owasp london chapter meeting 30th march 2017
play

OWASP London Chapter Meeting 30th March 2017 London Chapter - PowerPoint PPT Presentation

Jul 11, 2023 •675 likes •917 views

OWASP London Chapter Meeting 30th March 2017 London Chapter Chapter Leaders: Sam Stepanyan (@securestep9) Sherif Mansour (@kerberosmansour) Keeping In Touch: Join the OWASP London mailing list Follow

  1. OWASP London Chapter Meeting 
 30th March 2017

  2. 
 London Chapter Chapter Leaders: • Sam Stepanyan (@securestep9) • Sherif Mansour (@kerberosmansour) 
 Keeping In Touch: 
 ➤ Join the OWASP London mailing list 
 ➤ Follow @OWASPLondon on Twitter 
 ➤ “Like” OWASPLondon on Facebook 
 ➤ Subscribe to OWASPLondon Channel on YouTube 
 ➤ Chat with #chapter-london team owasp.Slack.com

  3. 
 Agenda • Networking, pizza & drinks • Welcome and OWASP Update - Sam Stepanyan & Sherif Mansour • Heroes vs Villains: Building an Application Security Program that Scales - Kevin Delaney • Lightning Talk: Bypassing CSRF Protections: A Double Defeat of the Double-Submit Cookie - David Johansson 
 - - - - - - -- - - - - break - - - - - -- - -- - -- - -- - -- - -- - - -- - -- - - • PostMessage Security in Chrome Extensions - Arseny Reutov • Networking & Beer

  4. OWASP • We are a Global not-for-profit charitable organisation • Focused on improving the security of software • Vendor-Neutral Community • Collective Wisdom of the Best Minds in Application Security Worldwide • Provide free tools, guidance, standards • All meetings are free to attend (* free beer included )

  5. Become a Member We are all VOLUNTEERS! (45,000 worldwide)

  6. Membership $50/year!

  7. London Chapter Supporters 


  8. OWASP Corporate Members

  9. Premier Members Premier members

  10. FREE eBook Essential Node.js Security for ExpressJS Web Applications Hands-on and abundant with source code for a practical guide to Securing Node.js web applications. https://bit.ly/freenodejsbook

  11. AppSec Europe 2017 8-12 May 2017, Belfast 
 Northern Ireland

  12. Belfast,Belfast! AppSecEurope 2017 - Call For Papers is OPEN! Submit your proposals!

  13. Training @ ApPSecEU 2017 Exploiting Websites by using offensive HTML, SVG, CSS and other Browser-Evil - Mario Heiderich Secure coding in Java - Robert Seacord Hands-on Mobile Application Exploitation - iOS & Android - Dinesh Shetty Hands on Web Exploitation with Python - Michael Born and Fred Donovan Systematically Breaking and Fixing Single Sign-On - Vladislav Mladenov and Christian Mainka Whiteboard Hacking aka Hands-on Threat Modeling - Sebastien Deleersnyder Making & Breaking Machine Learning Systems - Anto Joseph Clarence Chio Automating your own AppSec Pipeline with Docker and Serverless Computing - Aaron Weaver and Matt Tesauro Web Application Security Essentials - Fabio Cerullo Hands-on Workshop on Security in DevOps (SecDevOps) v 2.0 - Abhay Bhargav Smart lockpicking - hands-on exploiting software flaws in IoT - Slawomir Jasek

  14. OWASP Summit 2017 


  15. SUMMIT Workshops

  16. BSIDES London BSides London 2017 Biggest Community-Driven 
 InfoSec Conferenc e 07.June.2017 ILEC Conference Centre 47 Lillie Road London SW6 1UD WE WILL BE THERE!

  17. OWASP Code Sprint 2017 Flip bits! Not burgers! Goal The OWASP Code Sprint 2017 is a program that aims to provide incentives to students to contribute to OWASP projects. By participating in the OWASP Code Sprint 2017 a student can get real life experience while contributing to an open source project. A student that successfully completes the program will receive in total $1500. Duration: 2 months of full-time engagement.

  18. Talk time Main Talks: • Kevin Delaney • David Johansson • Arseny Reutov

  19. FREE eBook Essential Node.js Security for ExpressJS Web Applications Hands-on and abundant with source code for a practical guide to Securing Node.js web applications. https://bit.ly/freenodejsbook

  20. 
 Staying in Touch 
 OWASP London Keep in Touch – get informed about future events: Join The OWASP London Mailing List: http://lists.owasp.org/mailman/listinfo/owasp-london “Like” us on Facebook 
 Follow us on Twitter @ owasplondon https://www.facebook.com/OWASPLondon Watch us on YouTube : YouTube.com/OWASPLondon 
 Slack : owasp.slack.com #chapter-london 
 OWASP London Save The Dates of Future meetings: Visit OWASP London Chapter webpage https://www.owasp.org/index.php/London 18 May 2017

  21. Present Your Talk Call For Speakers For Future Events Do you have a great Web Application Security Related Talk? 3 Tracks: • Breakers Submit the abstract of your talk and your bio to: • Defenders owasplondon @ owasp .org • Builders

  22. 
 Thank You! Speakers: 
 Hosts for this event • Telegraph Media Group • David Johansson • Kevin Delaney • Arseny Reutov All slides will be published on OWASP.ORG and video recordings will be on YouTube in a few days • Attendees (you!)

  23. Pub Time! • Networking and Drinks at 
 THE VICTORIA 
 1 Lower Belgrave Street

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

OWASP London Chapter Meeting 28th September 2017 London Chapter Chapter Leaders: Sam

OWASP London Chapter Meeting 28th September 2017 London Chapter Chapter Leaders: Sam

OWASP London Chapter Meeting 28th September 2017 London Chapter Chapter Leaders: Sam Stepanyan (@securestep9) Sherif Mansour (@kerberosmansour) Chapter Events: Chapter Meetings at least once every 2 months Hackathon

381 views • 35 slides
OWASP London Chapter Meeting 23rd November 2017 London Chapter Chapter Leaders: Sam

OWASP London Chapter Meeting 23rd November 2017 London Chapter Chapter Leaders: Sam

OWASP London Chapter Meeting 23rd November 2017 London Chapter Chapter Leaders: Sam Stepanyan (@securestep9) Sherif Mansour (@kerberosmansour) Chapter Events: Chapter Meetings at least once every 2 months Hackathon

424 views • 29 slides
OWASP London Chapter Meeting 27th July 2017 London Chapter Chapter Leaders: Sam

OWASP London Chapter Meeting 27th July 2017 London Chapter Chapter Leaders: Sam

OWASP London Chapter Meeting 27th July 2017 London Chapter Chapter Leaders: Sam Stepanyan (@securestep9) Sherif Mansour (@kerberosmansour) Chapter Events: Chapter Meetings at least once every 2 months Hackathon &

564 views • 32 slides
Welcome to the OWASP Toronto Meetup Hello, and happy 2018! Announcement: OWASP Top 10 2017

Welcome to the OWASP Toronto Meetup Hello, and happy 2018! Announcement: OWASP Top 10 2017

Welcome to the OWASP Toronto Meetup Hello, and happy 2018! Announcement: OWASP Top 10 2017 Changes between 2013 and 2017 Hi, I am X. How do I get into AppSec/Security? OWASP Toronto Chapter January 17, 2018 Topics Overviews, Career Paths,

372 views • 36 slides
OpenSAMM Software Assurance Maturity Model Seba Deleersnyder seba@owasp.org OWASP Foundation

OpenSAMM Software Assurance Maturity Model Seba Deleersnyder seba@owasp.org OWASP Foundation

The OWASP Foundation Libre Software Meeting Brussels 10-July-2013 http://www.owasp.org OpenSAMM Software Assurance Maturity Model Seba Deleersnyder seba@owasp.org OWASP Foundation Board Member OWASP Belgium Chapter Leader SAMM project

682 views • 43 slides
OWASP Daniel Brzozowski daniel@brzozowski.biz Agenda 1. Few words about OWASP 2. Owasp resources

OWASP Daniel Brzozowski daniel@brzozowski.biz Agenda 1. Few words about OWASP 2. Owasp resources

OWASP Daniel Brzozowski daniel@brzozowski.biz Agenda 1. Few words about OWASP 2. Owasp resources 3. Setting up workstations 4. OWASP WebScarab/OWASP WebScarab-NG 5. O2 Platform About me In London since October 2010 Before that MCPD, MCTS,

747 views • 58 slides
Chapter Meeting OWASP_Geneva 2015/10/19 About Me Thomas Hofer Java DEV / AppSec

Chapter Meeting OWASP_Geneva 2015/10/19 About Me Thomas Hofer Java DEV / AppSec

OWASP Dependency-Check Chapter Meeting OWASP_Geneva 2015/10/19 About Me Thomas Hofer Java DEV / AppSec OWASP Geneva Board State of Geneva @thhofer thomas.hofer@owasp.org Outline Context How it works / Integration

335 views • 9 slides
UC.yber; OWASP Chapter The University of Cincinnati's Official Cybersecurity Chapter What is

UC.yber; OWASP Chapter The University of Cincinnati's Official Cybersecurity Chapter What is

UC.yber; OWASP Chapter The University of Cincinnati's Official Cybersecurity Chapter What is OWASP? Open Web Application Security Project Non-profit organization focused on improving security of software. They have some GREAT info on

372 views • 9 slides
Insecurity in Informaton Technology Tanya Janca Tanya.Janca@owasp.org OWASP Otawa Chapter

Insecurity in Informaton Technology Tanya Janca Tanya.Janca@owasp.org OWASP Otawa Chapter

Insecurity in Informaton Technology Tanya Janca Tanya.Janca@owasp.org OWASP Otawa Chapter Leader OWASP DevSlop Project Leader @SheHacksPurple About Me The Im Qualifed Slide Tanya Janca: Applicaton security evangelist, web

1k views • 82 slides
OWASP Summit 2017 Why, how, what, where (v0.9, Jan 2017) Close your eyes Imagine a place

OWASP Summit 2017 Why, how, what, where (v0.9, Jan 2017) Close your eyes Imagine a place

OWASP Summit 2017 Why, how, what, where (v0.9, Jan 2017) Close your eyes Imagine a place where (some of ) the best Application Security and OWASP minds come together to collaborate and work a meeting of minds focused on solving

770 views • 37 slides
New Privacy in Android 11 and OWASP Mobile Security Albert Hsieh OWASP 200

New Privacy in Android 11 and OWASP Mobile Security Albert Hsieh OWASP 200

New Privacy in Android 11 and OWASP Mobile Security Albert Hsieh OWASP 200 OWASP Flagship Projects Tool Projects OWASP Amass OWASP CSRFGuard OWASP Defectdojo OWASP Dependency-Check OWASP Dependency-Track

751 views • 55 slides
OWASP Foundation OWASP does not endorse or recommend commercial products or services , allowing our

OWASP Foundation OWASP does not endorse or recommend commercial products or services , allowing our

OWASP Foundation OWASP does not endorse or recommend commercial products or services , allowing our community to remain vendor neutral with the collective wisdom of the best minds in software security worldwide. OWASP Foundation, NYC Chapter

382 views • 23 slides
Cookie Security Myths and Misconceptions David Johansson OWASP London 30 Nov. 2017 About Me

Cookie Security Myths and Misconceptions David Johansson OWASP London 30 Nov. 2017 About Me

Cookie Security Myths and Misconceptions David Johansson OWASP London 30 Nov. 2017 About Me David Johansson (@securitybits) Security consultant with 10 years in AppSec Helping clients design and build secure software Develop

613 views • 32 slides
OWASP Top Ten Kirk Jackson OWASP NZ RedShield https://www.meetup.com/ kirk@pageofwords.com

OWASP Top Ten Kirk Jackson OWASP NZ RedShield https://www.meetup.com/ kirk@pageofwords.com

Introduction to the OWASP Top Ten Kirk Jackson OWASP NZ RedShield https://www.meetup.com/ kirk@pageofwords.com OWASP-Wellington/ http://hack-ed.com www.owasp.org.nz Recordings: @kirkj @owaspnz https://goo.gl/a2VSG2 What is OWASP? Open

880 views • 45 slides
Web Attacks Deian Stefan Slides from Zakir Durumeric and Dan Boneh OWASP Ten Most Critical Web

Web Attacks Deian Stefan Slides from Zakir Durumeric and Dan Boneh OWASP Ten Most Critical Web

Web Attacks Deian Stefan Slides from Zakir Durumeric and Dan Boneh OWASP Ten Most Critical Web Security Risks https://github.com/OWASP/Top10/blob/master/2017/OWASP%20Top%2010-2017%20(en).pdf Today

998 views • 78 slides
SQL Injection Attacks: A Quick Primer hassan.abudu@owasp.org OWASP Top 10 Vulnerabilities - 2017

SQL Injection Attacks: A Quick Primer hassan.abudu@owasp.org OWASP Top 10 Vulnerabilities - 2017

SQL Injection Attacks: A Quick Primer hassan.abudu@owasp.org OWASP Top 10 Vulnerabilities - 2017 Rank Name 1 Injection 2 Broken Authentication 3 Sensitive Data Exposure 4 XML External Entities 5 Broken Access Control 6 Security

682 views • 8 slides
Algorithms for NLP IITP, Fall 2019 Lecture 21: Machine Translation I Yulia Tsvetkov 1 Machine

Algorithms for NLP IITP, Fall 2019 Lecture 21: Machine Translation I Yulia Tsvetkov 1 Machine

Algorithms for NLP IITP, Fall 2019 Lecture 21: Machine Translation I Yulia Tsvetkov 1 Machine Translation from Dream of the Red Chamber Cao Xue Qin (1792) English: leg, foot, paw French: jambe, pied, patte, etape Challenges Ambiguities

1.4k views • 102 slides
NOC Flash Introduction Terena TF NOC , Ljubjana Slovenia february 15- 16 2011

NOC Flash Introduction Terena TF NOC , Ljubjana Slovenia february 15- 16 2011

NOC Flash Introduction Terena TF NOC , Ljubjana Slovenia february 15- 16 2011 havard.kusslid@uninett.no NOC Manager Network infrastructure Uninett operates its infrastructure on a 15 year long IRU (irrevokable right of use) agreement with

500 views • 10 slides
VT Social Media Best Practices FAIREN HORNER, VT SOCIAL MEDIA MANAGER SUSAN GILL, VT DIRECTOR OF

VT Social Media Best Practices FAIREN HORNER, VT SOCIAL MEDIA MANAGER SUSAN GILL, VT DIRECTOR OF

VT Social Media Best Practices FAIREN HORNER, VT SOCIAL MEDIA MANAGER SUSAN GILL, VT DIRECTOR OF NEW MEDIA APRI L 1 5 , 2 01 9 THE PRIMARY VT ACCOUNTS PAGE VS. GROUP: FACEBOOK GROUPS Facebook groups are built for small group communication

1.07k views • 32 slides
CS171 Visualization Alexander Lex alex@seas.harvard.edu Design Guidelines Tasks [xkcd] Next

CS171 Visualization Alexander Lex alex@seas.harvard.edu Design Guidelines Tasks [xkcd] Next

CS171 Visualization Alexander Lex alex@seas.harvard.edu Design Guidelines Tasks [xkcd] Next Week Lecture 7: Homework 2 Design Studio Lecture 8: Interaction Guest Lecture, Jean-Daniel Fekete (INRIA) Sections: D3 & JS: Data

1.48k views • 88 slides
Microsoft Teams for Teaching Online Kiruthika Ragupathi, CDTL | Alan Soong, CDTL | Wanyun, CIT

Microsoft Teams for Teaching Online Kiruthika Ragupathi, CDTL | Alan Soong, CDTL | Wanyun, CIT

Microsoft Teams for Teaching Online Kiruthika Ragupathi, CDTL | Alan Soong, CDTL | Wanyun, CIT https://wiki.nus.edu.sg/display/cit/Microsoft+Teams+for+Teaching Workshop Plan Understanding team types Setting up your class Organising

814 views • 43 slides
Welcome to Systems Security! (SysSec) Systems Security - Spring 2020 Introductions Meet Our

Welcome to Systems Security! (SysSec) Systems Security - Spring 2020 Introductions Meet Our

Welcome to Systems Security! (SysSec) Systems Security - Spring 2020 Introductions Meet Our Team! Aibek Zhylkaidarov Dewan Islam Andrew Mavrogeorgis Jay Chen Andrew Shi Lucas Crassidis Anthony Magrene

614 views • 25 slides
Strategic Communication: From Planning to Action June 11, 2018, 2:30-3:45pm ET Welcome! We

Strategic Communication: From Planning to Action June 11, 2018, 2:30-3:45pm ET Welcome! We

Strategic Communication: From Planning to Action June 11, 2018, 2:30-3:45pm ET Welcome! We will begin shortly. While you wait, please chat in Your Name, Your Organization, and the names of anyone else on the phone line with you .

1.05k views • 79 slides
DVTS on Public Service NextCom K.K. Hisaharu Shimazu 1 Background of the Developm ent e-Japan

DVTS on Public Service NextCom K.K. Hisaharu Shimazu 1 Background of the Developm ent e-Japan

DVTS on Public Service NextCom K.K. Hisaharu Shimazu 1 Background of the Developm ent e-Japan Project Super-Fast Netw ork e-Japan Project Super-Fast Netw ork It is

609 views • 21 slides

More recommend