Tampa

Next Meeting
Date:


 * Friday, December 6, 2019

Time:


 * 8:00am - 2c:00pm

Description:


 * OWASP Tampa Day 2109

Location: Registration: https://owasp-tampa-day-2019.eventbrite.com
 * Wild Rover Brewery 13921 Lynmar Blvd Tampa, FL 33626

AGENDA: Speakers Games Career Advice Networking

DESCRIPTION:

Join us for OWASP Tampa Day 2019!

Speakers:

Ryan Lindfield

Title: Packet Stunts: Zero-to-Hero DNS Power Leveling

Description: As CTO @ The Undercroft Ryan has a passion for technical enablement, community and tradecraft. This will be a fast-paced, and interactive training session with a focus on the Domain Name System. We’ll begin with a primer on standard DNS operation, validating concepts like resolution,  zone transfers, record types, ipv4, ipv6, tcp, udp, multicast and anycast. Once a solid foundation is established within the audience we’ll move into  DNS tradecraft from reconnaissance, to man-in-the-middle, authenticated DNS and various forms of encrypted DNS. Finally we’ll look into manipulation of DNS for exfiltration and tunneling. A lot of information in a small amount of time, please arrive a few minutes early & sufficiently caffeinated for best results.

Bio: Ryan Lindfield has been working with network security for over 2 decades. He holds dozens of certifications and loves sharing his knowledge of offensive and defensive networking. Ryan has served as a consultant, instructor, author, and technical editor for Cisco, HP, VCE, and other vendors, providing training to civilians and military. Savannah Lazzara

Title: From Basics to Hacking the Planet

Description: The talk will discuss Savannah’s journey into the cybersecurity industry as well showing an exploit demo. Savannah will show the audience books, platforms, and influencers that have helped in her career. The exploit demo will focus on vulnerabilities in Splunk applications.

Bio:  Savannah Lazzara is a Penetration Testing Intern at A-LIGN. She is currently attending The University of Tampa working towards a Bachelor’s Degree of Science in Cybersecurity. She currently holds the CEH and is CISM accredited. In addition, Savannah is one of the co-founders of Root@UT, a penetration testing and CTF training club, at The University of Tampa. Savannah also co-hosts Hack The Box's monthly meetups in the Tampa Bay area. BLuəf0x

Title: Modern Cars: Privacy Issues and Countermeasures

Description: Having a used car you purchased and discovering that you find someone else's information in the car including on the bluetooth and the countermeasures to use when you want to sell your car having your information in the car.

Bio:
 * US Army 9 years radio technician/satcom engineer
 * DoD and DoS contractor in tactical radio systems and secure/non-secure phone lines and phone switches
 * Pasco Hernando State College Law Enforcement Academy graduate
 * •1st Place NoQrtr CTF HackMiami 2018
 * •2nd Place NoQrtr CTF HackMiami 2019
 * •4th Place RedAlert ICS CTF DefCon 2019
 * •Speaker at BSides Puerto Rico 2019
 * •Staff volunteer at Cyber Security Forum Initiative and The Diana Initiative

Meeting Location
Location:

Wild Rover Brewery 13921 Lynmar Blvd Tampa, FL 33626

Presentation Archives
2019-Q1 - Application Security in an Ever Changing Digital Landscape - Trace Hollifield - Presentation Slides here

2016-Q4 - Mark Villinski, Kaspersky - Unlock the Key to Repel Ransomware, Major General Oleg D. Kalugin, Formerly with KGB and author of "Spymaster", John Ford- Defend Trade Secrets Act of 2016, Steve Obeck, Tanium- Security Hygiene, Jeremy Rasmussen, Cybersecurity Director of Abacode - “Incident Response and Investigations: Tales from the Trenches”

2016-Q3 - Red Team Operating in a modern environment - Jonathan Echavarria - Presentation Slides here

2016-Q2 - OpenSAMM Software Assurance Maturity Model - Eoin Fitzpatrick - Presentation Slides here

2016-Q1 - AppSec Pipeline: Application Security in a world of Agile Development, Continuous Change and DevOps - Doug Morato - Presentation Slides here

2015-Q4 - Care & Feeding of Programmers-Addressing App Sec Gaps with Headers - Sunny Wear - Presentation Slides here

2015-Q4 - Secure Session Management - Brian Beaudry - Presentation Slides here

OWASP Tampa Day 2014 - Shadow IT Does Not Have To Be Shady - Scott VanWart - Presentation Slides here

OWASP Tampa Day 2014 - Offensive Mobile Forensics - Joey Peloquin - Presentation Slides here

OWASP Tampa Day 2014 - OWASP Top 10 for MVC 4 and Greater - James Davis - Presentation Slides here

OWASP Tampa Day 2014 - Application Centric Mobile Application Security Model - Daniel Bender - Presentation Slides here

OWASP Tampa Day 2014 - Intern down for what? - Tony Turner - Presentation Slides here

2014-Q3 - Do we really know the OWASP Top 10? - Jon Singer - Presentation Slides here

2014-Q1 - Herding Cats - Carl Brothers - Presentation Slides here

2014-Q1 - The Enemy Within - Ramece Cave - Presentation Slides here

OWASP Tampa Day 2013 - Securing Your Applications' Data With Web Application Firewalls - Dennis K. Usle - Presentation Slides here

OWASP Tampa Day 2013 - Bring Your Own Service - Doug Maul - Presentation Slides here

OWASP Tampa Day 2013 - Design Consideration & Guiding Principles for Implementing Cloud Security - Bill Sterns - Presentation Slides here

OWASP Tampa Day 2013 - Let's Get Right To The Endpoint - Mel Pless - Presentation Slides here

OWASP Tampa Day 2013 - Vulnerability Management That Works - Tony Turner - Presentation Slides here

2012-Q3 - Taming the B.E.A.S.T. - Richard Newman - Presentation Slides here

OWASP Tampa Day 2012 - Changing the Game - Jason Kent - Presentation Slides here

OWASP Tampa Day 2012 - MDM Technical Presentation - Keith Katz - Presentation Slides here

OWASP Tampa Day 2012 - Federated Identities in the Real World - Nathan Sargent - Presentation Slides here

OWASP Tampa Day 2012 - Define and Optimize Your Approach to Application Security - Bruce Jenkins - Presentation Slides here

OWASP Tampa Day 2012 - Anonymous: Lessons Learned - Bill Church - Presentation Slides here

2012-Q1 - Protecting Against SQLi in Real-Time - Stuart Hancock - Presentation Slides

2011-Q4 - How Not to Build Android Apps - Jack Mannino - Presentation Slides here

2011-Q4 - Behind Enemy Lines: Practical & Triage Approaches to Mobile Security Abroad - Justin Morehouse - Presentation Slides here

2011-Q3 - Hiding in Plain Sight - Ramece Cave - Presentation Slides here

2011-Q3 - PCI Compliance 2.0 - Kate Mullin - Presentation Slides here

OWASP Tampa Day 2011 - PCI for Developers: Lessons from the Real World - Trevor Hawthorn - Presentation Slides here

OWASP Tampa Day 2011 - Top Website Vulnerabilities: Trends, Business Effects and How to Fight Them - Rinaldi Rampen - Presentation Slides here

OWASP Tampa Day 2011 - How to Defend the Universe from Evil-doers: A Guide for Software Developers and Security Teams - Bruce Jenkins - Presentation Slides here

OWASP Tampa Day 2011 - Analysis of Deadly Combination of XSS and CSRF - Sherif Koussa - Presentation Slides here

2011-Q1 - Real Lessons of Deploying Static Analysis in Development Groups - Jeff LoSapio - Presentation Slides here

2011-Q1 - Intelligence Gathering for Penetration Testers: Opening Doors with Metadata - Chris Patten - Presentation Slides here

2011-Q1 - Vulnerability Management in an IPv6 World - Richard Newman &amp; Brett McKinney - Presentation Slides here

2010-Q4 - Nessus Bridge for Metasploit - Zate Berg - Presentation Slides here

2010-Q2 - Stealing Guests...The VMware Way - Justin Morehouse &amp; Tony Flick - Presentation slides here

2010-Q1 - The New World of Smartphone Security - Trevor Hawthorn - Presentation slides here

2009-Q3 - Hacking the Smart Grid - Tony Flick - Presentation slides here

2009-Q2 - Open SAMM - Zate Berg - Presentation slides here

2009-Q1 - XSS Anonymous Browser - Matt Flick - Presentation slides here

2008-Q4 - Google Code Search : The pitfalls of Copy/Paste - Tony Flick - Presentation slides here