Vancouver

OWASP Vancouver Chapter Meeting July 22, 2010 (Second Meeting of 2010)
Time: Thursday, July 22, 2010 @ 5:30pm

 Location Sierra Systems 1177 West Hastings Street, Suite 2500 Vancouver, BC V6E 2K3

http://maps.google.ca/maps?f=q&source=s_q&hl=en&geocode=&q=1177+West+Hastings+Street,+vancouver,+bc&sll=49.891235,-97.15369&sspn=31.271973,90.263672&ie=UTF8&hq=&hnear=1177+W+Hastings+St,+Vancouver,+Greater+Vancouver+Regional+District,+British+Columbia+V6E+3Y9&z=16

We are pleased to announce our second meeting of 2010! As previously announced on the mailing list, we will have the meeting on July 22nd, and Martin Kyle of Sierra Systems has offered to host the meeting.


 * First Topic : Risk Assessment Methodologies - Erasmus Dong - High level presentation on risk management and risk assessment methodologies with focus on OWASP Threat Risk Modeling.
 * Fifteen minute break
 * Second Topic : Cloud Technologies and Risks - Yvan Boily - Brief overview of cloud technologies, and a discussion of some of the key areas of risk.
 * Discussion of how to grow the chapter, and future areas of interest.

About Erasmus Dong:

A new member of the Vancouver OWASP community, Erasmus has been working in information technology for over a decade in areas of operations, infrastructure, and information security risk in government and financial services.

About Yvan Boily:

Yvan Boily works for a global Financial Institution and was the former chapter lead for the Winnipeg chapter of OWASP. He has worked in various roles in IT Security, primarily focused on Application Security and Security Testing. Working for the last 8 years in IT Security, Yvan has held roles in provincial government, independent contracting, and as a consultant for a dedicated IT security firm.

OWASP Vancouver Chapter Meeting January 20, 2009
Time: Monday April 27, 2009 starting at 5:30 p.m.

 Location Deloitte & Touche LLP (downtown office) 2800 - 1055 Dunsmuir Street 4 Bentall Centre Vancouver British Columbia

Vancouver Map/Carte

Agenda:

5:30 to 5:45 PM Introductions 5:45 to 6:15 PM Cross Site Scripting XSS & Cross Site Request Forgery CSRF by Mark Lane 6:15 to 6:30 PM Q&A session

Approximately 10 people attended.

OWASP Vancouver Chapter Meeting January 20, 2009
Time: January 20th, 2009 at 6:00 p.m.

 Location Deloitte & Touche LLP (downtown office) 2800 - 1055 Dunsmuir Street 4 Bentall Centre Vancouver British Columbia

Vancouver Map/Carte

Agenda:

6:00 to 6:15 PM Introductions 6:15 to 6:45 PM Presentation "Real Experiences in developing a Secure Development Life Cycle" from Stephen Charles 6:45 to 7:00 PM Q&A session

Approximately 10 people attended.

OWASP Vancouver Chapter meeting January 21, 2008
Time: January 21, 2008 6:30 p.m. to 7:30 p.m.

 Location Business Objects 910 Mainland Street Vancouver BC, Canada  V6B 1A9

For the January meeting of the OWASP Vancouver chapter we have a very interesting presentation from Michael Weider, Founder and CTO of IBM Watchfire. Michael will provide insights into the latest trends in application security, what is the threat and what best practices are companies employing to address this growing threat.

The session will be held on January 21st starting at 6:30 p.m.

Please contact Mauro Addari at [mailto:mauro.owasp@live.ca Mauro] to register

OWASP Vancouver Chapter meeting November 29, 2007
Location:  Business Objects Main office Attendance:  Rodrigo, Rui, Zenko, Russ, Mauro The meeting started with an introduction of the OWASP group and its objectives: goals and projects that OWASP is leading. There are various open source projects that the OWASP team has been a part of, namely, the OWASP top ten list of vulnerabilities; CLASP ( a guideline for companies to address security issues in their products ); GOAT ( practice your hacking skills on their machines); Web Scarab; plus other scanning/hacking tools. We then introduced the OWASP Vancouver chapter: lately the chapter has been a little be dormant and all the presents agreed to provide help to revamp the chapter. The objective of the OWASP Vancouver chapter is to promote web application security and security awareness in the community. In the fall off 2007 the Vancouver chapter reached into the other Vancouver security and technical groups. Some groups as for example SIG Security and Vantug have been interested to hear more about OWASP and the asked for presentations. More presentation can be done to these groups in the next year. We all agree that reaching into Vancouver groups is an important goal for the OWASP Vancouver chapter. Another goal of the group is to facilitate some technical discussion and presentation on the security field. Some of the topics of interest are the following: We've also discussed the possibility to promote OWASP in the community and other groups and to capturing new membership through social sites such as Tazzu.com and meetup.com. The next meeting is planned for the end of January
 * Honeypot;
 * Vulnerabilities;
 * Secure Development LifeCycle;
 * Hands on seminar using various security/pen tools;
 * Wireless security;
 * Http and basic encryption;
 * Forensic;
 * Law and enforcement in security;
 * International security groups like CISSP or SANS.

OWASP Chapter Meeting May 30th 5:30pm - 7:00pm
Attendance:
 * Neil (PDB Security)
 * Chris (Sxip Identity)
 * Mauro (Business Objects)

Introductions

 Ideas for new members?
 * Chris to lead web page
 * Mauro to contact other local security groups (ISACA, ISSA, CIPS Security Special Interest Group)
 * Neil to arrange speakers
 * Group to invite friends :)

Future Speakers
 * Topics of interest: fuzzing, risk modeling (CLASP), other risk methodologies, cryptography, web services, tools

Other ideas?
 * Goals of the chapter: grow, cross-pollination of ideas in app. sec. space, evangelize app sec!
 * Chatted about compliance standards.
 * Chatted about info sec. vs app. sec. as a whole.