Skip Main Navigation
Page Content
This event has ended

Save This Event

Event Saved

OWASP Netherlands Chapter Meeting June 20th, 2013 Amsterdam NL

OWASP Netherlands Chapter

Thursday, June 20, 2013 from 5:45 PM to 9:30 PM (CEST)

OWASP Netherlands Chapter Meeting June 20th, 2013...

Ticket Information

Type Remaining End
OWASP Netherlands Chapter Meeting: June 20th, 2013   more info 42 Tickets Ended Free  

Share OWASP Netherlands Chapter Meeting June 20th, 2013 Amsterdam NL

Event Details

OWASP Netherlands Chapter Meeting

June 20th, 2013 

OWASP European Tour 2013, Dutch Edition


17:45 - 18:15  Registration

18:15 - 18:30  Intro

18:30 - 19:15  Simon Benetts - The OWASP Zed Attack Proxy (ZAP)

19:15 - 19:30  Break

19:30 - 20:15  Eoin Keary - Needles in haystacks, we we are not solving the appsec problem & html hacking the browser, CSP is dead.

20:15 - 21:00  Steven van der Baan - Secure Coding, some simple steps help

21:00 - 21:30  Networking


The OWASP Zed Attack Proxy (ZAP)

By Simon Benetts

It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing as well as being a useful addition to an experienced pen testers toolbox.
It is also community project, being maintained by a worldwide group of volunteers and is completely free, open source and cross platform. Since its release in 2010 ZAP has gone from strength to strength and is now a flagship OWASP project.
Simon will:
    Introduce ZAP to those who have not encountered it before
    Detail the new features in the most recent releases
    Talk about the enhancements currently being worked on
    Give an overview of the 5 ZAP related Google Summer of Code 2013 projects

Needles in haystacks, we we are not solving the appsec problem & html hacking the browser, CSP is dead.

By Eoin Keary 

 "Insanity is doing the same thing over and over and expecting different results." - Albert Einstein
We continue to rely on a “pentest” to secure our applications. Why do we think it is acceptable to perform a time-limited test of an application to help ensure security when a determined attacker may spend 10-100 times longer attempting to find a suitable vulnerability? Our testing methodologies are non-consistent and rely on the individual and the tools they use. Currently we treat vulnerabilities like XSS and SQLI as different issues but the root causes it the same. – it’s all code injection theory!! Why do we do this and make security bugs over complex?
Why are we still happy with “Testing security out” rather than the more superior “building security in”?

Secure Coding, some simple steps help

By Steven van der Baan

Secure coding is often perceived as difficult and complex.
While it is true that 'good security' should be embedded into the design, there are a couple of steps a developer can take which lead to a more secure application. In this presentation we will go to the basics of secure application development and demonstrate these principles which help you build security into your application.


Speaker Bio's:

Simon Benetts

Simon Bennetts has been developing web applications since 1997, and strongly believes that you cannot build secure web applications without knowing how to attack them.
He now works for Mozilla as part of their security team, is the OWASP ZAP project lead and has contributed to many other open source security projects.

Eoin Keary

Eoin is international board member and vice chair of OWASP, The Open Web Application Security Project (, and during his time in OWASP he has lead the OWASP Testing and Security Code Review Guides and also contributed to OWASP SAMM, and the OWASP Cheat Sheet Series.

Eoin is a well-known technical leader in industry in the area of software security and penetration testing, and has led global security engagements for some of the world's largest financial services and consumer products companies. He is the CTO and founder of BCC Risk Advisory Ltd an Irish company who specialise in secure application development, advisory, penetration testing, Mobile & Cloud security and training.

Steven van der Baan

Steven is a passionate Security Consultant and Software Architect, with a broad history in software development and architecture. Steven has a varied background in developing complex systems, mainly in Java. He has the capability to analyse problems and provide sound advise on possible solutions. He can also design a solution that fits the wishes of the client. Steven is determined, steadfast and critical, likes to work in teams, but is capable to work on his own. He is always willing to share his knowledge and help his colleagues. Steven follows the latest developments in the security field to keep his knowledge up to date.


By public transport (Train)

Metro station Spaklerweg
From station Metro 51 from and to Central Station
From station Metro 53 from and to Central Station
From station Metro 54 from and to Central Station
From Station CS or Amstelstation with metro to Gaasperplas, Gein or Amstelveen Westwijk/Poortwachter, get out at halte Spaklerweg and walk ca. 10 minutes.

By car

Duivendrechtsekade is in the officepark 'Amstel Business Park' and is easy accessible via Ringweg A10 (South exit S111), which gives access to the A2 (Amsterdam-Utrecht) and the A4 (Amsterdam-Schiphol-Den Haag).



The OWASP Netherlands Chapter is sponsored by:

OWASP Netherlands Sponsors 2013



Have questions about OWASP Netherlands Chapter Meeting June 20th, 2013 Amsterdam NL? Contact OWASP Netherlands Chapter

When & Where

Hogeschool van Amsterdam, Amsterdam
36 Duivendrechtsekade
1096 AH Amsterdam

Thursday, June 20, 2013 from 5:45 PM to 9:30 PM (CEST)

  Add to my calendar


OWASP Netherlands Chapter

OWASP Foundation is a professional association of global members and is open to anyone interested in learning more about application security. Local chapters are run independently and governed by the Chapter Leader Handbook. As a 501(c)(3) non-profit professional association.

  Contact the Organizer

Interested in hosting your own event?

Join millions of people on Eventbrite.

Please log in or sign up

In order to purchase these tickets in installments, you'll need an Eventbrite account. Log in or sign up for a free account to continue.