Difference between revisions of "Ireland-Limerick"

From OWASP
Jump to: navigation, search
Line 11: Line 11:
 
<br>'''OWASP Ireland-Limerick'''<br>Address - TBD<br><paypal>Ireland-Limerick</paypal> <br>  
 
<br>'''OWASP Ireland-Limerick'''<br>Address - TBD<br><paypal>Ireland-Limerick</paypal> <br>  
  
== OWASP Ireland Limerick 2011 Meetings ==
+
== OWASP Ireland Limerick 2012 Meetings ==
  
 
<br>  
 
<br>  
Line 17: Line 17:
 
== Next Meeting ==
 
== Next Meeting ==
 
<br>  
 
<br>  
'''When:''' 12/10/2011 7:00pm - 9:00pm
+
'''When:''' 21/02/2011 7:00pm - 9:00pm
 
<br><br>
 
<br><br>
 
'''Where:''' Limerick City Council, City Hall, Merchants Quay  
 
'''Where:''' Limerick City Council, City Hall, Merchants Quay  
 
<br><br>
 
<br><br>
This free event is open to all participants with an interest in application security. Registration is currently closed.   
+
This free event is open to all participants with an interest in application security. Registration is required: http://www.regonline.com/Register/Checkin.aspx?EventID=1065199  
 
<br><br>
 
<br><br>
 
'''For ISACA and (ISC)² members: This event qualifies for free CPE credits/hours.'''
 
'''For ISACA and (ISC)² members: This event qualifies for free CPE credits/hours.'''
Line 28: Line 28:
 
'''AGENDA'''
 
'''AGENDA'''
 
<br><br>
 
<br><br>
'''Title:''' OWASP Limerick - introduction, objectives, meeting agenda<br>
+
'''Title:''' OWASP Limerick - introduction, objectives, meeting agenda
'''Download:''' [https://www.owasp.org/images/e/e7/OWASPIreland-Limerick_20111012_-_Meeting_Agenda.ppt Meeting Agenda]
+
 
<br><br><br>
 
<br><br><br>
19:00 - 19:45<br>
+
19:05 - 19:50<br>
'''Title:''' Introduction to OWASP Top 10 Security Risks - presented by Marian Ventuneac
+
'''Title:''' '''HTML5 - A Whole New Attack Vector''' - presented by Robert McArdle 
 
<br>  
 
<br>  
'''Abstract:''' This presentation will review the OWASP Top 10 Security Risks (2010 edition) and how it can be effectively used to assess and strengthen application security.
+
'''Abstract:''' HTML5 opens up a wide and wonderful new world for Web Designers to explore - bringing fantastic new features that were previously only possible via Flash or horribly over-complicated Javascript. And HTML5 is not a future technology - chances are your favourite browser already has excellent support built in (unless you are still using IE).
 +
In this talk we will look at HTML5 from an attackers view-point. Because not only does HTML5 bring us Semantic web, editable content, inbuilt form validation, local storage, awesome video support and the long overdue death of <div> - it also opens up a host of new opportunities for attackers.
 +
We'll look at some of the troublesome new attacks that this new HTML5 standard introduces, how attackers can leverage these attacks to cause untold havoc on your machine, and how - with a little bit of help from some not so over-complicated Javascript - we can build Botnets in your Browser!
 
<br>  
 
<br>  
'''Presenter:''' [http://www.owasp.org/index.php/User:Marian_Ventuneac Marian Ventuneac]
+
'''Presenter:''' Robert is currently working as the manager of Trend Micro's Advanced Threat Research team in Europe, where he is involved in analyzing the latest malware threats, specializing in researching the future threat landscape and criminal underground. Robert is a regular presenter for the press and at security conferences. He has also written and lectures an MSc module in Malware Analysis at Cork IT and UCD, and is a trainer for several SANS qualifications. A graduate of Trinity and DCU he holds several qualifications from SANS and serves on the SANS advisory board.  
<br>
+
'''Download:''' [http://owasptop10.googlecode.com/files/OWASP_Top_10_-_2010%20Presentation.pptx OWASP Top 10 presentation]
+
 
<br><br><br>  
 
<br><br><br>  
 
19:50 - 20:00<br>
 
19:50 - 20:00<br>
'''Title:''' European Data Protection Act - presented by Ger O’Mahony
+
'''Title:''' TBA
<br>
+
'''Abstract:''' This presentation will focus on IT Governance and Data Protection Act requirements. An overview of DPA will be provided to help in assessing your organisations level of compliance. 
+
 
<br>  
 
<br>  
'''Presenter:''' Ger O'Mahony is the IT Process and Control Manager for Genworth Financial and he has been working in IT Governance for the past 7 years. In his distant past, Ger worked in the areas of software development and financial control.
+
'''Abstract:''' TBA
 
<br>  
 
<br>  
'''Download:''' [https://www.owasp.org/images/f/f8/OWASPIreland-Limerick_20111012_-_EU_Data_Protection_Act_-_An_IT_Governance_View.pptx EU Data Protection Act]
+
'''Presenter:''' TBA
 
<br><br><br>  
 
<br><br><br>  
 
20:05 - 20:45<br>
 
20:05 - 20:45<br>
'''Title:''' Practical Penetration Testing with Burp Suite - presented by Máirtín O'Sullivan
+
'''Title:''' Practical Defense with mod_security WAF - presented by Marian Ventuneac
 
<br>  
 
<br>  
'''Abstract:''' Máirtín will introduce the Burp Suite, demo the key functionality that the tool provides (both in the free and pro editions) and explain how both inexperienced and experienced application penetration testers can get the most out of the tool. This session will be a practical demonstration of the tool against sample vulnerable web applications.  
+
'''Abstract:''' Marian will introduce the mod_security Web Application Firewall (WAF). This session will be a practical demonstration of mitigating security risks for a sample vulnerable Web application.  
 
<br>
 
<br>
'''Presenter:''' Máirtín O'Sullivan is a Consultancy Team Lead within Espion Group and has over eight years of information security experience. Máirtín has performed over a hundred application penetration tests and has recently been responsible for the implementation of a secure software development lifecycle within an organisation of over twelve hundred developers.
+
'''Presenter:''' [http://www.owasp.org/index.php/User:Marian_Ventuneac Marian Ventuneac]
'''Download:''' [https://www.owasp.org/images/2/2b/OWASPIreland-Limerick_20111012_-_Practical_Penetration_Testing_with_Burp_Suite.pdf Practical Penetration Testing with Burp Suite]
+
 
<br><br><br>  
 
<br><br><br>  
'''OWASP Limerick Chapter Raffle:''' Two sponsored application security books are available for this event.  
+
'''OWASP Limerick Chapter Raffle:''' Two sponsored software development/information security books will be available for this event.  
 
<br><br><br>  
 
<br><br><br>  
 
'''Networking/Socialising''' <br><br>  
 
'''Networking/Socialising''' <br><br>  

Revision as of 18:04, 8 February 2012

OWASP Ireland-Limerick

Welcome to the Ireland-Limerick chapter homepage.
Click here to join the local chapter mailing list.

Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is and open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

Btn donate SM.gif to this chapter or become a local chapter supporter.

Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG become a Member or Annual Chapter Sponsor(s).

OWASP Ireland-Limerick Board

Should you have a question about the local chapter, would like to get more involved contact ANY of the following people below


OWASP Ireland-Limerick
Address - TBD

funds to OWASP earmarked for Ireland-Limerick.

OWASP Ireland Limerick 2012 Meetings


Next Meeting


When: 21/02/2011 7:00pm - 9:00pm

Where: Limerick City Council, City Hall, Merchants Quay

This free event is open to all participants with an interest in application security. Registration is required: http://www.regonline.com/Register/Checkin.aspx?EventID=1065199

For ISACA and (ISC)² members: This event qualifies for free CPE credits/hours.

AGENDA

Title: OWASP Limerick - introduction, objectives, meeting agenda


19:05 - 19:50
Title: HTML5 - A Whole New Attack Vector - presented by Robert McArdle
Abstract: HTML5 opens up a wide and wonderful new world for Web Designers to explore - bringing fantastic new features that were previously only possible via Flash or horribly over-complicated Javascript. And HTML5 is not a future technology - chances are your favourite browser already has excellent support built in (unless you are still using IE).

In this talk we will look at HTML5 from an attackers view-point. Because not only does HTML5 bring us Semantic web, editable content, inbuilt form validation, local storage, awesome video support and the long overdue death of
- it also opens up a host of new opportunities for attackers.

We'll look at some of the troublesome new attacks that this new HTML5 standard introduces, how attackers can leverage these attacks to cause untold havoc on your machine, and how - with a little bit of help from some not so over-complicated Javascript - we can build Botnets in your Browser!
Presenter: Robert is currently working as the manager of Trend Micro's Advanced Threat Research team in Europe, where he is involved in analyzing the latest malware threats, specializing in researching the future threat landscape and criminal underground. Robert is a regular presenter for the press and at security conferences. He has also written and lectures an MSc module in Malware Analysis at Cork IT and UCD, and is a trainer for several SANS qualifications. A graduate of Trinity and DCU he holds several qualifications from SANS and serves on the SANS advisory board.


19:50 - 20:00
Title: TBA
Abstract: TBA
Presenter: TBA


20:05 - 20:45
Title: Practical Defense with mod_security WAF - presented by Marian Ventuneac
Abstract: Marian will introduce the mod_security Web Application Firewall (WAF). This session will be a practical demonstration of mitigating security risks for a sample vulnerable Web application.
Presenter: Marian Ventuneac


OWASP Limerick Chapter Raffle: Two sponsored software development/information security books will be available for this event.


Networking/Socialising

Past Events

2011 Meetings

OWASP_Limerick_October2011

OWASP_Limerick_March_2011