Belgium

= Local News =

Upcoming events
We are proud to announce the dates of the next edition of BeNeLux OWASP Day! The event will take place on 17 and 18 March 2016, in Belval Campus, in Esch-sur-Alzette - Luxembourg.

See BeNeLux OWASP Day 2016 for more details.

Presentations of the 2014 chapter meetings are online
The presentations of our 2014 chapter meetings can be downloaded from https://www.owasp.org/index.php/Belgium#tab=Chapter_Meetings

Twitter
You can also follow us on Twitter!

OWASP-BE contact list
If you want to be invited for the next OWASP Belgium Chapter meetings, please drop us your contact info.

OWASP-BE discussion mailing list
If you want to join the local chapter mailing list, please click here.

Structural Sponsors 2013/2014
OWASP Member affiliated to the Belgium chapter:



OWASP Belgium thanks its structural chapter supporters for 2013/2014 and the OWASP BeNeLux Days 2013:

https://www.owasp.org/images/e/e6/Zionsecurity.jpg https://www.owasp.org/images/5/5e/Nviso_logo_RGB_baseline_200px.png https://www.owasp.org/images/a/a2/Checkmarx.jpg

If you want to support our chapter, please contact [mailto:seba@owasp.org Seba Deleersnyder]

= Chapter Meetings =

WHEN
24 February 2015

WHERE
Hosted by iMinds-Distrinet Research Group (KU Leuven).

Both speakers are faculty of the Secure Application Development course which is held in Leuven from 10 to 14 February 2014. OWASP Members get a 10% discount to attend the course.

Address: Department of Computer Science (foyer at ground floor) Celestijnenlaan 200 A 3001 Heverlee (google maps)

Routemap: https://distrinet.cs.kuleuven.be/about/route/

PROGRAM
The agenda:
 * 18h15 - 19h00: Welcome & sandwiches
 * 19h00 - 19h15: OWASP Update (by Sebastien Deleersnyder, OWASP Belgium Board)
 * 19h15 - 20h15: Why Code Reviews and Pen-Tests Are Not Enough (by Jim DelGrosso, Cigital)
 * Abstract: Code reviews and penetration tests are excellent techniques for finding defects in software. But there is a whole class of defects that they are not good at finding - flaws. Jim will briefly talk about the differences between bugs and flaws, will describe a technique to help identify flaws, and talk about the work being done as part of the IEEE Center for Secure Design to help people avoid common flaws.
 * Bio: Jim DelGrosso is a Principal Consultant at Cigital with over 30 years of experience working for software development and consulting organizations. At Cigital, Jim heads up the Architecture Analysis practice with the mission to analyze the architecture and design of systems to identify flaws and provide our customers contextual guidance to remediate or mitigate those flaws. Jim is also the Executive Director for the IEEE Computer Society Center for Secure Design initiative.


 * 20h15 - 20h30: Break
 * 20h30 - 21h30: An analysis of exploitation behaviors on the web and the role of web hosting providers in detecting them. (by prof. Aurélien Francillon, EURECOM)
 * Abstract: Compromised websites are often used by attackers to deliver malicious content or to host phishing pages designed to steal private information from their victims. In a first part of the talk I will describe Eurecom's web honeypot, a set of deliberately vulnerable web applications that are regularly compromised by real attackers. In a second part of the talk, I will describe tests we performed on the ability of specialized monitoring services and web hosting providers to detect compromised websites and how they react to user complaints.
 * Bio:  Aurélien Francillon is an assistant professor in the Networking and Security department at EURECOM, where he is co-heading the System and Software Security group. Prior to that he obtained a PhD from INRIA and Grenoble INP and then spent 2 years as a postdoctoral researcher in the System Security Group at ETH Zurich. He is mainly interested in practical aspects of the security of embedded devices.  In this context he has worked on topics such as code injection, code attestation, random number generation, hardware support for software security, bug finding techniques as well as on broader security and privacy topics. He served in many program committees and was program co-chair of CARDIS 2013.

REGISTRATION
Please register via EventBrite: http://owasp-belgium-2015-02-24.eventbrite.com

Past Events

 * Events held in 2013
 * Events held in 2012
 * Events held in 2011
 * Events held in 2010
 * Events held in 2009
 * Events held in 2008
 * Events held in 2007
 * Events held in 2006
 * Events held in 2005

= Belgium OWASP Chapter Leaders =

The Belgium Chapter is supported by the following board:


 * Sebastien Deleersnyder, Toreon
 * Erwin Geirnaert, Zion Security
 * Philippe Bogaerts, F5
 * André Mariën, Euroclear
 * Lieven Desmet, K.U.Leuven
 * Bart De Win, PWC
 * David Mathy, Freelance

Our goal is to professionalize the local OWASP functioning, provide in a bigger footprint to detect OWASP opportunities such as speakers/topics/sponsors/… and set a 5 year target on: Target audiences, Different events and Interactions of OWASP global – local projects.