Difference between revisions of "Brisbane"

From OWASP
Jump to: navigation, search
(Chapter Meetings)
 
(9 intermediate revisions by 2 users not shown)
Line 12: Line 12:
 
== Chapter Meetings  ==
 
== Chapter Meetings  ==
  
'''Next Brisbane Chapter Meeting - Wednesday April 10, 2013'''
+
'''Next Brisbane Chapter Meeting - Tuesday August 18, 2015'''
  
In April's meeting, Ben Waugh's presentation will be on the topic "How does an organisation embed a secure development life-cycle into a highly distributed (both physically and structurally) software development environment comprising hundreds of developers?".
+
In August's meeting, David Jorm will present on the topic "Red Star OS".
  
Since joining the security industry from a software development background, Ben has worked in the financial services industry advising to projects on a range of security issues as well as developing and implementing various technologies to improve detection of malicious or fraudulent activity. However, he has most enjoyed his role driving development of an application security program from the ground up. In his spare time he dabbles in a number of security (and non-security) software projects, including the BeEF framework.
+
Red Star OS is the North Korean Linux distribution of choice. Originally discovered by a Russian exchange student in Pyongyang, several versions have now been leaked. Red Star includes several interesting packages, including what looks like an anti-virus program. Analysis of the most recent leaked release shows that while it looks like AV - since it is intercepting file read/write hooks - it is far more sinister. The package is in fact fingerprinting certain files when they are read and viewed, allowing state security agents to construct an audit log of who viewed and distributed "illicit" media, such as regime-destroying South Korean soap operas. This presentation will briefly describe the offending package and community analysis efforts, and then explore the implications for North Korea's regime and security apparatus in detail.
  
Ben will present how to use a number of OWASP tools, including OpenSAMMM, ZAP as well as some home-grown initiatives, to win over developers and management as part of a lightweight and agile application security program.
+
David has been involved in the software industry for the last 15 years, with a focus on security. By day, he manages product security for IIX, as well as several open source projects such as OpenDaylight and ONOS. By night, he indulges his horrible fascination with North Korea, and has been quoted by a major newspaper as saying the North Korean nuclear program is "ready to rock".
  
Please note that the meeting is on WEDNESDAY night, instead of the usual Tuesday. 
 
  
  
Line 27: Line 26:
 
''Time:'' 5:30pm for a 6pm start.  Lifts to Level 1 will be locked after 6pm.  Please arrive before then!   
 
''Time:'' 5:30pm for a 6pm start.  Lifts to Level 1 will be locked after 6pm.  Please arrive before then!   
  
''Date:'' Wednesday 10th April
+
''Date:'' Tuesday 18th August
  
 
''Close:'' Session is expected to be completed by 7:30pm.  
 
''Close:'' Session is expected to be completed by 7:30pm.  

Latest revision as of 17:40, 9 August 2015

OWASP Brisbane

Welcome to the Brisbane chapter homepage. The chapter leaders are Anne Luk, Wade Alcorn, Glyn Geoghegan and David Jorm
Click here to join the local chapter mailing list.

Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

Btn donate SM.gif to this chapter or become a local chapter supporter.

Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG

funds to OWASP earmarked for Brisbane.

Local News

Presenters and Presentations

We are forever looking for volunteers to present at the chapter meetings, so if you've seen something interesting or you have something to say, please let us know.

Often, when we approach potential presenters, we tend to get the following response – “I don’t think my topic is interesting enough”. We just want to stress that as long as the topic is security related – we’re all ears! We’re just a bunch of nice people wanting to learn/share our knowledge of the security domain. So if you would like to present or know of someone that does, please contact us.

Presentations must be vendor agnostic (no selling of products or services), and please review the Speaker Agreement linked above.

Chapter Meetings

Next Brisbane Chapter Meeting - Tuesday August 18, 2015

In August's meeting, David Jorm will present on the topic "Red Star OS".

Red Star OS is the North Korean Linux distribution of choice. Originally discovered by a Russian exchange student in Pyongyang, several versions have now been leaked. Red Star includes several interesting packages, including what looks like an anti-virus program. Analysis of the most recent leaked release shows that while it looks like AV - since it is intercepting file read/write hooks - it is far more sinister. The package is in fact fingerprinting certain files when they are read and viewed, allowing state security agents to construct an audit log of who viewed and distributed "illicit" media, such as regime-destroying South Korean soap operas. This presentation will briefly describe the offending package and community analysis efforts, and then explore the implications for North Korea's regime and security apparatus in detail.

David has been involved in the software industry for the last 15 years, with a focus on security. By day, he manages product security for IIX, as well as several open source projects such as OpenDaylight and ONOS. By night, he indulges his horrible fascination with North Korea, and has been quoted by a major newspaper as saying the North Korean nuclear program is "ready to rock".


Venue: Red Hat Offices, Level 1, 193 North Quay, Brisbane.

Time: 5:30pm for a 6pm start. Lifts to Level 1 will be locked after 6pm. Please arrive before then!

Date: Tuesday 18th August

Close: Session is expected to be completed by 7:30pm.

RSVP: There are limited seats. Please RSVP at http://owasp-brisbane.eventbrite.com


There will be a social gathering at a local hostelry afterwards. Everyone is welcome to attend!

Brisbane OWASP Chapter Leaders

The chapter leaders are Anne Luk, Wade Alcorn, Glyn Geoghegan and David Jorm