This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Tampa"

From OWASP
Jump to: navigation, search
m (ssss)
 
(229 intermediate revisions by 8 users not shown)
Line 1: Line 1:
== Welcome to the OWASP Tampa Local Chapter ==
+
{{Chapter Template|chaptername=Tampa|extra=Anyone in our area interested in information security is welcome to attend. Our meetings are informal and encourage open discussion of all aspects of application security. We invite attendees to give short presentations about specific topics.
  
<paypal>Tampa</paypal>
+
We have a mailing list at: https://groups.google.com/a/owasp.org/d/forum/tampa-chapter
  
Anyone in our area interested in information security is welcome to attend. Our meetings are informal and encourage open discussion of all aspects of application security. We invite attendees to give short presentations about specific topics.
+
If you have any questions about the Tampa chapter, please send an email to the chapter leaders via the above mailing list:
 +
* [mailto:jon.singer@owasp.org Jonathan Singer] - Co-Leader
 +
* [mailto:sunny.wear@owasp.org Sunny Wear] - Co-Leader
 +
* Nestor Torres - Chapter Coordinator
 +
* Charlie Marval - Chapter Coordinator
  
We have a mailing list at: https://lists.owasp.org/mailman/listinfo/owasp-tampa
+
The Tampa chapter is sponsored by:
 +
We are looking for sponsors!
  
If you have any questions about the Tampa chapter, please send an email to the chapter leader [mailto:justin.morehouse@gmail.com Justin Morehouse].
+
Join the OWASP Tampa LinkedIn group [https://www.linkedin.com/groups/2897535/profile here].  
  
The Tampa chapter is currently looking for a sponsor. Please email the chapter leader if you are interested in emailing the Tampa chapter.
+
Join the OWASP Tampa Facebook group [https://www.facebook.com/owasptampa/ here].
  
== Local News ==
+
A reminder that CISSPs can earn 1 CPE credit for every hour of attendance at OWASP meetings.
 +
|mailinglistsite=https://groups.google.com/a/owasp.org/d/forum/tampa-chapter
 +
=https://groups.google.com/a/owasp.org/d/forum/tampa-chapter
 +
}}
  
We're looking for a venue to hold our first meeting. I've discussed ideal locations with a number of interested people, and we came up with Ybor, Downtown, or New Tampa so that we can be central to folks from all of the area counties. If you are interested in offering up some space, please send an email to [email protected]. We'll need room for 10-20 people and a projector, if possible.
+
== Next Meeting  ==
  
Everyone is welcome to join us at our chapter meetings.
+
Date:
  
== Next Meeting ==
+
* Friday, February 7, 2020
  
Our next meeting (and first for that matter) will be held on '''Wednesday, November 19, 2008''' from '''6:30 PM to 9:00 PM'''. The meeting will be held at the [http://www.kforce.com Kforce] building in Ybor. The address is:
+
Time:
  
[http://maps.google.com/maps?f=q&hl=en&geocode=&q=1001+East+Palm+Ave.+Tampa,+FL+33605&ie=UTF8&ll=27.962812,-82.449324&spn=0.008642,0.01899&z=16&g=1001+East+Palm+Ave.+Tampa,+FL+33605&iwloc=addr 1001 East Palm Ave. Tampa, FL 33605]
+
* 11:30am - 1:00pm
  
Park in the Visitor spaces in the main parking lot that is off of East Palm Avenue. You will need to identify yourself at the security desk and ask how to get to Training Room B.
+
Description:
  
We are still looking for our speaker. If you are interested in speaking or have an interest in a specific topic, email the [http://lists.owasp.org/mailman/listinfo/owasp-Tampa Mailing List].
+
* OWASP Tampa Q1 Lunch and Learn Meeting 2020
  
[[Category:OWASP Chapter]]
+
Location:
 +
* '''SecureSet Academy''' 1915 N Avenida Republica de Cuba #3622
 +
Tampa, FL 33605
 +
Registration: https://owasp-tampa-chapter-q1-lunch-n-learn-2020.eventbrite.com
 +
 
 +
AGENDA:
 +
  Announcements 
 +
  Speaker
 +
 
 +
 
 +
DESCRIPTION:  
 +
 
 +
Join us for OWASP Tampa Q1 Lunch and Learn!
 +
 
 +
'''Speaker:'''
 +
 
 +
'''Mila Paul'''
 +
 
 +
Title: SECURE YOUR SPRING BOOT APP WITH SPRING SECURITY AND OAUTH 2.0
 +
 
 +
Description: 
 +
PART 1: INTRODUCTION TO SECURITY IN WEB APPS (WHY DO I CARE) AND SPRING SECURITY
 +
 
 +
PART 2: BUILD APP WITH SPRING SECURITY OAUTH2 AND TEST IT
 +
 
 +
PART 3: OTHER OPTIONS WITH SPRING SECURITY
 +
 
 +
Bio: Mila Paul is adjunct faculty in Computer and Cyber Sciences and also has courses for certificates for secure web development and blockchain on Openclassrooms.com and Amesite.com. Her interest in cybersecurity began in her work as a defense contractor in the Middle East for twelve years. Now she enjoys teaching, blockchain startups and music production.
 +
 
 +
 
 +
== Presentation Archives  ==
 +
 
 +
2019-Q1 - Application Security in an Ever Changing Digital Landscape - Trace Hollifield - Presentation Slides [[:File:Dev Sec Ops 2019-03.pdf|here]]
 +
 
 +
2016-Q4 - Mark Villinski, Kaspersky - Unlock the Key to Repel Ransomware, Major General Oleg D. Kalugin, Formerly with KGB and author of "Spymaster", John Ford- Defend Trade Secrets Act of 2016, Steve Obeck, Tanium- Security Hygiene, Jeremy Rasmussen, Cybersecurity Director of Abacode - “Incident Response and Investigations: Tales from the Trenches”
 +
 
 +
2016-Q3 - Red Team Operating in a modern environment - Jonathan Echavarria - Presentation Slides [https://www.owasp.org/images/4/4b/Red_Team_Operating_in_a_Modern_Environment.pdf here]
 +
 
 +
2016-Q2 - OpenSAMM Software Assurance Maturity Model - Eoin Fitzpatrick - Presentation Slides [https://www.owasp.org/images/b/bd/OpenSAMM_Overview.pdf here]
 +
 
 +
2016-Q1 - AppSec Pipeline: Application Security in a world of Agile Development, Continuous Change and DevOps - Doug Morato - Presentation Slides [https://www.owasp.org/images/e/ef/OWASP_Tampa_-_02_19_2016_-_AppSec_Pipeline.pdf here]
 +
 
 +
2015-Q4 - Care & Feeding of Programmers-Addressing App Sec Gaps with Headers - Sunny Wear - Presentation Slides [https://www.owasp.org/images/d/d3/Care_%26_Feeding_of_Programmers_-Addressing_App_Sec_Gaps_with_Headers.pdf here]
 +
 
 +
2015-Q4 - Secure Session Management - Brian Beaudry - Presentation Slides [http://www.slideshare.net/gpsec/secure-session-management here]
 +
 
 +
OWASP Tampa Day 2014 - Shadow IT Does Not Have To Be Shady - Scott VanWart - Presentation Slides [https://www.owasp.org/images/b/b8/OTD_2014_-_Shadow-IT-Shady-FINAL.pdf here]
 +
 
 +
OWASP Tampa Day 2014 - Offensive Mobile Forensics - Joey Peloquin - Presentation Slides [https://www.owasp.org/images/0/06/OTD_2014_-_OMF_GPS.pdf here]
 +
 
 +
OWASP Tampa Day 2014 - OWASP Top 10 for MVC 4 and Greater - James Davis - Presentation Slides [https://www.owasp.org/images/c/cb/OTD_2014_-_OWASPTop10forMVC.pdf here]
 +
 
 +
OWASP Tampa Day 2014 - Application Centric Mobile Application Security Model - Daniel Bender - Presentation Slides [https://www.owasp.org/images/4/42/OTD_2014_-_owasp-mobile.pdf here]
 +
 
 +
OWASP Tampa Day 2014 - Intern down for what? - Tony Turner - Presentation Slides [https://www.owasp.org/images/0/05/InternDown4What_edit.pdf here]
 +
 
 +
2014-Q3 - Do we really know the OWASP Top 10? - Jon Singer - Presentation Slides [https://www.owasp.org/images/3/34/Do_we_really_know_the_OWASP_Top_10.pdf here]
 +
 
 +
2014-Q1 - Herding Cats - Carl Brothers - Presentation Slides [https://www.owasp.org/images/f/fc/Herding_Cats_-_OWASP%2C_Tampa_3-12-2014.pdf here]
 +
 
 +
2014-Q1 - The Enemy Within - Ramece Cave - Presentation Slides [https://www.owasp.org/images/c/c2/TheEnemyWithin.pdf here]
 +
 
 +
OWASP Tampa Day 2013 - Securing Your Applications' Data With Web Application Firewalls - Dennis K. Usle - Presentation Slides [https://www.owasp.org/images/b/b7/Securing_your_Applications_%26_Data_With_Web_Application_Firewalls.pdf here]
 +
 
 +
OWASP Tampa Day 2013 - Bring Your Own Service - Doug Maul - Presentation Slides [https://www.owasp.org/images/e/e2/Bring_Your_Own_Service.pdf here]
 +
 
 +
OWASP Tampa Day 2013 - Design Consideration & Guiding Principles for Implementing Cloud Security - Bill Sterns - Presentation Slides [https://www.owasp.org/images/4/47/Design_considerations_and_Guiding_Principles_for_Implementing_Cloud_Security.pdf here]
 +
 
 +
OWASP Tampa Day 2013 - Let's Get Right To The Endpoint - Mel Pless - Presentation Slides [https://www.owasp.org/images/e/e5/Let%E2%80%99s_Get_Right_To_The_Endpoint.pdf here]
 +
 
 +
OWASP Tampa Day 2013 - Vulnerability Management That Works - Tony Turner - Presentation Slides [https://www.owasp.org/images/2/2f/Vulnerability_Management_That_Works.pdf here]
 +
 
 +
2012-Q3 - Taming the B.E.A.S.T. - Richard Newman - Presentation Slides [https://www.owasp.org/images/1/10/Taming_the_B.E.A.S.T..pdf here]
 +
 
 +
OWASP Tampa Day 2012 - Changing the Game - Jason Kent - Presentation Slides [https://www.owasp.org/images/0/04/OWASP_Changing_the_Game_-_Jason_Kent.pdf here]
 +
 
 +
OWASP Tampa Day 2012 - MDM Technical Presentation - Keith Katz - Presentation Slides [https://www.owasp.org/images/a/a4/Zenprise_Technical_Presentation_-_Keith_Katz.pdf here]
 +
 
 +
OWASP Tampa Day 2012 - Federated Identities in the Real World - Nathan Sargent - Presentation Slides [https://www.owasp.org/images/7/78/Federated_Identities_in_the_Real_World_-_Nathan_Sargent.pdf here]
 +
 
 +
OWASP Tampa Day 2012 - Define and Optimize Your Approach to Application Security - Bruce Jenkins - Presentation Slides [https://www.owasp.org/images/8/8a/Define_and_Optimize_Your_Approach_to_Application_Security_-_Bruce_Jenkins.pdf here]
 +
 
 +
OWASP Tampa Day 2012 - Anonymous: Lessons Learned - Bill Church - Presentation Slides [https://www.owasp.org/images/a/a1/Anonymous_-_Lessons_Learned_-_Bill_Church.pdf here]
 +
 
 +
2012-Q1 - Protecting Against SQLi in Real-Time - Stuart Hancock - Presentation Slides [https://www.owasp.org/index.php/File:DBN-OWASP_Presentation.pdf here]
 +
 
 +
2011-Q4 - How Not to Build Android Apps - Jack Mannino - Presentation Slides [https://www.owasp.org/images/8/86/HowNotToBuildAndroidApps2.pdf here]
 +
 
 +
2011-Q4 - Behind Enemy Lines: Practical & Triage Approaches to Mobile Security Abroad - Justin Morehouse - Presentation Slides [http://www.slideshare.net/mascasa/behind-enemy-lines-practical-triage-approaches-to-mobile-security-abroad here]
 +
 
 +
2011-Q3 - Hiding in Plain Sight - Ramece Cave - Presentation Slides [https://www.owasp.org/images/2/28/Hiding_in_Plain_Sight.pdf here]
 +
 
 +
2011-Q3 - PCI Compliance 2.0 - Kate Mullin - Presentation Slides [https://www.owasp.org/images/6/67/PCI_Compliance_9_2011.pdf here]
 +
 
 +
OWASP Tampa Day 2011 - PCI for Developers: Lessons from the Real World - Trevor Hawthorn - Presentation Slides [https://www.owasp.org/images/f/f7/OTD2011-TH.pdf here]
 +
 
 +
OWASP Tampa Day 2011 - Top Website Vulnerabilities: Trends, Business Effects and How to Fight Them - Rinaldi Rampen - Presentation Slides [https://www.owasp.org/images/a/aa/OTD2011-RR.pdf here]
 +
 
 +
OWASP Tampa Day 2011 - How to Defend the Universe from Evil-doers: A Guide for Software Developers and Security Teams - Bruce Jenkins - Presentation Slides [https://www.owasp.org/images/1/12/OTD2011-BJ.pdf here]
 +
 
 +
OWASP Tampa Day 2011 - Analysis of Deadly Combination of XSS and CSRF - Sherif Koussa - Presentation Slides [https://www.owasp.org/images/8/8c/OTD2011-SK.pdf here]
 +
 
 +
2011-Q1 - Real Lessons of Deploying Static Analysis in Development Groups - Jeff LoSapio - Presentation Slides [http://www.owasp.org/images/3/3b/TampaOWASP_March2011.pdf here]
 +
 
 +
2011-Q1 - Intelligence Gathering for Penetration Testers: Opening Doors with Metadata - Chris Patten - Presentation Slides [http://www.owasp.org/images/a/ae/Intel_pen_owasp_Q1_2011.pdf here]
 +
 
 +
2011-Q1 - Vulnerability Management in an IPv6 World - Richard Newman &amp; Brett McKinney - Presentation Slides [http://www.owasp.org/images/f/fa/Vulnerability_Scanning_in_an_IPv6_World.pdf here]
 +
 
 +
2010-Q4 - Nessus Bridge for Metasploit - Zate Berg - Presentation Slides [http://www.scribd.com/doc/41173753/Nessus-Bridge-for-Metasploit here]
 +
 
 +
2010-Q2 - Stealing Guests...The VMware Way - Justin Morehouse &amp; Tony Flick - Presentation slides [http://www.fyrmassociates.com/pdfs/Stealing_Guests_The_VMware_Way-ShmooCon2010.pdf here]
 +
 
 +
2010-Q1 - The New World of Smartphone Security - Trevor Hawthorn - Presentation slides [http://www.stratumsec.net/sites/default/files/Stratum%20Security-The%20New%20World%20of%20Smartphone%20Security-Shmoocon%202010.pdf here]
 +
 
 +
2009-Q3 - Hacking the Smart Grid - Tony Flick - Presentation slides [http://www.owasp.org/images/d/df/HackingTheSmartGrid-OWASP_Tampa.pdf here]
 +
 
 +
2009-Q2 - Open SAMM - Zate Berg - Presentation slides [https://www.owasp.org/images/c/c3/Software_Assurance_Maturity_Model.pdf here]
 +
 
 +
2009-Q1 - XSS Anonymous Browser - Matt Flick - Presentation slides [https://www.owasp.org/images/b/bb/BlackHat-DC-09-Flick-XAB_Slides.pdf here]
 +
 
 +
2008-Q4 - Google Code Search&nbsp;: The pitfalls of Copy/Paste - Tony Flick - Presentation slides [https://www.owasp.org/images/5/5b/GoogleCodeSearch.pdf here]
 +
 
 +
[[Category:OWASP_Chapter]]
 +
[[Category:United States]]
 
[[Category:Florida]]
 
[[Category:Florida]]

Latest revision as of 16:45, 8 January 2020

OWASP Tampa

Welcome to the Tampa chapter homepage. Anyone in our area interested in information security is welcome to attend. Our meetings are informal and encourage open discussion of all aspects of application security. We invite attendees to give short presentations about specific topics.

We have a mailing list at: https://groups.google.com/a/owasp.org/d/forum/tampa-chapter

If you have any questions about the Tampa chapter, please send an email to the chapter leaders via the above mailing list:

The Tampa chapter is sponsored by: We are looking for sponsors!

Join the OWASP Tampa LinkedIn group here.

Join the OWASP Tampa Facebook group here.

A reminder that CISSPs can earn 1 CPE credit for every hour of attendance at OWASP meetings.


Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

Btn donate SM.gif to this chapter or become a local chapter supporter. Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG


Next Meeting

Date:

  • Friday, February 7, 2020

Time:

  • 11:30am - 1:00pm

Description:

  • OWASP Tampa Q1 Lunch and Learn Meeting 2020

Location:

  • SecureSet Academy 1915 N Avenida Republica de Cuba #3622

Tampa, FL 33605 Registration: https://owasp-tampa-chapter-q1-lunch-n-learn-2020.eventbrite.com

AGENDA:

 Announcements  
 Speaker
 

DESCRIPTION:  

Join us for OWASP Tampa Q1 Lunch and Learn!

Speaker:

Mila Paul

Title: SECURE YOUR SPRING BOOT APP WITH SPRING SECURITY AND OAUTH 2.0

Description:  PART 1: INTRODUCTION TO SECURITY IN WEB APPS (WHY DO I CARE) AND SPRING SECURITY

PART 2: BUILD APP WITH SPRING SECURITY OAUTH2 AND TEST IT

PART 3: OTHER OPTIONS WITH SPRING SECURITY

Bio: Mila Paul is adjunct faculty in Computer and Cyber Sciences and also has courses for certificates for secure web development and blockchain on Openclassrooms.com and Amesite.com. Her interest in cybersecurity began in her work as a defense contractor in the Middle East for twelve years. Now she enjoys teaching, blockchain startups and music production.


Presentation Archives

2019-Q1 - Application Security in an Ever Changing Digital Landscape - Trace Hollifield - Presentation Slides here

2016-Q4 - Mark Villinski, Kaspersky - Unlock the Key to Repel Ransomware, Major General Oleg D. Kalugin, Formerly with KGB and author of "Spymaster", John Ford- Defend Trade Secrets Act of 2016, Steve Obeck, Tanium- Security Hygiene, Jeremy Rasmussen, Cybersecurity Director of Abacode - “Incident Response and Investigations: Tales from the Trenches”

2016-Q3 - Red Team Operating in a modern environment - Jonathan Echavarria - Presentation Slides here

2016-Q2 - OpenSAMM Software Assurance Maturity Model - Eoin Fitzpatrick - Presentation Slides here

2016-Q1 - AppSec Pipeline: Application Security in a world of Agile Development, Continuous Change and DevOps - Doug Morato - Presentation Slides here

2015-Q4 - Care & Feeding of Programmers-Addressing App Sec Gaps with Headers - Sunny Wear - Presentation Slides here

2015-Q4 - Secure Session Management - Brian Beaudry - Presentation Slides here

OWASP Tampa Day 2014 - Shadow IT Does Not Have To Be Shady - Scott VanWart - Presentation Slides here

OWASP Tampa Day 2014 - Offensive Mobile Forensics - Joey Peloquin - Presentation Slides here

OWASP Tampa Day 2014 - OWASP Top 10 for MVC 4 and Greater - James Davis - Presentation Slides here

OWASP Tampa Day 2014 - Application Centric Mobile Application Security Model - Daniel Bender - Presentation Slides here

OWASP Tampa Day 2014 - Intern down for what? - Tony Turner - Presentation Slides here

2014-Q3 - Do we really know the OWASP Top 10? - Jon Singer - Presentation Slides here

2014-Q1 - Herding Cats - Carl Brothers - Presentation Slides here

2014-Q1 - The Enemy Within - Ramece Cave - Presentation Slides here

OWASP Tampa Day 2013 - Securing Your Applications' Data With Web Application Firewalls - Dennis K. Usle - Presentation Slides here

OWASP Tampa Day 2013 - Bring Your Own Service - Doug Maul - Presentation Slides here

OWASP Tampa Day 2013 - Design Consideration & Guiding Principles for Implementing Cloud Security - Bill Sterns - Presentation Slides here

OWASP Tampa Day 2013 - Let's Get Right To The Endpoint - Mel Pless - Presentation Slides here

OWASP Tampa Day 2013 - Vulnerability Management That Works - Tony Turner - Presentation Slides here

2012-Q3 - Taming the B.E.A.S.T. - Richard Newman - Presentation Slides here

OWASP Tampa Day 2012 - Changing the Game - Jason Kent - Presentation Slides here

OWASP Tampa Day 2012 - MDM Technical Presentation - Keith Katz - Presentation Slides here

OWASP Tampa Day 2012 - Federated Identities in the Real World - Nathan Sargent - Presentation Slides here

OWASP Tampa Day 2012 - Define and Optimize Your Approach to Application Security - Bruce Jenkins - Presentation Slides here

OWASP Tampa Day 2012 - Anonymous: Lessons Learned - Bill Church - Presentation Slides here

2012-Q1 - Protecting Against SQLi in Real-Time - Stuart Hancock - Presentation Slides here

2011-Q4 - How Not to Build Android Apps - Jack Mannino - Presentation Slides here

2011-Q4 - Behind Enemy Lines: Practical & Triage Approaches to Mobile Security Abroad - Justin Morehouse - Presentation Slides here

2011-Q3 - Hiding in Plain Sight - Ramece Cave - Presentation Slides here

2011-Q3 - PCI Compliance 2.0 - Kate Mullin - Presentation Slides here

OWASP Tampa Day 2011 - PCI for Developers: Lessons from the Real World - Trevor Hawthorn - Presentation Slides here

OWASP Tampa Day 2011 - Top Website Vulnerabilities: Trends, Business Effects and How to Fight Them - Rinaldi Rampen - Presentation Slides here

OWASP Tampa Day 2011 - How to Defend the Universe from Evil-doers: A Guide for Software Developers and Security Teams - Bruce Jenkins - Presentation Slides here

OWASP Tampa Day 2011 - Analysis of Deadly Combination of XSS and CSRF - Sherif Koussa - Presentation Slides here

2011-Q1 - Real Lessons of Deploying Static Analysis in Development Groups - Jeff LoSapio - Presentation Slides here

2011-Q1 - Intelligence Gathering for Penetration Testers: Opening Doors with Metadata - Chris Patten - Presentation Slides here

2011-Q1 - Vulnerability Management in an IPv6 World - Richard Newman & Brett McKinney - Presentation Slides here

2010-Q4 - Nessus Bridge for Metasploit - Zate Berg - Presentation Slides here

2010-Q2 - Stealing Guests...The VMware Way - Justin Morehouse & Tony Flick - Presentation slides here

2010-Q1 - The New World of Smartphone Security - Trevor Hawthorn - Presentation slides here

2009-Q3 - Hacking the Smart Grid - Tony Flick - Presentation slides here

2009-Q2 - Open SAMM - Zate Berg - Presentation slides here

2009-Q1 - XSS Anonymous Browser - Matt Flick - Presentation slides here

2008-Q4 - Google Code Search : The pitfalls of Copy/Paste - Tony Flick - Presentation slides here