This event has ended

OWASP Netherlands Chapter Meeting March 13th, 2013 Nijmegen NL

OWASP Netherlands Chapter

Wednesday, March 13, 2013 from 6:30 PM to 9:30 PM (CET)

Nijmegen, Netherlands

OWASP Netherlands Chapter Meeting March 13th, 2013...

Ticket Information

Type Remaining End Quantity
OWASP Netherlands Chapter Meeting March 13th, 2013 Nijmegen   more info 6 Tickets Ended Free  

Share OWASP Netherlands Chapter Meeting March 13th, 2013 Nijmegen NL

Event Details

OWASP Netherlands Chapter Meeting

March 13th, 2013 

"The Annual OWASP Netherlands Black Hat Edition Chapter meeting"

Every year around Black Hat Europe we try to get Internationally well know speakers to talk at a Chapter Meeting. This year Colin Watson and Georgia Weidman are on the agenda!

This chaptermeeting will be about web application logging, Access Control Design and the all new OWASP Cornucopia. 


Programme:

18:30 - 19:15  Registration & Pizza

19:15 - 19:35 "Record It" - Colin Watson

19:35 - 19:40  Break

19:40 - 20:25  “The smartphone penetration testing framework”- Georgia Weidman

20:25 - 20:30  Break

20:30 - 21:00  OWASP Cornucopia - Colin Watson

21:00 - 21:30  Networking


"Record It!”

Do you know security event information should be recorded by an application? Colin Watson will outline which event properties are useful, what should be avoided and how logging can be implemented. In this short presentation, the benefits of good application logging will also be described. 

 

The smartphone penetration testing framework

As smartphones enter the workplace, sharing the network and accessing sensitive data, it is crucial to be able to assess the security posture of these devices in much the same way we perform penetration tests on workstations and servers. However, smartphones have unique attack vectors that are not currently covered by available industry tools. The smartphone penetration testing framework, the result of a DARPA Cyber Fast Track project, aims to provide an open source toolkit that addresses the many facets of assessing the security posture of these devices. We will look at the functionality of the framework including information gathering, exploitation, social engineering, and post exploitation through both a traditional IP network and through the mobile modem, showing how this framework can be leveraged by security teams and penetration testers to gain an understanding of the security posture of the smartphones in an organization. We will also show how to use the framework through a command line console, a graphical user interface, and a smartphone based app. Demonstrations of the framework assessing multiple smartphone platforms will be shown.

 

OWASP Cornucopia

Microsoft's Escalation of Privilege (EoP) threat modelling card game has been refreshed into a new version more suitable for common web applications, and aligned with OWASP advice and guides. "OWASP Cornucopia - Ecommerce Web Application Edition" will be presented and used to demonstrate how it can help developers identify security requirements from the OWASP Secure Coding Practices - Quick Reference Guide. 


Colin Watson

Colin Watson is an application security consultant, based in London. He is project leader for the OWASP Codes of Conduct and OWASP Cornucopia projects, wrote the Application Logging Cheat sheet, contributes to a number of other OWASP projects including AppSensor,and is a member of the OWASP Global Industry Committee.

 

Georgia Weidman

Georgia Weidman is a penetration tester, security researcher, and trainer. She holds a Master of Science degree in computer science, secure software engineering, and information security as well as holding CISSP, CEH, NIST 4011, and OSCP certifications. Her work in the field of smartphone exploitation has been featured in print and on television internationally. She has presented her research at conferences around the world including Shmoocon, Hacker Halted, Security Zone, and Bsides. Georgia has delivered highly technical security training for conferences, schools, and corporate clients to excellent reviews. Building on her experience, Georgia recently founded Bulb Security LLC (http://www.bulbsecurity.com), a security consulting firm specializing in security assessments/penetration testing, security training, and research/development. She was awarded a DARPA Cyber Fast Track grant to continue her work in mobile device security.

Directions:

Heyendaalseweg 135, the big green building called "Huygensgebouw".

http://www.ru.nl/english/contact/how_to_get_here/

By car

Nijmegen is a city in the eastern part of the Netherlands, a mere 10 kilometres from the German border. It is located on the banks of the river Waal, the main branch of the Rhine.

By public transport

For nation-wide travel, trains are the best option. The Netherlands is a small country and has an extensive rail network, which provides frequent service and fast trains. If you come to The Netherlands by air, you can take a train from Schiphol Airport to Nijmegen. The total journey time from Schiphol to Nijmegen (including changing trains) is approximently one hour and a forty minutes.

For travel information you can check the Journey planner of the Dutch Railways or the 'Door-to-door journey planner'.

There are several city buses and intercity buses that run to Radboud University Nijmegen. Line 10 runs from Central Station directly to campus Heyendaal. Between 8 a.m. and 6 p.m. the bus departs every five minutes. After 6 p.m. the bus departs every fifteen minutes till 7 p.m and twice an hour after 7 p.m. Please check www.breng.nl/zoek-dienstregeling/690 for the most recent bus timetable (in Dutch only).

Parking

There's ample parking available at the venue. Use parking P11.

Sponsor:

Radboud University Nijmegen Logo
 

Have questions about OWASP Netherlands Chapter Meeting March 13th, 2013 Nijmegen NL? Contact OWASP Netherlands Chapter

When & Where


Radboud Universiteit Nijmegen - Institute for Computing and Information Sciences

6525 AJ Nijmegen
Netherlands

Wednesday, March 13, 2013 from 6:30 PM to 9:30 PM (CET)


  Add to my calendar

Organizer

OWASP Netherlands Chapter

OWASP Foundation is a professional association of global members and is open to anyone interested in learning more about application security. Local chapters are run independently and governed by the Chapter Leader Handbook. As a 501(c)(3) non-profit professional association.

  Contact the Organizer

Please log in or sign up

In order to purchase these tickets in installments, you'll need an Eventbrite account. Log in or sign up for a free account to continue.