New Zealand

Upcoming Events
Events also need to be listed in the OCMS system.

27 August 2018

Meetup - OWASP New Zealand-Wellington
 * Agenda: Howdy! It's time for our bi-monthly OWASP Wellington meetup, and this time we've got a great talk from Felix Shi about deserialisation attacks. This talk is friendly for newcomers, and is suitable for any web developers to attend. If you'd like to learn more about what deserialisation is, and how it can cause issues, then please come along!
 * Location: Aura Information Security, Level 2, 117 Lambton Quay, Wellington

14 August 2018

Meetup - OWASP New Zealand-Auckland
 * Top Ten Focus: A3 - Sensitive Data Exposure
 * Technical Topic: Web Application Penetration Testing Demo
 * Location: Orion Health, 181 Grafton Road, Grafton, Auckland

2018
OWASP NZ Wellington Meetup page
 * 27 Aug 2018
 * Developer's guide to Deserialization Attack with Felix Shi
 * Video:
 * Location: Wellington
 * Presented by: Felix Shi


 * 12 June 2018

OWASP NZ Auckland Meetup page
 * Top Ten Focus: A2 - Broken Authentication
 * Technical Topic: TBC
 * Location: InternetNZ, 62 Victoria Street West, Auckland CBD, Auckland

OWASP NZ Wellington Meetup page
 * 11 June 2018
 * What are certificates? with Matt Cotterell
 * Location: Wellington
 * Presented by: Matt Cotterell


 * 10 April 2018

OWASP NZ Auckland Meetup page
 * Top Ten Focus: A1 - Injection
 * Technical Topic: OWASP Software Assurance Maturity Model (SAMM)
 * Location: Orion Health, 181 Grafton Road, Grafton, Auckland


 * 28 March 2018 OWASP NZ Christchurch Meetup page
 * CERT NZ
 * Location: Christchurch
 * Co-Sponsor: Catalyst

OWASP NZ Wellington Meetup page
 * 26 Feb 2018
 * CERT NZ - Who are we? How are websites getting hacked in real life? with Declan Ingram
 * Video:
 * Location: Wellington
 * Presented by: Declan Ingram


 * 5 Feb 2018

https://www.owasp.org/images/5/53/NZ_day_2018_web.jpg

OWASP NZ Day 2018 will be held on Monday the 5th of February 2018 at the University of Auckland School of Business.

Gold Sponsors:

2017
OWASP NZ Wellington Meetup page
 * 2 Oct 2017
 * Presentation: Same-origin policy: The core of web security
 * Video:
 * Location: Wellington
 * Presented By: Kirk Jackson

OWASP NZ Christchurch Meetup page
 * 27 Sept 2017
 * Securing your data (your business) using SQL Server 2016
 * Presented By: Anupama Natarajan
 * Location: Christchurch
 * Co-Sponsor: Catalyst

OWASP NZ Wellington Meetup page
 * 31 July 2017
 * Presentation: What is Cross-Site Request Forgery?
 * Video:
 * Location: Wellington
 * Presented By: Vales Bakaitis

OWASP NZ Christchurch Meetup page
 * 28 June 2017
 * Web Developer Quiz Night
 * Prepared and Presented By: Kim Carter
 * Details: on binarymist.io
 * Location: Christchurch
 * Co-Sponsor: Catalyst

OWASP NZ Wellington Meetup page
 * 29 May 2017
 * Presentation: Developer's Guide to Preventing XSS
 * Video:
 * Location: Wellington
 * Presented By: Felix Shi


 * 19th and 20th of April 2017

https://www.owasp.org/images/6/63/OWASP_NZ_Day_2017_logo.jpg

At the University of Auckland School of Business

Gold Sponsors:

OWASP NZ Christchurch Meetup page
 * 29 March 2017
 * PHP Hurts Programmers (and other tales)
 * Presented By: Keith Humm
 * Slides: on speakerdeck
 * Locations: Christchurch
 * Co-Sponsor: Catalyst

OWASP NZ Wellington Meetup page
 * 27 Feb 2017
 * Presentation: Building the ultimate login and signup
 * Video: Youtube
 * Location: Wellington
 * Presented By: Matt Cotterell

OWASP NZ Wellington Meetup page
 * 29 November 2016
 * Presentation: OWASP Top Ten - Developing secure web apps (PHP-flavoured)
 * Video: Youtube
 * Location: Wellington
 * Presented By: Kirk Jackson
 * In conjunction with the PHP user group Wellington

OWASP NZ Wellington Meetup page
 * 10 October 2016
 * Presentation: Introduction to Ruby on Rails security
 * Video: Youtube
 * Locations: Wellington
 * Presented By: Tim Goddard
 * Sponsor: Insomnia

OWASP NZ Christchurch Meetup page
 * 28 September 2016
 * Presentation / Demo Applying Cold War Learnings to our Daily OPSEC
 * DeadDrop: (https://deaddrop.jadeworld.com/)
 * Github: (https://github.com/phage-nz/deaddrop)
 * Chris's Blog Post: (https://bytefog.blogspot.co.nz/2015/09/burn-after-reading.html)
 * Locations: Christchurch
 * Presented By: Chris Campbell
 * Co-Sponsor: Catalyst and BinaryMist

OWASP NZ Wellington Meetup page
 * 29 August 2016
 * Presentation: Mobile app security: Intro to the OWASP Mobile Top 10
 * Video: Youtube
 * Location: Wellington
 * Presented By: Mike Haworth

OWASP NZ Christchurch Meetup page
 * 29 June 2016
 * Presentation / Demo Security Regression Testing with ZapAPI and NodeGoat
 * Teaser: (https://youtu.be/DrwXUOJWMoo)
 * Github: (https://github.com/binarymist/NodeGoat/wiki/Security-Regression-Testing-with-Zap-API)
 * Sourced From: Kims Book (https://leanpub.com/holistic-infosec-for-web-developers/read#process-agile-development-and-practices-security-regression-testing)
 * Locations: Christchurch
 * Presented By: Kim Carter
 * Co-Sponsor: Catalyst and BinaryMist

OWASP NZ Wellington Meetup page
 * 27 June 2016
 * Presentation: Introduction to using a web application firewall
 * Video: Youtube
 * Location: Wellington
 * Presented By: Graeme Neilson
 * Sponsor: RedShield

OWASP NZ Christchurch Meetup page
 * 30 March 2016
 * Presentation: Qubes OS Discussion (https://www.qubes-os.org)
 * Locations: Christchurch
 * Presented By: Craig Rowland
 * Co-Sponsor: Dimension Data and BinaryMist Limited

2016

 * 3rd and 4th of February 2016

https://www.owasp.org/images/2/23/OWASP_NZ_Day_2016_logo.jpg

At the University of Auckland School of Commerce

Gold Sponsors:

2015
OWASP NZ Christchurch Meetup page
 * 25 November 2015
 * Presentation: UAC, Governance and Managing the External Infosec Audit
 * Locations: Christchurch
 * Presented By: Drewe Hinkley
 * Co-Sponsor: Dimension Data and BinaryMist Limited

OWASP NZ Christchurch Meetup page
 * 30 September 2015
 * Two part Presentation: The Exploited and the Exploiters - Case Study of a Real Cyber Hack and Live Demo's from Kims book
 * Locations: Christchurch
 * Presented By: Salinda Lekamge and Kim Carter

OWASP NZ Christchurch Meetup page
 * 24 June 2015
 * Presentation: "Does Your Cloud Solution Look Like a Mushroom".
 * Locations: Christchurch
 * Presented By: Kim Carter.
 * Co-Sponsor: Dimension Data and BinaryMist Limited

OWASP NZ Christchurch Meetup page
 * 25 March 2015
 * Presentation: Reverse Engineering, Cracking, Compromising Software Security & Mitigations
 * Locations: Christchurch
 * Presented By: Rob Gilmour, Senior Software Engineer, Technical Support, JADE Software Corporation Ltd.
 * Co-Sponsor: Dimension Data and BinaryMist Limited


 * 26th and 27th of February 2015



At the University of Auckland Engineering Department

2014
OWASP NZ Christchurch Meetup page
 * 26 November 2014
 * Workshop: Review SSL/TLS, demo sslstrip and mitigation techniques
 * Locations: Christchurch
 * Presented By: Kevin Alcock, Security Consultant at Katipo Security
 * Co-Sponsor: Dimension Data and BinaryMist Limited

OWASP NZ Christchurch Meetup page
 * 25 September 2014
 * Workshop: Review, Exploit and Learn from Vulnerable Web App
 * Locations: Christchurch
 * Presented By: Chris Campbell, Security & Operations Consultant Jade
 * Co-Sponsor: Dimension Data and BinaryMist Limited

OWASP NZ Wellington Meetup page
 * 24 July 2014
 * Workshop: Web App Security Workshop
 * Locations: Wellington
 * Presented By: Adrian Hayes
 * Sponsor: Dimension Data

2013
Meetup Link Here
 * 19 December 2013
 * Co-Sponsor: Security-Assessment.com and Touchpoint
 * Locations: Wellington, Auckland, Christchurch, Webcast
 * Details: All details are on the meetup page above
 * Presentation: Extending Burp with Python
 * Presented By: Mike Haworth, Aura Information Security


 * 11th and 12th of September 2013



At the Auckland Business School

https://www.owasp.org/index.php/OWASP_New_Zealand_Day_2013

OWASP Meetup page to RSVP
 * 22 May 2013
 * Co-Sponsor: Security-Assessment.com and Touchpoint
 * Locations: Wellington, Auckland, Webcast
 * Details: All details are on the meetup page above

2012
OWASP New Zealand Day 2012
 * 31st August 2012
 * Co-Sponsor: The University of Auckland, Security-Assessment.com, Aura Information Security, Insomnia Security, Lateral Security, Web Drive
 * Location: Auckland
 * Event site: OWASP New Zealand Day 2012


 * 8th May 2012
 * Co-Sponsor: Security-Assessment.com and Touchpoint
 * Locations: Wellington, Auckland
 * Presentation: An Overview and introduction to modern day BeEF
 * Presented By: Mark Piper, Insomnia Security


 * 28th February 2012
 * Co-Sponsor: Security-Assessment.com and Touchpoint
 * Locations: Wellington, Auckland
 * Presentation: Introduction to the OWASP Top Ten - Part 3
 * Presented By: Adrian Hayes, Security Consultant (Security-Assessment.com)
 * Presentation: Mistaken Identity: How Not To Build A Password Reset Process
 * Presented By: Nick Freeman, Senior Security Consultant (Security-Assessment.com)

2011

 * 6th December 2011
 * Co-Sponsor: Security-Assessment.com and Touchpoint
 * Locations: Wellington, Auckland
 * Presentation: Introduction to the OWASP Top Ten - Part 2
 * Presented By: Adrian Hayes, Security Consultant (Security-Assessment.com)
 * Presentation: Hardened Hosting
 * Presented By: Quintin Russ, Technical Director (SiteHost)


 * 20th September 2011
 * Co-Sponsor: Security-Assessment.com
 * Locations: Wellington, Auckland
 * Presentation: Introduction to the OWASP Top Ten - Part 1
 * Presented By: Nick Freeman, Security Consultant (Security-Assessment.com)
 * Presentation: Clickjacking for Shells
 * Presented By: Andrew Horton, Security Consultant (Security-Assessment.com)

https://www.owasp.org/images/0/05/OWASP_NZ_Day_2011_Logo.png
 * 7th July 2011
 * Co-Sponsor: Security-Assessment.com, The University of Auckland
 * Location: Auckland
 * Presentations: Download
 * Event site: OWASP New Zealand Day 2011


 * 2nd March 2011
 * Co-Sponsor: Security-Assessment.com
 * Locations: Wellington, Auckland
 * Presentation: Crazy Insecure Web Apps Google Didn't Tell You About..
 * Presented By: Adrian Hayes, Security Consultant (Security-Assessment.com)
 * Presentation: I know what you did last summer: The latest from the world of web hacks
 * Presented By: Kirk Jackson, Security Consultant (Aura Software Security)

2010
http://www.owasp.org/images/a/a7/Owasp_nz_day_2010.jpg
 * 15th July 2010
 * Co-Sponsor: Security-Assessment.com, Lateral Security, The University of Auckland
 * Location: Auckland
 * Presentations: Download
 * Event site: OWASP New Zealand Day 2010


 * 4th March 2010
 * Co-Sponsor: Security-Assessment.com
 * Locations: Wellington, Auckland
 * Presentation: MS-SQL Injections.
 * Presented By: Scott Bell, Security Consultant (Security-Assessment.com)

2009

 * 10th November 2009
 * Co-Sponsor: Security-Assessment.com
 * Locations: Wellington, Auckland
 * Presentation: Testing AMF/Flex.
 * Presented By: Nick Freeman, Security Consultant (Security-Assessment.com)
 * Presentation: "Shared Ownership", from a web security perspective.
 * Presented By: Quintin Russ, Technical Director (Site Host)

https://www.owasp.org/images/8/85/Owasp_nz_logo.jpg
 * 13th July 2009
 * Co-Sponsor: Security-Assessment.com, Lateral Security, The University of Auckland
 * Location: Auckland
 * Presentations: Download
 * Event site: OWASP New Zealand Day 2009


 * 19th March 2009
 * Co-Sponsor: Vodafone New Zealand and Security-Assessment.com
 * Locations: Wellington, Auckland
 * Presentation: "ActiveXploitation in 2009"
 * Presented By: Paul Craig, Principal Security Consultant (Security-Assessment.com)
 * Presentation: "Reversing JavaScript"
 * Presented By: Roberto Suggi Liverani, Senior Security Consultant (Security-Assessment.com)

2008

 * 5th November 2008
 * Co-Sponsor: Vodafone New Zealand and Security-Assessment.com
 * Locations: Wellington, Auckland
 * Presentation: "Common Application Flaws"
 * Presented By: Brett Moore, Network Intrusion Specialist (Insomnia Security)
 * Presentation: "In your Browser, Jackin your Clicks"
 * Presented By: Beau Butler, Security Consultant (Security-Assessment.com)
 * Presentation: "Opera Stored Cross Site Scripting"
 * Presented By: Roberto Suggi Liverani, Security Consultant (Security-Assessment.com)


 * 3rd September 2008
 * Co-Sponsor: Microsoft and Security-Assessment.com
 * Locations: Wellington, Auckland
 * Presentation: "Browser Security"
 * Presented By: Roberto Suggi Liverani, Security Consultant (Security-Assessment.com)
 * Presentation: "Time based blind SQL Injections"
 * Presented By: Muhaimin Dzulfakar, Security Consultant (Security-Assessment.com)


 * 25th June 2008
 * Co-Sponsor: Security-Assessment.com
 * Locations: Wellington, Auckland
 * Presentation: "Fuzz the Web"
 * Presented By: Dean Jerkovich, Security Analyst (ASB)
 * Presentation: "Hacking The World With Flash Part #2: The Results"
 * Presented By: Paul Crag, Principal Security Consultant (Security-Assessment.com)


 * 29th April 2008
 * Co-Sponsor: Security-Assessment.com
 * Locations: Wellington, Auckland
 * Presentation: "Hacking The World With Flash"
 * Presented By: Paul Craig, Principal Security Consultant (Security-Assessment.com)
 * Presentation: "Web Spam Techniques - also available in HTML format"
 * Presented By: Roberto Suggi Liverani, Security Consultant (Security-Assessment.com)


 * 21st February 2008
 * Co-Sponsor: Veda Advantage
 * Locations: Auckland
 * Presentation: "Xpath Injection - An Overview"
 * Presented By: Roberto Suggi Liverani, Security Consultant (Security-assessment.com)

2007

 * 5th December 2007
 * Co-Sponsor: Veda Advantage
 * Locations: Auckland
 * Presentation: "Ajax Security"
 * Presented By: Roberto Suggi Liverani, Security Consultant (Security-assessment.com)
 * Presentation: "On the job browser exploitation"
 * Presented By: Mark Piper, Senior Security Consultant (Security-assessment.com)


 * 22nd May 2007
 * Co-Sponsor: Veda Advantage
 * Press Release: VedaAdvantage.com
 * Locations: Auckland
 * Presentation: "OWASP in New Zealand"
 * Presented By: Roberto Suggi Liverani / Antonio Spera


 * April 2007
 * Co-Sponsor: Veda Advantage
 * Locations: Auckland


 * January 2007
 * Co-Sponsor: Veda Advantage
 * Locations: Auckland

Activities
OWASP New Zealand members actively participate in various OWASP activities. The following are some recent activities undertaken by OWASP NZ members:


 * Denis Andzakovic has resigned from his position as OWASP New Zealand Chapter Leader at OWASP NZ Day 2018
 * Kim Carter ran a workshop at the NYC chapter
 * Kirk Jackson stepped up to replace Adrian Hayes for Wellington from New Zealand day 2016 onwards.
 * Denis Andzakovic stepped up to replace Nick Freeman for Auckland in March 2014
 * Kim Carter came on board to lead Christchurch from New Zealand Day 2013 onwards.
 * Nick Freeman and Scott Bell have been appointed as the new leaders of the new OWASP New Zealand Chapter
 * Roberto Suggi Liverani has resigned from his position as OWASP New Zealand Chapter Leader
 * Roberto Suggi Liverani will be speaking at OWASP AppSec Asia 2009 conference
 * Roberto Suggi Liverani and Nick Freeman will be speaking at Defcon 17
 * OWASP NZ Day 2009 - Presentations online
 * Roberto Suggi Liverani and Nick Freeman will be speaking at EUSecWest 09
 * Brett Moore will be speaking at OWASP AU Conference about "Vulnerabilities In Action".
 * Roberto Suggi Liverani contributed to the OWASP Testing Guide v3.
 * Mark Piper took his "On the job browser exploitation" talk to the OWASP_Australia_AppSec_2008_Conference.
 * Rob Munro has been appointed as OWASP Evangelist
 * OWASP NZ has audio/video conference capability between Auckland and Wellington

OWASP NZ Members
We are always looking for additional board members to evangelise the OWASP mission help with meetings, projects and initiatives as we all know it takes time/effort to run a chapter. Please contact us if you are interested to join the NZ OWASP board member or for any queries related to OWASP NZ.

 
 * NZ Board Member (Leader - Auckland) [mailto:john.dileo@owasp.org John DiLeo],
 * NZ Board Member (Leader - Wellington) [mailto:kirk.jackson@owasp.org Kirk Jackson]
 * NZ Board Member (Leader - Christchurch) [mailto:kim.carter@owasp.org Kim Carter]
 * NZ Board Members (Auckland) [mailto:dionbramley@gmail.com Dion Bramley], [mailto:cwprobst@gmail.com Christian W Probst]