sponsoring  =
 
= Sponsoring  =
  
Help us to make application security visible and become a supporter of the OWASP or our Local Chapter in Switzerland. All information about becoming a member/sponsor can be found at https://www.owasp.org/index.php/Membership
+
Help us to make application security visible and become a supporter of the OWASP or our Chapter in Switzerland. All information about becoming a member/sponsor can be found [[Membership|here]].
  
If your company is interested in supporting us directly, please contact [mailto:sven.vetsch__AT__disenchant.ch Sven Vetsch] to talk about the following sponsoring possibilities.  
+
If your company is interested in supporting us directly, please contact [mailto:sven.vetsch__AT__owasp.org Sven Vetsch] to talk about the following sponsoring possibilities.  
  
 
*Chapter Supporter  
 
*Chapter Supporter  
 
*Single Meeting Supporter  
 
*Single Meeting Supporter  
 
*Facility Sponsor  
 
*Facility Sponsor  
*Organization Supporters (allocating 40% of your annual donation to our Local Chapter)
+
*Organization Supporters (allocating 40% of your annual donation to our Chapter)
 +
<br>
 +
{{#widget:PayPal Donation
 +
|target=_blank
 +
|budget=OWASP Switzerland
 +
}}
 +
 
 +
= Chapter Material  =
  
= Local Chapter Material  =
+
Here you can find material related to the OWASP Switzerland Chapter.
  
Here you can find material related to the OWASP Switzerland Local Chapter.  
+
'''OWASP Switzerland bylaws (in German)'''<br> [[Media:Bylaws owasp switzerland.pdf|Download bylaws]]
  
'''OWASP Switzerland bylaws (in German)'''<br> [[Image:Bylaws owasp switzerland.pdf|Download bylaws]] <!--
+
'''OWASP Switzerland Update Presentation (December 13th 2011)'''<br> [[Media:Owasp update presentation.pdf|Download Presentation]]
= History =
 
a history text
 
-->
 
  
<headertabs />
+
<headertabs></headertabs>
  
<paypal>Switzerland</paypal> <!--
+
{| cellspacing="15"
Chapter Supporter: {{MemberLinks|link=http://www.gwu.edu|logo=Gw_stack_black.gif}}&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;  Refreshment Sponsor: [[image:Securicon.gif]]
+
|-
-->
+
| [[Image:Mailinglist_button.png|62px|link=https://groups.google.com/a/owasp.org/forum/#!forum/switzerland-chapter]]
 +
| [[Image:Meetup-logo.png|62px|link=https://www.meetup.com/de-DE/OWASPSwitzerland/]]
 +
|}
  
[[Category:OWASP_Chapter]] [[Category:Switzerland]] [[Category:Europe]]
+
[[Category:OWASP_Chapter]]  
 +
[[Category:Switzerland]]  
 +
[[Category:Europe]]

Latest revision as of 21:38, 10 December 2019


OWASP Switzerland Chapter Logo

Welcome to the Home Page of the OWASP Switzerland Chapter.

  • If you want to give a talk, provide a venue or in case of other questions regarding this chapter - just ping one of our Chapter Leaders: Sven Vetsch and Robert Schneider.
  • Please join us on Meetup and/or subscribe to our (low-traffic) mailing list for meeting announcements and other news related to OWASP in Switzerland.


If you're living in the French speaking part of Switzerland, please also visit the OWASP Geneva chapter for more information.

Please see our list of upcoming meetings on Meetup:

See our planned meeting and register for them here



Please see our list of past meetings on Meetup:

See our past meeting and register for them here





Previous meetings "prior" Meetup:

Date Speaker Host Slides Event Topic
2017-08-16
Person.png
Location.png
Slides.png
Chapter Meeting Introducing the OWASP ModSecurity Core Rule Set 3.0
2016-10-04
Person.png
Location.png
Slides.png
Chapter Meeting Bug Bounty programs in Switzerland?
2016-06-07
Person.png
Location.png
Slides.png
Chapter Meeting XSSI - The Tale of a Fameless but Widespread Vulnerability
2015-12-15
Person.png
Person.png
Location.png
Slides.png
Slides.png
Chapter Meeting Top X OAuth 2 Hacks
Reliable log data transfer: about syslog, logstash and log data signing
2015-10-14
Person.png
Location.png
Slides.png
Chapter Meeting Application Security Testing by Static Code Analysis
2015-08-19
Person.pngPerson.pngPerson.pngPerson.png
Location.png
Chapter Meeting BarCamp
2015-06-17
Person.pngPerson.png
Location.png
Slides.png
Chapter Meeting XSLT Processing Security and Server Side Request Forgeries
2015-04-15
Person.png
Location.png
Slides.png
Chapter Meeting Android apps in sheep's clothing
2015-02-18
Person.png
Location.png
Slides.png
Chapter Meeting Abusing JSONP with Rosetta Flash
2014-12-10
Person.png
Location.png
Chapter Meeting OWASP Switzerland Fondue
2014-11-12
Person.png
Location.png
Slides.png
Chapter Meeting Living on the Edge - Advanced ModSecurity to Save Your Ass
2014-08-20
Person.png
Location.png
Slides.png
Chapter Meeting (Client-Side) Flash Security
2014-06-17
Person.png
Location.png
Slides.png
Chapter Meeting XSS and beyond
2014-04-09
Person.png
Location.png
Slides.png
Chapter Meeting SSL/TLS jungle - bringing light into the cipher forest
2014-02-19
Person.png
Location.png
Slides.png
Chapter Meeting S-SDLC – Ready for the Cloud?
2013-12-17
Person.png
Location.png
Chapter Meeting Annual Review & Outlook
2013-10-22
Person.png
Location.png
Slides.png
Chapter Meeting Advances in secure (ASP).NET development – Break the hacker's spirit
2013-10-22
Person.png
Location.png
Slides.png
Chapter Meeting Node.js Security
2013-04-09
Person.png
Location.png
Chapter Meeting Tools (not) to use
2012-09-19
Person.png
Location.png
Slides.png
Security-Zone OWASP Top 10 Mobile Risks
2012-06-12
Person.png
Location.png
Chapter Meeting Reversing Android Apps
2012-02-14
Person.png
Location.png
Chapter Meeting Analysis of the RSA Security Breach
2011-12-13
Person.png
Location.png
Chapter Meeting AppSec - Why is it important
2011-12-13
Person.pngPerson.png
Location.png
Chapter Meeting Dangers of Firefox Add-On's
2011-10-11
Person.png
Location.png
Chapter Meeting Presentation of the OWASP Top 10 & a hands-on session
2011-08-09
Person.png
Location.png
Chapter Meeting Foundation of OWASP Switzerland Association
2011-06-14
Person.png
Location.png
Slides.png
Chapter Meeting Automatic CRL updates for the Apache Web server
2011-06-14
Person.png
Location.png
Slides.png
Chapter Meeting New Standards and upcoming Technologies in Browser Security (Slides by Tobias Gondrom)
2011-05-12
Person.png
Location.png
Slides.png
Swiss Cyber Storm III Do you know OWASP?
2011-04-12
Person.png
Location.png
Slides.png
Chapter Meeting ASP.NET & ViewState Security
2010-04-12
Person.png
Location.png
Chapter Meeting Usability vs. Security
2010-04-12
Person.png
Location.png
Chapter Meeting 2-factor authentication for mobile devices: a secure and practical approach
2009-06-25
Jerry HoffJason Li
Location.png
Chapter Meeting Benefits of a security API such as ESAPI
2009-06-25
Person.png
Location.png
Chapter Meeting Advanced SQL injection exploitation to operating system full control
2009-04-07
Person.png
Location.png
Chapter Meeting Open security architecture (www.opensecurityarchitecture.org)
2009-04-07
Person.png
Location.png
Chapter Meeting XSRF and JSON hijacking & a hands-on session
2008-09-08
Person.png
Location.png
Chapter Meeting Quality of services for web applications (Hands-On Workshop)
2008-09-08
Person.png
Location.png
Chapter Meeting XML Security (Hands-On Workshop)
2008-09-08
Person.png
Location.png
Chapter Meeting ISC2/Application security
2008-04-01
Person.png
Location.png
Global OWASP Week Taking Apache access logs to the next level
2008-04-01
Person.png
Location.png
Global OWASP Week Implementing an Application Security Lifecycle programme
2008-04-01
Person.png
Location.png
Global OWASP Week WebAppSec the Big Picture
2007-12-11
Person.png
Location.png
Chapter Meeting Certified Secure Web
2007-12-11
Person.png
Location.png
Chapter Meeting Secure Development Life Cycle
2007-12-11
Daniel Hulliger
Location.png
Chapter Meeting Securing my Assets (Presentation & Demo)
2007-09-20
Person.png
Location.png
Security-Zone OWASP Testing Guide
2007-09-19
Person.png
Location.png
Security-Zone OWASP Top 10
2007-07-24
Person.png
Location.png
Chapter Meeting OWASP - An Overview
2007-07-24
Person.png
Location.png
Slides.png
Chapter Meeting Dependability for Java Mobile Code
2007-07-24
Person.pngPerson.png
Location.png
Chapter Meeting OWASP Top 10 (Demo)
2007-04-26
Person.png
Location.png
Chapter Meeting Risk metrics
2007-02-12
Person.png
Location.png
Slides.png
Chapter Meeting XSS-Worms
2006-11-11
Person.png
Chapter Meeting OWASP Switzerland Chapter Kick-Off Meeting

OWASP Chapter meetings are free and open. Our chapter's meetings are informal and encourage open discussion of all aspects of application security. Anyone in our area interested in application security is welcome to attend. We encourage attendees to give short presentations about specific topics.


Our main topics are:

  • DevOps
  • Security testing
  • Secure development
  • Hacking
  • Secure Architectures


If you would like to give a presentation (make sure that you have read and understood the speaker agreement), or have any questions about the OWASP Switzerland Chapter, send an email to Robert Schneider.

Help us to make application security visible and become a supporter of the OWASP or our Chapter in Switzerland. All information about becoming a member/sponsor can be found here.

If your company is interested in supporting us directly, please contact Sven Vetsch to talk about the following sponsoring possibilities.

  • Chapter Supporter
  • Single Meeting Supporter
  • Facility Sponsor
  • Organization Supporters (allocating 40% of your annual donation to our Chapter)


Here you can find material related to the OWASP Switzerland Chapter.

OWASP Switzerland bylaws (in German)
Download bylaws

OWASP Switzerland Update Presentation (December 13th 2011)
Download Presentation

Mailinglist button.png Meetup-logo.png