OWASP NL Monthly Meetup

From OWASP
Jump to: navigation, search
OWASP Netherland Wiki

The OWASP Monthly Meetup is a networking opportunity to get together with your peers.

To visit OWASP - Chapter Netherlands Meetup, go here: OWASP NL @ Meetup.com

Dates / Locations:

Upcoming Meetups

June 28, 2018

https://www.meetup.com/OWASP-Chapter-Netherlands-Meetup/events/250034898/

18:30 - 19:00 Dinner
19:00 - 19:15 Welcome, OWASP update
19:15 - 20:00: Building a Security ‘Culture’ by Gareth O’Sullivan
20:15 - 21:00: Building secure software with OWASP tools and guides by Martin Knobloch
21:00 - Closing
Vergader Inn
Croeselaan 207
3521 BN Utrecht

Building a Security ‘Culture’ Rushing Towards Digital Transformation Breaches. Despite significant investments in security technology and processes, attackers still gain access to protected data on a regular basis. IT builds higher and higher walls around the locations where data lives but attacks persist. Mass migration to cloud computing has improved scalability, lowered costs, and freed IT from having to manage the application environment. However, this means cloud becomes a target for attackers, and it becomes more risky to store sensitive data there. BYOD makes users’ devices a target as well. Obviously from a security standpoint, the greater number of devices there are to manage, the greater the risk of attack. What to do, and where to start?

Gareth O’Sullivan Lead Technology Research Consultant at Genomics Medicine Ireland, a company helping map the Irish Genome & recently established as Managing Director of Progress Distribution Ireland a leading EMEA Cyber Security distributor. Gareth is an IT Security Executive with 20 years’ experience in the software industry, 13 of which have been security focused. Previously Snr Director of Solutions Architecture at WhiteHat Security covering EMEA plus similar roles in the past with IBM & Watchfire. Technical, Compliance and Commercially focused so enjoy engaging with technology but also like to build teams, conducting business development, sales channel development & pipeline generation.

Building secure software with OWASP tools and guides All know the OWASP TopTen, some one or more other projects. The problem is, where the wiki is good to archive the project information, it is hard to find information if you don't know what you are looking for. Therefore, only a few have a broader understanding of projects (being tools or guides) you can use in your software development lifecycle, even before, to create more secure software. This talk is highlighting various OWASP projects taking you from CISO policies, security requirements to building and secure software and verifying the security level.

Martin Knobloch is security consultant at Xebia.com. His main working area is (software) security in general, from awareness to implementation. In his daily work, he is responsible for education in application security matters, advise and implementation of application security measures. With his background in Java Development, he understands the complexity of Enterprise software development, Agile Scrum environments and continuous delivery / deployment.

September 20, 2018

https://www.meetup.com/OWASP-Chapter-Netherlands-Meetup/events/250034921/ TBD

Past Meetups

April 12, 2018

https://www.meetup.com/OWASP-Chapter-Netherlands-Meetup/events/248338412/

18:30 - 19:00 Dinner
19:00 - 19:15 Welcome, OWASP update & Inspire introduction
19:15 - 20:00: Adding Privacy by Design in Secure Application Development by Sebastien Deleersnyder
20:15 - 21:00: Smashing Ethereum Smart Contracts for Fun and ACTUAL Profit by Bernhard Mueller
21:00 - Closing
Inspire
Voetiusstraat 2
3512 JM Utrecht

Adding Privacy by Design in Secure Application Development The General Data Protection Regulation (GDPR) is coming. One monumental change is the introduction of Privacy by Design. In this presentation we will focus on the Privacy by Design (PbD) implications for developers. Two cornerstones for a successful implementation of PbD will be pitched: 1) the integration of GDPR in a Secure Development Lifecycle approach 2) threat modeling and GDPR risk patterns

Download the presentation as PDF

Sebastien Deleersnyder is Co-founder & managing partner application security at Toreon.com. Sebastien has helped various companies improve their ICT-, Web- and Mobile Security, including BNP Paribas Fortis, Atos Worldline, KBC, Nationale Nederlanden (ING), Isabel, Fluxys, OLAF, EU Council, TNT Post, Flemish Community, Agfa-Gevaert and ING Insurance International. Sebastien is the Belgian OWASP Chapter Leader, co-project leader of the OWASP SAMM project, served on the OWASP Foundation Board member (2007-2013) and performed several presentations and trainings on Web Application, Mobile and Web Services Security. Ethereum is an open software blockchain platform that enables developers to build and deploy decentralized apps. Over the past couple of years, its cryptocurrency Ether has taken the number two spot in market cap second to Bitcoin.

Smashing Ethereum Smart Contracts for Fun and ACTUAL Profit In Ethereum, state transitions are mediated by code (a.k.a “smart contracts”) running in the Ethereum Virtual Machine (EVM) which boasts a turing-complete instruction set, allowing for near-unlimited use cases including (but not limited to) crypto kitties. However, with great flexibility comes great potential for vulnerabilities. And in accordance to Murphy’s law, disaster has stricken several times, resulting in hundreds of millions worth of Ether being stolen or stuck in limbo for all eternity. In this talk, I will investigate recent incidents, and shed light on the various types of flaws that occur in Ethereum smart contracts. I’ll show how to explore the blockchain and reverse engineer smart contract binary code using Mythril, the “nmap of Ethereum”. I’ll also demonstrate the use of symbolic analysis to detect different types of vulnerabilities, including those resulting from inter-contract calls. Finally, I’ll show how to autogenerate Ethereum exploits using the Z3 solver.

Download the presentation as PDF

Bernhard Mueller is a security engineer at Consensys and a hacker with a decade-long track record. He has found dozens of zero day flaws in widely used software, published attacks on core Internet protocols, and written award-winning papers. He is also a winner of BlackHat’s “Best Research” Pwnie Award.

March 8, 2018

https://www.meetup.com/OWASP-Chapter-Netherlands-Meetup/events/248125406/

18:00 - 18:45 Registration & Pizzas
18:45 - 19:00 Welcome & OWASP update
19:00 - 19:15 TNO introduction
19:15 - 20:00 Faalkaart by Elger Jonker
20:00 - 20:15 Break
20:15 - 21:00 Second talk by Edwin van Andel
21:00 - 21:30 Networking and discussion
TNO
Eemsgolaan 3
Groningen

February 8, 2018

https://www.meetup.com/OWASP-Chapter-Netherlands-Meetup/events/247313273/

18:30 - Start
18:45 - Order food/dinner
19:30 - Presentation about Faalkaart by Elger Jonker.
20:30 - Meet'n' greet - Time to meet your peers!
21:00 - Closing
Restaurant De Branding
Croeselaan 303
3521 BT Utrecht
030-2900299
http://www.restaurantdebrandingutrecht.nl/

December 7, 2017

OWASP Netherlands Meetup! registration

November 9, 2017

OWASP Netherlands Meetup! registration

18:30 - Doors open / buffet (sponsored by Xebia)
19:15 - Talk:
In de Ict-industrie zit naarstig te wachten op het eigen incident dat een groot verschil gaat maken in het denken over beveiliging. De OWASP TOP-10 is het triest bewijs dat veel organisaties, maar bitter weinig leren van beveiliging. Hoe anders is dat in transport geweest toen het denken radicaal omsloeg na de ondergang van de Titanic. Gaat nu opnieuw logistiek opnieuw voor de omslag in denken zorgen of wachten we op een andere ramp? Want dat technologie juist in die industrie een alles veranderende rol staat spelen, kan tot weinig discussie leiden. En als de verandering komt hoe ziet dan de wereld eruit? Is OWASP klaar voor zo’n nieuwe situatie?
Brenno de Winter (1971) schreef zijn eerste computerprogramma op vijfjarige leeftijd en is sindsdien altijd met technologie bezig geweest. Hij is al jaren bezig met beveiliging. Tijdens zijn jaren als journalist schreef hij menig verhaal dat een fundamentele discussie startte of het nu ging over het kraken van de OV-chipkaart, Diginotar, de duizenden lekken die rond lektoner naar voren kwamen of falend beleid. Als boekenschrijver schreef hij diverse titels en werkt hij aan eend methodiek om meer ‘zeewaardig te worden’ op beveiligingsgebied.
20:15 - Meet'n' greet
Time to meet your peers!
21:30 Closing

Where:

   Xebia
   Wibautstraat 200, 1091 GS Amsterdam


October 5, 2017

OWASP Netherlands Meetup! registration

18:30 - Doors open / buffet (sponsored by Xebia)
19:15 - Talk: OWASP Global and Netherlands update
  • Looking back on the past AppSec-US
  • Looking forward to the BeNeLux-Day 2017
20:15 - Meet'n' greet
Time to meet your peers!
21:30 Closing

Where:

Xebia
Wibautstraat 200, 1091 GS Amsterdam== September 7, 2017 ==

OWASP Netherlands Meetup! registration

18:30 - Doors open / buffet (sponsored by Xebia)
19:15 - Talk: OWASP Security Knowledge Framework, 2.0
Glenn and Riccardo ten Cate will talk about the OWASP Security Knowledge Framework (SKF) and the new features of the 2.0 release
20:15 - Meet'n' greet
Time to meet your peers!
21:30 Closing

Where:

Xebia
Wibautstraat 200, 1091 GS Amsterdam

June 8, 2017

https://www.meetup.com/OWASP-Chapter-Netherlands-Utrecht-Meetup/events/240446300/

18:30 - Start
19:00 - Order food
20:00 - Discussions/networking/updates
Restaurant De Branding
Croeselaan 303
3521 BT Utrecht
030-2900299
http://www.restaurantdebrandingutrecht.nl/

April 6, 2017

https://www.meetup.com/OWASP-Chapter-Netherlands-Utrecht-Meetup/events/238715293/

18:30 - Start
19:00 - Order food
20:00 - Discussions/networking/updates
Restaurant De Branding
Croeselaan 303
3521 BT Utrecht
030-2900299
http://www.restaurantdebrandingutrecht.nl/

December 1, 2016

https://www.meetup.com/OWASP-Chapter-Netherlands-Utrecht-Meetup/events/228632198/

18:30 - ? chat, brainstorming etc.
Restaurant De Branding
Croeselaan 303
3521 BT Utrecht
030-2900299
http://www.restaurantdebrandingutrecht.nl/

November 3, 2016

https://www.meetup.com/OWASP-Chapter-Netherlands-Utrecht-Meetup/events/228632193/

18:30 - ? chat, brainstorming etc.
Restaurant De Branding
Croeselaan 303
3521 BT Utrecht
030-2900299
http://www.restaurantdebrandingutrecht.nl/

October 6, 2016

https://www.meetup.com/OWASP-Chapter-Netherlands-Utrecht-Meetup/events/228632186/

18:30 - ? chat, brainstorming etc.
Restaurant De Branding
Croeselaan 303
3521 BT Utrecht
030-2900299
http://www.restaurantdebrandingutrecht.nl/

September 1, 2016

https://www.meetup.com/OWASP-Chapter-Netherlands-Utrecht-Meetup/events/228632177/

18:30 - ? chat, brainstorming etc.
Restaurant De Branding
Croeselaan 303
3521 BT Utrecht
030-2900299
http://www.restaurantdebrandingutrecht.nl/

August 4, 2016

https://www.meetup.com/OWASP-Chapter-Netherlands-Utrecht-Meetup/events/kkcwnlyvlbgb/

18:30 - ? chat, brainstorming etc.
Restaurant De Branding
Croeselaan 303
3521 BT Utrecht
030-2900299
http://www.restaurantdebrandingutrecht.nl/

June 2, 2016

https://www.meetup.com/OWASP-Chapter-Netherlands-Utrecht-Meetup/events/228632164/

18:30 - ? chat, brainstorming etc.
Restaurant De Branding
Croeselaan 303
3521 BT Utrecht
030-2900299
http://www.restaurantdebrandingutrecht.nl/

May 12th, 2016

http://www.meetup.com/OWASP-Chapter-Netherlands-Utrecht-Meetup/events/228094227/

18:30 - ? chat, brainstorming etc.
Restaurant De Branding
Croeselaan 303
3521 BT Utrecht
030-2900299
http://www.restaurantdebrandingutrecht.nl/

April 7th, 2016

http://www.meetup.com/OWASP-Chapter-Netherlands-Utrecht-Meetup/events/228632149/

18:30 - ? chat, brainstorming etc.
Restaurant De Branding
Croeselaan 303
3521 BT Utrecht
030-2900299
http://www.restaurantdebrandingutrecht.nl/

March 3rd, 2016

http://www.meetup.com/OWASP-Chapter-Netherlands-Utrecht-Meetup/events/228104950/

18:30 - ? chat, brainstorming etc.
Restaurant De Branding
Croeselaan 303
3521 BT Utrecht
030-2900299
http://www.restaurantdebrandingutrecht.nl/

February 4th, 2016

Kick-Off BBQ, location to be announced to whom has registered:

http://www.meetup.com/OWASP-Chapter-Netherlands-Utrecht-Meetup/events/228093822/

December 3rd, 2015

18:30 - ? chat, brainstorming etc. / bijkletsen
Restaurant De Branding
Croeselaan 303
3521 BT Utrecht
030-2900299
http://www.restaurantdebrandingutrecht.nl/

November 5th, 2015

http://www.meetup.com/OWASP-Chapter-Netherlands-Utrecht-Meetup/events/226036523/

18:30 - ? chat, brainstorming etc. / bijkletsen
Restaurant De Branding
Croeselaan 303
3521 BT Utrecht
030-2900299
http://www.restaurantdebrandingutrecht.nl/

October 1st, 2015

18:30 - 19:00 walk-in / in-loop
19:00 - 19:30 announcements / aankondigingen
19:30 - ? chat, brainstorming etc. / bijkletsen
Restaurant De Branding
Croeselaan 303
3521 BT Utrecht
030-2900299
http://www.restaurantdebrandingutrecht.nl/

September 3rd, 2015

http://www.meetup.com/OWASP-Chapter-Netherlands-Utrecht-Meetup/events/224672626/

18:30 - 19:00 walk-in / in-loop
19:00 - 19:30 announcements / aankondigingen
19:30 - ? chat, brainstorming etc. / bijkletsen
Restaurant De Branding
Croeselaan 303
3521 BT Utrecht
030-2900299
http://www.restaurantdebrandingutrecht.nl/

August 6th, 2015

http://www.meetup.com/OWASP-Chapter-Netherlands-Utrecht-Meetup/events/224046536/

6:30 - 7:00 walk-in / inloop
7:00 - 7:30 kennismaking / introductions
7:30 - 8:00 aankondigingen / announcements
8:00 - 8:30 Vragen / Q & A, einde
Restaurant De Branding
Croeselaan 303
3521 BT Utrecht
030-2900299
http://www.restaurantdebrandingutrecht.nl/