OWASP Netherlands Chapter Meeting October 31st, 2013 Utrecht NL

Actions and Detail Panel

Sales Ended

Event Information

Share this event

Date and Time



Surfnet, Utrecht

273 Radboudkwartier

3511 CK Utrecht


View Map

Event description


OWASP Netherlands Chapter Meeting

October 31st, 2013

RSA Europe Edition.


18:30 - 19:15 Registration & Pizza

19:15 - 20:00 Third Party Java Libraries for Secure Development - Jim Manico

20:00 - 20:15 Break

20:15 - 21:00 From the Trenches: Real-World Agile SDLC - Chris Eng & Ryan O’Boyle

21:00 - 21:30 Networking


Third Party Java Libraries for Secure Development
by Jim Manico

Do not build your own web application security controls from scratch! This presentation describes the use of several OWASP, Apache and Google open source Java projects that are essential tools to help you construct a secure web applications.

From the Trenches: Real-World Agile SDLC
by Chris Eng & Ryan O’Boyle

Ideally, all organizations would incorporate security into their Agile development processes; however, best-practices Agile SDL models typically assume a simplified, idealized model of how software is built. These models also impose impractical requirements without providing the necessary support or expertise. In reality, software development often involves multiple Agile teams working on various components of a larger product, and only the most well-resourced enterprises or ISVs have the bandwidth to execute on the ideal Agile SDL, while smaller organizations are forced to adapt and make tradeoffs.
In this session, we’ll discuss how Veracode has incorporated security into our own Agile development lifecycle for a product that involves anywhere from two to seven Scrum teams working in concert to ship monthly releases. We do this without designating any security experts full-time to the project. We’ll explain how we’ve evolved our practices to optimize the way our security research team interacts with our engineering teams and accommodates their processes. We’ll also talk about some of the lessons we’ve learned along the way, including things that haven’t worked or wouldn’t scale, and how other organizations can use our experience to integrate security practices into their own Agile development programs.

Speaker Bio's:

Jim Manico
Jim Manico is the VP of Security Architecture for WhiteHat Security, a web and application security firm. He authors and delivers developer security awareness training for WhiteHat Security and has a 20 year history building software as a developer and architect. Jim is also a global board member for the OWASP foundation where he helps drive the strategic vision for the organization. He manages and participates in several OWASP projects, including the OWASP cheat sheet series and several secure coding projects. For more information, see LinkedIn

Chris Eng
Chris Eng is Vice President of Research at Veracode. Chris is a sought after speaker at industry conferences, and has presented at events such as BlackHat, RSA, OWASP, and CanSecWest. In addition to presenting on a diverse set of application security topics, including cryptographic attacks, testing methodologies, mobile application security, and security metrics, Chris frequently comments on software security trends for media outlets worldwide. Throughout his career at organizations such as NSA, @stake, and Veracode, Chris has led projects breaking, building and defending software.

Ryan O’Boyle
Ryan O’Boyle is a Principal Security Researcher at Veracode, and a certified ScrumMaster. Prior to joining Veracode, he helped create the internal penetration testing team at Fidelity Investments, where he was focused not only on finding vulnerabilities but helping engineers fix them and avoid them altogether.


By public transport (Train)

SURFnet is within easy reach from Amsterdam Schiphol Airport. By train it takes about 30 min. From Schiphol Station (below the airport) take an intercity train (every 15 min.) in the direction of Utrecht, Eindhoven or Nijmegen. All will stop at Utrecht Central Station (Utrecht CS).

Having arrived at Utrecht Central Station, take the central station hall as your starting point, follow the signs Centrum/Hoog Catharijne and walk into the mall, keeping to the left. After about 20 metres you will see the sign Radboudburcht on the left. Walk into the corridor. You will find glass doors at the end of the corridor. Ring the bell for SURFnet to have the reception open the doors for you. Take the elevator to the fourth floor.

By car

Currently, a great deal of roads in Utrecht are being worked on. Check www.utrechtbereikbaar.nl for the latest information.

On the A2 (Amsterdam - Utrecht - Den Bosch) take the exit Utrecht-Oog in Al or Utrecht-Centrum . You are now driving on Vleutenseweg or Graadt van Roggenweg towards the city centre. Follow the signs Centrum/Station. Immediately after passing underneath the railway crossing you enter a roundabout. (You will see a police station straight across.) Exit to the right immediately. Follow the signs Hoog Catharijne .

On the A28 (Amersfoort) follow the signs Utrecht-Noord. Take the exit Veemarkthallen, turning left taking the underpass. From here, follow the signs Centrum and Hoog Catharijne. Once you are on Weerdsingel, you will enter a round-about. (You will see a police station to your left.) Turn left.

A2 and A28 continued:
After leaving the roundabout, follow the sign Station and keep to the right avoiding the underpass. After the second crossing immediately take the first street on the right, Stationsstraat. Park you car in car park P3, Radboud, which you will find on the left.

Inside the car park you can take either of the two elevators (marked as stairs on the Map Hoog Catharijne) to the shopping level. Leave the elevator and walk towards the Central Station. As you are about to enter Stationstraverse you see an office block, Radboudburcht, signposted on the right. Walk into the corridor. You will find glass doors at the end of the corridor. Ring the bell for SURFnet to have the reception open the doors for you. Take the elevator to the fourth floor.

The OWASP Netherlands Chapter is sponsored by:

OWASP Netherlands Sponsors 2013

Date and Time


Surfnet, Utrecht

273 Radboudkwartier

3511 CK Utrecht


View Map

Save This Event

Event Saved