Ottawa

Meetings Location
Shopify: 61a York St (Above Tucker's Marketplace) Map

RSVP
Please RSVP to owasp.ottawa@gmail.com. Please include name, company and how many attendees.

Meeting Sponsor: 

Meeting schedule:

4:00-4:30 Pizza, wings and pop 4:30-5:30 Chris Pierre - Beyond Facebook: How Hackers Might Obtain Information Individual for Social Engineering attacks 5:30-5:45 Break 5:45-6:45 David Mirza Ahmed - Introducing Vega, a New Open Source Web Vulnerability Scanner

Next Meeting: May, Thursday 12th 2011
Location: Bell - 160 Elgin St, Ottawa Session 1 - Chris Pierre: Beyond Facebook: How Hackers Might Obtain Information Individual for Social Engineering attacks As the old saying goes “Know your enemy as you know yourself.” This discussion will examine several sources of publicly available information which an attacker might use to gain background information on a target for the purposes of a social engineering attack. The talk is expected to be interactive, lively and will provoke a discussion on how these systems and processes can be hardened against this type of attack.

About The Speaker Chris Pierre BA, CFE, CISSP is an Ottawa-based forensic investigation professional. Having worked with several forensic firms prior to starting Evince Services, Inc., he has experience in many types of engagements in both the private & public sectors & specializes in investigations involving the internet. Forensic engagements have included information leaks, general corporate fraud investigations, investor fraud, intellectual property cases, administrative/internal investigations, background investigations, grants & contributions fraud, corruption investigations & the provision of training on the use of the Internet as an investigative tool. Preventative engagements have included training, background due diligence & compliance consulting. Chris is an instructor at Algonquin College, the Canadian Police College, Past-President of the Ottawa Chapter of the High Tech Crime Investigators Association (HTCIA) & a member of the Ottawa Chapter of the Association of Certified Fraud Examiners. Session 2: - David Mirza Ahmed: Introducing Vega, a New Open Source Web Vulnerability Scanner

David will be presenting Vega, a new free and open source vulnerability scanner for web applications developed by Subgraph, his Montreal-based security startup. Vega allows anyone to scan their web applications for vulnerabilities such as cross-site scripting or SQL injection. Written in Java, Vega is cross-platform. It's also extensible, with a built-in Javascript interpreter and API for custom module development. Vega also includes an intercepting proxy for manual inspection of possible vulnerabilities and penetration testing.

About The Speaker David has over 10 years in the information security business. He started his professional experience as a founding member of Security Focus, which was acquired by Symantec in 2002. David also moderated the Bugtraq mailing list, a historically important forum for discussion of security vulnerabilities, for over four years. He has spoken at Black Hat, Can Sec West, AusCERT and numerous other security conferences, as well as made contributions to books, magazines and other publications. David also participated in a NIAC working group on behalf of Symantec to develop the first version of the CVSS (Common Vulnerability Scoring System) model and was an editor for IEEE Security & Privacy. His current obsession is building Subgraph, his information security startup in Montréal.

Previous Meetings
September 10th, 2009 - Justin Foster - Speaker Notes: Download Here April 6th, 2009 - Rafal Los - Speaker Notes: Download Here July 16th, 2008 - John Linehan - Speaker Notes: Download Here November 28th, 2007 - Eric Klien - Make my day