Netherlands October 15th 2015

= October 15th, 2015 = Registration: http://owasp-netherlands-chapter-meeting-20151015.eventbrite.nl
 * OWASP Netherland Wiki
 * All OWASP NL Events 2015

Venue
Building R1, Room 3.46
 * Fontys Hogeschool ICT
 * Rachelsmolen 1
 * 5612 MA Eindhoven

Programme:

 * 18:00 - 18:45 Registration & Pizzas
 * 18:45 - 19:00 OWASP Netherland and Foundation Updates
 * 19:00 - 19:45 OWASP Proactive Controls - Jim Manico
 * 19:45 - 20:00 break
 * 20:00 - 20:45 OAuth (and more) - Jim Manico
 * 21:00 - 21:30 Networking

OWASP Proactive Controls
The OWASP Top Ten Proactive Controls is a list of security techniques that should be included in every software development project. They are ordered by order of importance, with control number 1 being the most important. This document was written by developers for developers to assist those new to secure development.
 * Project Wiki:[OWASP_Proactive_Controls]
 * OWASP Proactive Controls Wiki
 * [[Media:OWASP_Proactive_Controls_v1.pdf| Download the presentation as PDF]]

OAuth
OAuth is a new kind of security protocol. It's used for delegating various features from one service to another on behalf of your users. OAuth intersects with authentication and access control, let would not likely use OAuth in and of itself for authentication, session management or an access control in your applications. Even more confusing, OAuth is not in an of itself a standard and various service providers will likely have different implementations. Let's say it again, OAuth is not a standard - its a framework for delegation. So this leaves us with questions! What really is delegation? Where does OAuth fit in? How can I use OAuth in a secure fashion? These questions and more will me answered in this talk!
 * [[Media:OWASP-NL_Chapter_Meeting201501015_OAuth_Jim_Manico.pdf | Download the presentation as PDF]]

Jim Manico
Jim Manico is the founder of Manicode Security where he trains software developers on secure coding and security engineering. He is also the founder of Brakeman Security, Inc. and is a investor/advisor for Signal Sciences. Jim is a frequent speaker on secure software practices and is a member of the JavaOne rockstar speaker community. Jim is also a Global Board Member for the OWASP foundation where he helps drive the strategic vision for the organization. He is the author of "Iron-Clad Java: Building Secure Web Applications" from McGraw-Hill. For more information, see http://www.linkedin.com/in/jmanico