Belgium

Local News
Belgium

Coming up: a new season of Belgium chapter meetings!

Chapter Board
The BeLux Chapter is supported by the following board: Our goal is to professionalize the local OWASP functioning, provide in a bigger footprint to detect OWASP opportunities such as speakers/topics/sponsors/… and set a 5 year target on: Target audiences, Different events and Interactions of OWASP global – local projects.
 * Erwin Geirnaert, Zion Security
 * Philippe Bogaerts, NetAppSec
 * André Mariën, Inno.com
 * Lieven Desmet, K.U.Leuven
 * Joël Quinet, Telindus
 * Sebastien Deleersnyder, Telindus

Structural Sponsors 2008
OWASP BeLux would like to thank the following organizations for sponsoring this chapter. If you are interested in sponsoring the BeLux chapter please contact seba 'at' deleersnyder.eu.

http://www.owasp.org/images/7/7e/50px-F5_50px.jpg http://www.owasp.org/images/b/b3/Telindus.jpg http://www.owasp.org/images/e/e6/Zionsecurity.jpg http://www.owasp.org/images/9/93/Radarsec.jpg

Special Luxembourg sponsor:

http://www.owasp.org/images/8/82/Rad_logo.gif

WHEN
Monday, November 17th, 2008 (18h00pm-21h00pm)

WHERE
Location is sponsored by Isabel

adres: Industriezone Zenneveld A. Vaucampslaan 42 1654 Huizingen Google Maps Link

PROGRAM
The agenda:


 * 18h00 - 18h30: Welcome & Refreshments
 * 18h30 - 19h00: OWASP Update (by Sebastien Deleersnyder, OWASP Belgium)
 * 19h00 - 20h00: Building a tool for Security consultants: A story of a customized source code scanner  (by Dinis Cruz, OWASP)
 * Presentation + discussion:details to follow.
 * Dinis Cruz Dinis Cruz is a Security Consultant based in London (UK) and specialized in: ASP.NET Application Security, Active Directory deployments, Application Security audits and .NET Security Curriculum Development. Dinis is also Chief OWASP Evangelist!


 * 20h00 - 21h00: Logging: not just a good idea (by Eddy Vanlerberghe)
 * Presentation + discussion: During the design and implementation of applications, logging is often not considered to be a vital factor in the overall security, but merely one of the tools of the trade used by developers so that runtime errors can easily be traced to their root cause in the application source. As a result, lack of decent security logs usually becomes clear when they are needed the most: when an incident has occurred. Incidents where logging plays a crucial role could be disputes over whether or not a customer issued a certain transaction (non-repudiation), intruders have compromised bank accounts (forensic investigation) or even foil an ongoing attack when suspicious traffic is being registered (e.g. lock out IP addresses of suspected attackers) This presentation will handle different aspects of what constitutes secure application logging: what to log, when to log, access to log information etc.
 * Eddy Vanlerberghe has extensive experience as a developer. He has been involved in development of commercial Internet Web applications since 1996. In 1999 he joined the company Netvision, which was first renamed to Ubizen and even later the company became Cybertrust. In 2007 the company was acquired by VerizonBusiness. Mr. Vanlerberghe was part of the development teams for security related products like ETS Multisecure, EasyPayment and the web application level firewall DMZShield. Since 2005 he has been part of the Application Security team where he was involved in all aspects of application security.

REGISTRATION
Please send a mail to Belgium 'at' owasp.org if you plan to attend, so we can size the venue appropriately and keep you updated on last-minute changes.

WHEN
Thursday, October 23rd, 2008 (18h00pm-21h00pm)

WHERE
Location was sponsored by RealDolmen

adres: Industriezone Zenneveld A. Vaucampslaan 42 1654 Huizingen Google Maps Link

PROGRAM
The agenda:


 * 18h00 - 18h30: Welcome & Refreshments
 * 18h30 - 19h00: OWASP Update (by Sebastien Deleersnyder, OWASP Belgium)
 * 19h00 - 20h00: Building a tool for Security consultants: A story of a customized source code scanner  (by Dinis Cruz, OWASP)
 * Presentation + discussion:
 * Dinis Cruz Dinis Cruz is a Security Consultant based in London (UK) and specialized in: ASP.NET Application Security, Active Directory deployments, Application Security audits and .NET Security Curriculum Development. Dinis is also Chief OWASP Evangelist!


 * 20h00 - 21h00: Logging: not just a good idea (download) (by Eddy Vanlerberghe)
 * Presentation + discussion: During the design and implementation of applications, logging is often not considered to be a vital factor in the overall security, but merely one of the tools of the trade used by developers so that runtime errors can easily be traced to their root cause in the application source. As a result, lack of decent security logs usually becomes clear when they are needed the most: when an incident has occurred. Incidents where logging plays a crucial role could be disputes over whether or not a customer issued a certain transaction (non-repudiation), intruders have compromised bank accounts (forensic investigation) or even foil an ongoing attack when suspicious traffic is being registered (e.g. lock out IP addresses of suspected attackers) This presentation will handle different aspects of what constitutes secure application logging: what to log, when to log, access to log information etc.
 * Eddy Vanlerberghe has extensive experience as a developer. He has been involved in development of commercial Internet Web applications since 1996. In 1999 he joined the company Netvision, which was first renamed to Ubizen and even later the company became Cybertrust. In 2007 the company was acquired by VerizonBusiness. Mr. Vanlerberghe was part of the development teams for security related products like ETS Multisecure, EasyPayment and the web application level firewall DMZShield. Since 2005 he has been part of the Application Security team where he was involved in all aspects of application security.

Past Events

 * Events held in 2008
 * Events held in 2007
 * Events held in 2006
 * Events held in 2005