Dallas

Get Connected and Stay Connected
In addition to our Mailing List we also have a Dallas OWASP Twitter Feed a Dallas OWASP Facebook Page and a Dallas OWASP Linkedin Group. We invite you to join or follow whichever groups suit you, get involved with your fellow Dallas OWASP Chapter members, and we'll keep them all up to date with the latest official news and announcements from the chapter leadership.

Click any of the links below to visit the corresponding Dallas OWASP social networking groups:

March Meeting
When: Tuesday, March 20, 2018 - 6:00 PM

Topic:  DevSecOps Unplugged

There is a confluence of forces that disrupt the ability for organizations to implement DevSecOps effectively. We continue to increase our dependence on software but teams are still relatively immature in developing securely. Our systems continue to grow exponentially complex. With IoT starting to take off, there is no clear industry vision for security these devices. Cybersecurity threats continue to rise. Even the most diligent teams find themselves subtly gaining technical debt because they are unable to do the job right.

This impact is felt across industries: telecommunications, financial, software development, transportation, and medical just to name a few. So what is our response as security professionals? We have software tools and databases like OWASP Top 10, CWE/CVE, SANS Top 25 and so on. But what we need is a set of patterns and anti-patterns on implementing DevSecOps.

Our talk will highlight what we’ve observed in conducting research from Tier 1 peer reviewed articles from 2016 to the present. We will present what seems to be emerging as a set of best practices as well as anti-patterns in DevSecOps.

Who: Vishal Asthana, CISSP has been with Security Compass for over 4 years, as a Regional Director for the company’s India Operations until mid-2017, and now our Director of Customer Solutions. He designed and co-presented SecureMe Droid app at OWASP’s flagship AppSec USA (2015). He was also OWASP Delhi Chapter’s lead for nearly 2 years. He continues to represent Security Compass in SAFECode as a member of the Technical Leadership Team. Prior to joining Security Compass, he was a part of Symantec’s central product security team as a Senior Principal Security Engineer. He possesses over 15 years of work experience in various Information Security domains, of which the past 10 years have been in Application Security.

Where: Akamai - 15950 Dallas Parkway, Dallas, TX

The Conference Center for Tollway Plaza is located on the western side of the South Tower lobby, directly across from suite 100 (Stewart Title North Texas).

https://www.meetup.com/Dallas-The-Open-Web-Application-Security-Project-Meetup/events/247992160/

The meeting food & drinks will be sponsored by Akamai.

IMPORTANT Meeting Notes:

The location is a gun-free zone. Please do not attempt to bring in any guns, holsters, ammo, etc. into their office space.

February Meeting
When: Tuesday, February 20, 2018 - 6:00 PM

Topic:  Bugs in the Blockchain and “Contractual” Vulnerability

Who: Stark Riedesel is a software security consultant working for Synopsys here in the Dallas area.

Where: Alliance Data Systems - 7500 Dallas Parkway 7th Floor, Plano, TX

Materials: [[Media:Bugs_in_the_Blockchain.pptx]]

January Meeting
When: Tuesday, January 16, 2018 - 6:00 PM

Topic:  OWASP Top 10 2017

Who: Andrew van der Stock is a Senior Principal Consultant with Synopsys.

Where: Toyota Motor North America, Inc. - 6565 Headquarters Drive · Plano

October Meeting
When: Tuesday, October 10, 2017 - 6:00 PM

Topic:  Application Security in the DevOps World

Who: Apoorva Phadke is a Senior Security Consultant at Synopsys.

Where: Akamai - 15950 Dallas Parkway, Dallas, TX

September Meeting
When: Wednesday, September 13, 2017 - 6:00 PM

Topic:  Automate All The Things

Who: Matt Konda, CEO of Jemurai. Jemurai is a consulting firm specializing in application security.

Where: Epsilon - 6021 Connection Drive, Irving, TX

August Meeting
When: Wednesday, August 15, 2017 - 6:00 PM

Topic:  Making Vulnerability Management Less Painful with OWASP DefectDojo

Who: Greg Anderson is a security professional and creator of DefectDojo

Where: Intuit

Materials: https://docs.google.com/presentation/d/1DnV-e6TWoH0YexZJpPQeRTD0eeHwWpmsSu-MRjMczwQ/edit?usp=sharing

July Meeting
When: Wednesday, July 19, 2017 - 6:00 PM

Topic:  IoT Security Landscape: Survey & Analysis

Who: Mark Szewczul, CISSP, is an IoT Security Architect at Zimperium

Where: Goldman Sachs - 6011 Connection Drive, Irving, TX 75039, Dallas, TX

June Meeting
When: Tuesday, June 20, 2017 - 6:00 PM

Topic:  From Hot Rodding to Hacking, Securing the Modern Automobile

Who: Art Dahnert is a Managing Consultant who has over 19 years of experience in the software industry with over 8 years Application Security experience.

Where: Toyota - 5360 Legacy Drive, Building 1, 2nd Floor, Plano, TX

Materials: [[media:Hot_Rodding_and_Hacking_v3.pdf]]

May Meeting
When: Tuesday, May 16, 2017 - 6:00 PM

Topic:  OWASP Dallas Social

Who: OWASP Dallas

Where: Dots Hop House & Cocktail Courtyard - 2645 Commerce Street, Dallas, TX (map)

April Meeting
When: Monday, April 17, 2017 - 6:00 PM

Topic:  AWS Security: Staying on Top of the Cloud

Who: Kurtis Miller is a Principal Security Consultant for NCC Group, North America.

Where: Goldman Sachs - 6011 Connection Drive, Irving, TX 75039, Dallas, TX

Materials: [[media:AWS_Security_-_Staying_on_Top_of_the_Cloud.pdf]]

March Meeting
When: Tuesday, March 21, 2017 - 6:00 PM

Topic:  Secrets Revealed: How Your Competitors are Scaling Application Security

Who: Nishchal Bhalla, is a noted expert, speaker and a published author who has been in the information security field for two decades.

Where: Intuit, Inc. - 5601 Headquarters Dr, Plano, TX

Materials: [[media:2017.03_OWASP_Dallas_Presentation_v5.pdf ]] (More Info)

February Meeting
When: Tuesday, February 21, 2017 - 6:00 PM

Topic:  Secure Architecture In The Land of Microservices

Who: Jack is the CEO at nVisium and focuses on building solutions to make security and education scale in fast-paced software development organizations.

Where: 8000 Dominion Pkwy, Plano, TX - Capital One

Materials: [[Media:Microservice_Security.pdf]]

January Meeting
When: January 17 - 6:00 PM

Topic:  Helping Developers Embrace Security with OWASP Tools

Who: Joseph Konieczka is a Lead Technology Solutions Specialist on the Remedy on Demand infrastructure team at BMC Software.

Where: 6011 Connection Drive, Irving, TX 75039, Dallas, TX - Goldman Sachs

November Meeting
When: Tuesday, November 8, 2016 - 5:30 PM

Topic:  Privacy Preserving Big Data Analytics

Who: Hassan Takabi is Assistant Professor of Computer Science and Engineering at the University of North Texas, Denton, TX, USA.

Where: Epsilon - 6021 Connection Drive, Irving, TX

October Meeting
When: Monday, October 17, 2016 - 5:30 PM

Topic:  NoSQL: "No Injections" or "No Security"?

Who: Stark Riedesel is a Security Consultant for Cigital, an industry leader in application security.

Where: Akamai - 15950 Dallas Parkway, Dallas, TX

September Meeting
When: Monday, September 19, 2016 - 5:30 PM

Topic:  Web Attacker’s Toolkit: An in depth analysis of RFI in the wild

Who: Tony Lauro is a Lead Sr. Enterprise Security Architect for Akamai's Web Security division.

Where: Akamai - 15950 Dallas Parkway, Dallas, TX

August Meeting
When: Tuesday, August 16, 2016 - 5:30 PM

Topic:  OWASP Dallas August Social

Who: Dallas OWASP Community

Where: Braindead Brewing - 2625 Main St, Dallas, TX

July Meeting
When: Tuesday, July 19, 2016 - 5:30 PM

Topic:  Pen Testing with Powershell

Who: Rajganesh Pandurangan is a Lead Managing Consultant at US Bank and the creator of Web Application Exploitation Distro (http://www.waed.info)

Where: 6011 Connection Drive, Irving, TX 75039, Dallas, TX - Goldman Sachs

Materials: [[Media:OWASP-pentest-with-powershell.pptx]]

June Meeting
When: Tuesday, June 21, 2016 - 5:30 PM

Topic:  Web App Testing Stats Compared to The OWASP Top 10

Who: Joel Scambray is a Principal at Cigital.

Where: 8000 Dominion Pkwy, Plano, TX - Capital One

Materials: [[Media:Cigital_Top10_DallasOWASP-062116.pdf]]

May Meeting
When: Tuesday, May 17, 2016 - 5:30 PM

Topic:  Can we do better than Passwords?

Who: Dr. Girish Chiruvolu, CISSP, CISM is Director, Information security and Risk Management at Thomson Reuters, Carrollton TX.

Where: 6011 Connection Drive, Irving, TX 75039 - Goldman Sachs.

Materials: [[Media:OWASP_May17th_Password-less-logins.pdf]]

April Meeting
When: Tuesday, April 19, 2016 - 5:30 PM

Topic:  OWASP Happy Hour

Who: OWASP Dallas Members

Where: Humperdinks NW Highway - 2208 W Northwest Hwy, Dallas, TX

March Meeting
When: Tuesday, March 15, 2016 - 5:30 PM

Topic:  Integrating Security into the Software/System Development Life Cycle (SDLC) Process—Myths and Facts

Who: Rick Brunner is an Assistant Faculty member at Collin College and is an active member of Collin’s Cyber Security Advisory Board.

Where: Epsilon - 6021 Connection Drive, Irving, TX.

Materials: [[Media:March_2016_OWASP_-_Secure_SDLC_Presentation_and_Related_Material.zip]]

February Meeting
When: Wednesday, February 17, 2016 - 5:30 PM

Topic:  DNS Attack Vectors

Who: John Devasia is a Senior Product Manager in the Cloud Security BU at Akamai Technologies.

Where: 6011 Connection Drive, Irving, TX 75039 - Goldman Sachs.

January Meeting
When: Tuesday, January 19, 2016 - 5:30 PM

Topic:  Bountiful Bugs and DRM Breakage

Who: Dave Ferguson is a Solution Architect at Qualys and has been a specialist in Application Security since 2006.

Where: 6011 Connection Drive, Irving, TX 75039 - Goldman Sachs.

November Meeting
When: Tuesday, November 17th, 2015 from 5:30 PM – ?:?? PM

Topic:  OWASP Dallas Happy Hour

Where: Mexican Sugar at Shops at Legacy - 7501 Lone Star Drive, Suite 8150, Plano, TX

October Meeting
When: Wednesday October 7th, 2015 from 11:30 AM – 1:00 PM

Topic:  Anatomy of a Logic Flaw

Who: Charles Henderson is the Vice President of Managed Security Testing at Trustwave.

Where: 6011 Connection Drive, Irving, TX 75039.

September Meeting
When: Thursday September 17th, 2015 from 5:30PM – 6:30 PM

Topic:  Application Security Trends

Who: Stephen Pasco is a Vice President of Application Risk at Goldman Sachs

Where: 6011 Connection Drive, Irving, TX 75039.

May Meeting
When: Wednesday May 6, 2015 from 11:30 AM – 1:00 PM

Topic:  The Future of Mobile Payments: Secure Mobile Architecture

Who: Denis M. Sheridan is a Managing Consultant at Cigital.

Where: North Lake College Central Campus, 5001 North MacArthur Boulevard, Irving, Texas 75038, Room: A-215

October Meeting
When: Wednesday October 1, 2014 from 11:30 AM – 1:00 PM

Topic: Succeeding with Enterprise Software Security Key Performance Indicators

Who: Rafal Los, Director, Office of the CISO

Where: Richland College, 12800 Abrams Road, Dallas, TX 75243, Room: Sabine Hall: SH117

March Meeting
When: Wednesday March 5, 2014 from 11:30 AM – 1:00 PM

Topic:  OWASP Dallas basic Python tutorial

Who: Matt Parsons, CISSP MSM

Where: Richland College, 12800 Abrams Road, Dallas, TX 75243, Room: Sabine Hall: SH117

September Meeting
When: Wednesday September 11, 2013 from 11:30 AM – 1:00 PM

Topic:  PCI Mobile Payment Acceptance Security Guidelines for Developers

Who: Ralph Spencer Poore, Director, Emerging Standards at PCI Security Standards Council

Where: Richland College, 12800 Abrams Road, Dallas, TX 75243, Room: Sabine Hall: SH117

Slides: [[Media:Dallas OWASP 9-11-2013.pdf]]

May Meeting
When: Wednesday May 8, 2013 from 11:30 AM – 1:00 PM

Topic:  Implementation Patterns for Software Security Programs

Who: Dan Cornell, Principal, Denim Group

Where: Richland College, 12800 Abrams Road, Dallas, TX 75243, Room: Sabine Hall: SH117

Map

February Meeting
When: Wednesday February 6, 2013 from 11:30 AM – 1:00 PM

Topic:  Using Webappsec Vulns to Break Censorship

Who: Robert Hansen, a.k.a. rsnake

Where: Richland College, 12800 Abrams Road, Dallas, TX 75243, Room: Sabine Hall: SH117

Map