OWASP BeNeLux-Days 2018



= Information =

The OWASP BeNeLux Program Committee

 * Bart De Win / Sebastien Deleersnyder/ Lieven Desmet/ David Mathy, OWASP Belgium
 * Martin Knobloch / Joren Poll, OWASP Netherlands
 * Jocelyn Aubert, OWASP Luxembourg

Tweet!
Event tag is #owaspbnl18

Donate to OWASP BeNeLux
Donate

= Registration =

OWASP BeNeLux training is reserved for OWASP members, and registration is required!
To support the OWASP organisation, we ask training attendees to consider becoming an OWASP member, it's only US$50! Check out the Membership page to find out more.

To support the OWASP organisation, consider to become a member, it's only US$50! Check out the Membership page to find out more.

= Venue =

Address
Venue:

Congres- en Erfgoedcentrum Lamot Van Beethovenstraat 8-10 2800 Mechelen Belgium

Google map



Parking:



Find your parking on Google Maps

Public transport
You can reach the Mechelen's train station from Antwerpen or Brussels. The Lamot conference center is 10 min away by bus (line 1).

Or you can choose to walk for 15 min (1.2 km).

From Brussels:
Follow the E19 Brussels / Antwerpen and take the exit 10. Follow the N1 until the R12 (take a left) and turn to the right at the "Brusselpoort" into the Hoogstraat to reach one of the parkings.

From Antwerpen:
Follow the E19 Brussels / Antwerpen and take the exit 9. Follow the N16 until the R12 (take a right) and turn to the left at the "Brusselpoort" into the Hoogstraat to reach one of the parkings.

Hotels Nearby
Hotels around the Lamot conference center

= Training Day =

Training Day is November 29th

Course Description
The course guides attendees through Linux container security in general, and progresses to advanced Kubernetes cluster security. It emphasises pragmatic threat modelling and risk assessment based on an understanding of the tools and primitives available, rather than dogmatic dos and don’ts.

Course Outline

 * How to attack containerised workloads
 * Enhanced container security
 * How to attack Kubernetes
 * Interactive production cluster hacking
 * Hardening Kubernetes
 * Locking down applications
 * Security tooling and vendor landscape

Who Should Attend
This course is suitable for intermediate to advanced Kubernetes users who want to strengthen their security understanding. It is particularly beneficial for those operating Kubernetes in a high-compliance domain, or for established security professionals looking to update their skills for the cloud native world.

Bio
Andrew has a strong test-first engineering ethos gained architecting and deploying high-traffic web applications. Proficient in systems development, testing, and maintenance, he is comfortable profiling and securing every tier of a bare metal or cloud native application, and has battle-hardened experience delivering containerised solutions to enterprise clients. He is a co-founder at https://control-plane.io

= Conference Day =

Conference Day is November 30th

Abstract
Intoducing security testing tools to a QA or developers workflow can be difficult when the tools aren't easy or intuitive to use. Even for security professionals, the friction of cumbersome security tooling can prevent them from getting the most from a tool or being effective with their time. The OWASP ZAP team is working to help enable developers, QA, and hackers alike with the ZAP Heads Up Display, a more user friendly way to engage with the security testing tool. The Heads Up Displays integrates ZAP directly in the browser providing all of the funcitonality of the tool via a heads up display. The goal is to make ZAP more accessible and enabling users, especially developers, to integrate security in their daily workflows. This talk will discuss the importance of usable tools, design tradeoffs made to improve usability, the various browser technologies powering the HUD, and how you can start hacking with a heads up display.

Bio
David Scrobonia is a part of the Security Engineering team at Segment working to secure modern web apps and AWS infrastructure. He contributes to open source in his spare time and is a core team member of the OWASP ZAP project.

= Social Event =

The Social Event is on Thursday, November 29th

If you want to join the social event, don't forget to register for it via the registration:

The social event details will be published very soon! Stay tuned.

= Sponsor =

''' Become a sponsor of OWASP BeNeLux! '''

There are 3 combined sponsorship packages (Gold, Silver or Bronze) that cover the BeNeLux chapter meetings 2019 and the BeNeLux OWASP Days 2018.

Download our sponsor brochure and contact [mailto:seba@owasp.org us] for questions or sponsorship confirmation!

Your sponsorship will be invested directly in the chapter meetings, supporting speaker and catering expenses.

The sponsorship will also be dedicated to cover the costs of the OWASP 2018 BeNeLux event.

Gold
https://www.owasp.org/images/6/67/Vest.jpg

Bronze
https://www.owasp.org/images/9/9a/Logo_Informatiebeveiliging-200.png