Skip Main Navigation
Eventbrite
Browse Events
Organize
Help
Log InSign Up
Menu
Page Content
This event has ended.

Apr

10

OWASP Netherlands Chapter Meeting April 10th, 2013 Amsterdam NL

by OWASP Netherlands Chapter

Actions and Detail Panel

Sales Ended

Date and time

Wed, April 10, 2013

6:30 PM – 9:30 PM CEST

Location

Vrije Universiteit Amsterdam - Room: M129 in the FEW building.

1085 De Boelelaan

1081 HV Amsterdam

Netherlands

View map

Description

OWASP Netherlands Chapter Meeting

April 10th, 2013

"In this Chapter meeting we will not REST until we have designed an access control mechanism to protect your web services..."


Programme:

18:30 - 19:15 Registration & Pizza

19:15 - 20:00 “Access Control Design Best Practices” – Jim Manico

20:00 - 20:15 Break

20:15 - 21:00 “RESTful services, the web security blind spot” – Ofer Shezaf

21:00 - 21:30 Networking


Access Control Design Best Practices

Access Control is a necessary security control at almost every layer within a web application.
This talk will discuss several of the key access control anti-patterns commonly found during
website security audits. These access control anti-patterns include hard-coded security
policies, lack of horizontal access control, and "fail open" access control mechanisms. In
reviewing these and other access control problems, we will discuss and design a positive
access control mechanism that is data contextual, activity based, configurable, flexible, and
deny-by-default - among other positive design attributes that make up a robust web-based
access-control mechanism.

RESTful web services, the web security blind spot

As a light weight alternative to web services, RESTful services are fast becoming a leading
technology for developing mobile applications and web 2.0 sites.
Upon first glance, RESTful services seem very different than web services and suspiciously similar
to regular web technology. The similarity of RESTful services to regular web leads to the misconception that RESTful services are secured in the same way. However, RESTful services share
many of the security risks of web services without the compensating Web Services security controls.
The presentation will describe RESTful services and their use, the complexities in protecting them
and common attack vectors that specific to REST services such as ULR embedded attacks. The
presentation concludes with a discussion of the challenges of security testing for RESTful services
and present novel approaches for automated testing of RESTful services using grey-box testing, a
method combining a client attack tool and a server based monitor.


Jim Manico

Jim Manico is the VP of Security Architecture for WhiteHat Security, a web security firm. He authors and delivers developer security awareness training for WhiteHat Security and has a background as a software developer and architect. Jim is also a global board member for the OWASP foundation. He manages and participates in several OWASP projects, including the OWASP cheat sheet series and the OWASP podcast series.

Ofer Shezaf

Ofer Shezaf is an internationally recognized application security expert. Ofer manages security solutions at HP ArcSight and prior to that managed web security research at HP Fortify and at Breach Security. Ofer is an OWASP (Open Web Application Security Project) leader, the founder of the OWASP Israeli chapter and a WASC (Web Application Security Consortium) officer. Ofer is leading the Web Application Firewall Evaluation criteria project and founded the ModSecurity core rule set project and the WASC web hacking incident database project. Ofer is blogging about the role and value of information security at www.xiom.com trying to separate myth and reality in the information security world.

Directions:

By public transport

From Amsterdam Central Station

  • Metro tram 51, direction Amstelveen Westwijk (16 minutes), stop at: De Boelelaan/VU
  • Tram 5, direction Amstelveen Binnenhof (25 minutes), stop at: De Boelelaan/VU
  • Tram 16 or 24, direction VUmc, final stop

From Station Amsterdam Zuid

  • Express tram 51 (1 minute), direction Amstelveen Westwijk
  • Tram 5 (1 minute), direction Amstelveen Binnenhof
  • It's a 10 minute walk to the VU from Station Amsterdam Zuid

By car

The A-10 Amsterdam ring road can be reached from all directions. Follow the A-10 to the Zuid/Amstelveen exit S 108. Turn left at the end of the slip road onto Amstelveenseweg: after about three hundred yards (at the VU University hospital building) turn left again onto De Boelelaan. VU University Amsterdam can be reached via city routes S 108 and S 109.

Parking

There is a limited amount of parking space around VU University Amsterdam itself in De Boelelaan, which has parking bays, and also in Karel Lotsylaan. There is paid parking on VU Amsterdam parking lot to the right of the Hospital Outpatient Clinic. There is even more parking space on the east side of Buitenveldertselaan at the junction with Willem van Weldammelaan, within 5 minutes walking distance of VU University Amsterdam. A number of parking places for the handicapped are reserved in front of the VU University Amsterdam Main Building and within its grounds.

Download the VU's visitorsguide here

Sponsor:

Vrije Universiteit Amsterdam - Faculteit der Exacte Wetenschappen



Tags

  • Netherlands Events
  • Noord-Holland Events
  • Things to do in Amsterdam
  • Amsterdam Conferences
Event ended

OWASP Netherlands Chapter Meeting April 10th, 2013 Amsterdam NL


Follow this organizer to stay informed on future events

OWASP Netherlands Chapter

Event creator

Events you might like

  • VIRTUAL TECH CONFERENCE  Amsterdam, Netherlands

    VIRTUAL TECH CONFERENCE Amsterdam, Netherlands
    VIRTUAL TECH CONFERENCE Amsterdam, Netherlands

    Wed, Nov 9, 10:00 AM
    Amstel 51 • Amsterdam
    Free
  • Steve Hofstetter in Amsterdam, Netherlands! (7:30PM)

    Steve Hofstetter in Amsterdam, Netherlands! (7:30PM)
    Steve Hofstetter in Amsterdam, Netherlands! (7:30PM)

    Sun, Oct 2, 7:30 PM
    Boom Chicago • Amsterdam
    $23.53 - $226.37
  • ZOKU AMSTERDAM .NL BRUNCH Cyber Security netherlands for foreigners 2021

    ZOKU AMSTERDAM .NL BRUNCH Cyber Security netherlands for foreigners 2021
    ZOKU AMSTERDAM .NL BRUNCH Cyber Security netherlands for foreigners 2021

    Tomorrow at 9:00 AM
    Mr Data School of Technology Campus (XADAT.NL-ICT Opleiding) • Amsterdam
    €2,098
  • CollabDays Netherlands 2022

    CollabDays Netherlands 2022
    CollabDays Netherlands 2022

    Sat, Sep 10, 9:00 AM
    Van der Valk Hotel Vianen • Vianen
    Free
  • DigiMarCon Netherlands 2022 - Digital Marketing Conference & Exhibition

    DigiMarCon Netherlands 2022 - Digital Marketing Conference & Exhibition
    DigiMarCon Netherlands 2022 - Digital Marketing Conference & Exhibition

    Thu, Sep 8, 9:00 AM
    Johan Cruijff ArenA Stadium • Amsterdam
    €147 - €997
  • xadat.nl - Starting a business in Netherlands Foreigner Metropoolgebouw

    xadat.nl - Starting a business in Netherlands Foreigner Metropoolgebouw
    xadat.nl - Starting a business in Netherlands Foreigner Metropoolgebouw

    Today at 7:00 PM
    Weesperstraat 61-105 • Amsterdam
    €49
  • Uganda Netherlands Business Convention

    Uganda Netherlands Business Convention
    Uganda Netherlands Business Convention

    Fri, Aug 26, 10:00 AM
    Executive conference Facility • Duivendrecht
    €0 - €299.99
  • DRAG FEST NETHERLANDS 2022 (All ages)

    DRAG FEST NETHERLANDS 2022 (All ages)
    DRAG FEST NETHERLANDS 2022 (All ages)

    Sun, Aug 21, 3:00 PM
    Melkweg • Amsterdam
    €32.87 - €162.23
  • IDnext '22 - The European Digital Identity (un)-conference, The Netherlands

    IDnext '22 - The European Digital Identity (un)-conference, The Netherlands
    IDnext '22 - The European Digital Identity (un)-conference, The Netherlands

    Tue, Sep 27, 9:00 AM
    DeFabrique • Utrecht
    €82.99 - €473.10
  • In-Person Cultural Trip - Tulip Time: A Netherlands & Belgium River Cruise

    In-Person Cultural Trip - Tulip Time: A Netherlands & Belgium River Cruise
    In-Person Cultural Trip - Tulip Time: A Netherlands & Belgium River Cruise

    Sun, Apr 16, 1:00 PM
    Amsterdam • Amsterdam
    Free

Site Navigation

Use Eventbrite

  • How it Works
  • Pricing
  • Event Blog

Plan events

  • Online Registration
  • Sell Event Tickets
  • Event Management Software

Find events

  • Browse Amsterdam Events
  • Get the Eventbrite App

Connect with us

  • Report This Event
  • Help Center
  • Terms
  • Privacy
  • CA Privacy Notice
  • Accessibility
  • Community Guidelines
Eventbrite + Ticketfly

© 2022 Eventbrite