Helsinki

Local News
Welcome to the OWASP Helsinki Chapter

The plan is to meet at least three to four times a year, each lasting 1,5-3 hours (more active "hands" means more meetings). This chapter is based in the capital area and therefore the meetings will be in or around Helsinki.

If you wish to present at one of the meetings or have any other inquiries, please contact the chapter leader.

OWASP Helsinki meeting #4 Fall 2007, e.g. security & SDLC, TBD
This will take place after the Summer holiday period, maybe September. More information to follow.

Discussion regarding security in systems development: How to define requirements, design, etc. Stay tuned.

OWASP Helsinki meeting #3 Summer 2007: "SOA, Web Services & XML Security", Tuesday, June 5th 2007
Date: June 5th

Venue: Smilehouse, Itälahdenkatu 22A (Stonesoft building), Lauttasaari

SPACE IS LIMITED TO 30 PEOPLE, SO PLEASE DO REGISTER BEFOREHAND (i.e. send an email to chapter leader).

19:00 Welcome

19:05 Gunnar Peterson, CTO Arctec Group and project lead for the OWASP "XML Security Gateway Evaluation Criteria". He will discuss SOA/WS/XML security in detailed level and provide an update of his OWASP XML GW project. Gunnar will be visiting Finland to provide training via Tietoturva ry on this subject.

19:40 "Real-life usage of OWASP tools". Alexandr Seleznyov, Nokia Product Security.

20:15 3rd presentation still open...!

20:45 Enter Bar 52... --> Enjoy (sponsored) beverages.

OWASP Helsinki meeting #2 Winter 2007, Web Application Firewalls, Thursday, February 22 2007
Thank you for the 29 participants, the speakers and the host - Nixu - for making this event happen!

Location: Nixu, Mäkelänkatu 91, 00601 Helsinki.

What are Web Application Firewalls (WAF), how do they work, what do they do and what don't they do. Discussion and sharing of experiences of various technologies and products.

'''18.30 Welcome. Mikko Saario, Chapter Leader.'''

Today's topic and agenda in short.

'''18.35 "Web Application Firewalls Technical Analysis". Joakim Sandström, CTO nSense.'''

http://www.owasp.org/images/6/6a/Owasp_waf_joakim.pdf

- Technology

- Blacklisting & Whitelisting

- mod_security features

- Do's and Don'ts

'''19.30 "The Core Rule Sets". Ofer Shezaf, CTO Breach Security.'''

http://www.owasp.org/images/f/f4/The_Core_Rule_Set_-_Ofer.pdf

- WAF deployment and protection strategies

- Detection of generic web layer attacks

- Virtual patching

OWASP Helsinki meeting #1, Tuesday, Dec 12 2006 at Ernst & Young
The Helsinki chapter had the first meeting at Ernst & Young office in Elielinaukio 5 B. The agenda and the presentations for the meeting are below. We had a good turnout: 22 people were present i.e. all seats were taken - we were very happy to see all these people to be interested in application security issues.

'''18:30 Welcome. What is OWASP and why OWASP Helsinki?'''

Mikko Saario made a short presentation about OWASP and the objective for the local Helsinki chapter.

19:00 Analyzing Threats (Olli Wiren; olli [at] juurihoito.org)

Olli Wiren discussed application related threats and corresponding security issues.

http://www.owasp.org/images/7/7c/Owasp-olli.pdf

19:45 Open discussion regarding OWASP Helsinki; what is expected or wished; how to go ahead and so forth.

There was a lively discussion regarding what type of activities should be arranged in the future. More details will follow...