Welcome to the Tampa chapter homepage. Anyone in our area interested in information security is welcome to attend. Our meetings are informal and encourage open discussion of all aspects of application security. We invite attendees to give short presentations about specific topics.
We have a mailing list at: https://lists.owasp.org/mailman/listinfo/owasp-tampa
If you have any questions about the Tampa chapter, please send an email to the chapter leaders via the above mailing list:
Join the OWASP Tampa LinkedIn group here.
A reminder that CISSPs can earn 1 CPE credit for every hour of attendance at OWASP meetings.
OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.
to this chapter or become a local chapter supporter. Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member?
Date: September 30th, 2016
Time: 11:30am - 1:00pm
Description: Join us for a Lunch & Learn session scheduled for Friday, September 30th from 11:30am to 1:00pm! Food and a fantastic presentation will be provided. Please RSVP to reserve your spot today! Speaker details will be announced soon.
Food Sponsor: ARCCorp
Red Team Operating in a modern environment: Learning to live off of the land - Jonathan Echavarria
Description: It's not 2006 anymore, modern enterprises typically have powerful and varied defenses in place, or at least that's what they want you to believe. From network protections to advanced host based protections, you'll learn how these protections are typically deployed in an enterprise, and why they aren't doing anywhere near as much as they should be, and understand how to see these tools from a red team perspective.
Speaker Bio: Jonathan Echavarria works as a Red Team Operator for ReliaQuest, an IT Security Services company based out of Tampa, Florida. His areas of focus are offensive operations, malware and exploit development.
12470 Telecom Drive #400
Temple Terrace, FL 33637
2016-Q3 - Red Team Operating in a modern environment - Jonathan Echavarria - Presentation Slides
2016-Q2 - OpenSAMM Software Assurance Maturity Model - Eoin Fitzpatrick - Presentation Slides here
2016-Q1 - AppSec Pipeline: Application Security in a world of Agile Development, Continuous Change and DevOps - Doug Morato - Presentation Slides here
2015-Q4 - Care & Feeding of Programmers-Addressing App Sec Gaps with Headers - Sunny Wear - Presentation Slides here
2015-Q4 - Secure Session Management - Brian Beaudry - Presentation Slides here
OWASP Tampa Day 2014 - Shadow IT Does Not Have To Be Shady - Scott VanWart - Presentation Slides here
OWASP Tampa Day 2014 - Offensive Mobile Forensics - Joey Peloquin - Presentation Slides here
OWASP Tampa Day 2014 - OWASP Top 10 for MVC 4 and Greater - James Davis - Presentation Slides here
OWASP Tampa Day 2014 - Application Centric Mobile Application Security Model - Daniel Bender - Presentation Slides here
OWASP Tampa Day 2014 - Intern down for what? - Tony Turner - Presentation Slides here
2014-Q3 - Do we really know the OWASP Top 10? - Jon Singer - Presentation Slides here
2014-Q1 - Herding Cats - Carl Brothers - Presentation Slides here
2014-Q1 - The Enemy Within - Ramece Cave - Presentation Slides here
OWASP Tampa Day 2013 - Securing Your Applications' Data With Web Application Firewalls - Dennis K. Usle - Presentation Slides here
OWASP Tampa Day 2013 - Bring Your Own Service - Doug Maul - Presentation Slides here
OWASP Tampa Day 2013 - Design Consideration & Guiding Principles for Implementing Cloud Security - Bill Sterns - Presentation Slides here
OWASP Tampa Day 2013 - Let's Get Right To The Endpoint - Mel Pless - Presentation Slides here
OWASP Tampa Day 2013 - Vulnerability Management That Works - Tony Turner - Presentation Slides here
2012-Q3 - Taming the B.E.A.S.T. - Richard Newman - Presentation Slides here
OWASP Tampa Day 2012 - Changing the Game - Jason Kent - Presentation Slides here
OWASP Tampa Day 2012 - MDM Technical Presentation - Keith Katz - Presentation Slides here
OWASP Tampa Day 2012 - Federated Identities in the Real World - Nathan Sargent - Presentation Slides here
OWASP Tampa Day 2012 - Define and Optimize Your Approach to Application Security - Bruce Jenkins - Presentation Slides here
OWASP Tampa Day 2012 - Anonymous: Lessons Learned - Bill Church - Presentation Slides here
2012-Q1 - Protecting Against SQLi in Real-Time - Stuart Hancock - Presentation Slides here
2011-Q4 - How Not to Build Android Apps - Jack Mannino - Presentation Slides here
2011-Q4 - Behind Enemy Lines: Practical & Triage Approaches to Mobile Security Abroad - Justin Morehouse - Presentation Slides here
2011-Q3 - Hiding in Plain Sight - Ramece Cave - Presentation Slides here
2011-Q3 - PCI Compliance 2.0 - Kate Mullin - Presentation Slides here
OWASP Tampa Day 2011 - PCI for Developers: Lessons from the Real World - Trevor Hawthorn - Presentation Slides here
OWASP Tampa Day 2011 - Top Website Vulnerabilities: Trends, Business Effects and How to Fight Them - Rinaldi Rampen - Presentation Slides here
OWASP Tampa Day 2011 - How to Defend the Universe from Evil-doers: A Guide for Software Developers and Security Teams - Bruce Jenkins - Presentation Slides here
OWASP Tampa Day 2011 - Analysis of Deadly Combination of XSS and CSRF - Sherif Koussa - Presentation Slides here
2011-Q1 - Real Lessons of Deploying Static Analysis in Development Groups - Jeff LoSapio - Presentation Slides here
2011-Q1 - Intelligence Gathering for Penetration Testers: Opening Doors with Metadata - Chris Patten - Presentation Slides here
2011-Q1 - Vulnerability Management in an IPv6 World - Richard Newman & Brett McKinney - Presentation Slides here
2010-Q4 - Nessus Bridge for Metasploit - Zate Berg - Presentation Slides here
2010-Q2 - Stealing Guests...The VMware Way - Justin Morehouse & Tony Flick - Presentation slides here
2010-Q1 - The New World of Smartphone Security - Trevor Hawthorn - Presentation slides here
2009-Q3 - Hacking the Smart Grid - Tony Flick - Presentation slides here
2009-Q2 - Open SAMM - Zate Berg - Presentation slides here
2009-Q1 - XSS Anonymous Browser - Matt Flick - Presentation slides here
2008-Q4 - Google Code Search : The pitfalls of Copy/Paste - Tony Flick - Presentation slides here