Difference between revisions of "Perth Australia"

From OWASP
Jump to: navigation, search
Line 10: Line 10:
 
== Upcoming OWASP Meeting ==
 
== Upcoming OWASP Meeting ==
  
A special joint event between [http://www.aisa.org.au/index.php?page=96 Perth's AISA chapter] and the OWASP Perth chapter.
+
=== Title: TBA ===
  
=== Threat Modelling in the Software Development Lifecycle ===
+
==== About the presenter ====
 +
Wade Alcorn is a Principal Security Consultant for NGSSoftware working in all aspects of computer security. He has managed one the largest penetration testing teams in the UK and is currently involved within management in NGS Australia. His technical experience over the past 10 years has ranged from developing/designing PKI and military messaging software, to managing large scale penetration assessments.
 +
 
 +
Wade has developed various publicly available security tools in areas including browser exploitation frameworks, RFID and BlueTooth. He has produced and presented professional hacking courses for financial and government organisations.
 +
 
 +
Wade has also published leading papers on emerging threats within Information Security. These have included papers on Inter-protocol Exploitation and Cross-site Scripting Viruses. His Cross-site Scripting Virus paper was the first research to warn of the serious impact this threat would have on the Internet.
 +
 
 +
'''Date: Wednesday, 11 March 2009'''
 +
'''Location: Edith Cowan University, Mt Lawley'''
 +
'''Time: 5:30pm'''
 +
'''RSVP: by 9 March 2009 to [mailto:david.taylor@bankwest.com.au David Taylor]'''
 +
 
 +
== Previous OWASP Meetings ==
 +
 
 +
=== Threat Modelling in the Software Development Lifecycle (Feb 2009) ===
  
 
One of the most important concepts being promoted in the security industry is security in the software development lifecycle. This concept is important due to two primary factors:
 
One of the most important concepts being promoted in the security industry is security in the software development lifecycle. This concept is important due to two primary factors:
Line 18: Line 32:
 
* It is also recognised that the cost of mitigating vulnerabilities increases later in the lifecycle.
 
* It is also recognised that the cost of mitigating vulnerabilities increases later in the lifecycle.
 
By walking through a case study I hope to demonstrate the effectiveness of addressing risk during the earlier stage of the software development lifecycle, and that these activities are not solely the responsibility of the "security guy", but all participants in a software project including the project manager, business stakeholders and software designer.
 
By walking through a case study I hope to demonstrate the effectiveness of addressing risk during the earlier stage of the software development lifecycle, and that these activities are not solely the responsibility of the "security guy", but all participants in a software project including the project manager, business stakeholders and software designer.
=== About the presenter ===
+
==== About the presenter ====
 
Christian Frichot is currently employed by Bankwest working within the Security Consulting Services team. His core responsibilities include phishing and online fraud response, security assessments, information risk assessments and other ad-hoc information security consulting. Christian hopes to spend more time in '09 focusing on education and application security, where he feels more effort needs to be applied.
 
Christian Frichot is currently employed by Bankwest working within the Security Consulting Services team. His core responsibilities include phishing and online fraud response, security assessments, information risk assessments and other ad-hoc information security consulting. Christian hopes to spend more time in '09 focusing on education and application security, where he feels more effort needs to be applied.
  
'''Date: Tuesday, 10 February 2009'''
+
-Updated 4/03/09 by [mailto:xntrik@gmail.com Christian Frichot]
'''Location: The Ernst & Young Building, 11 Mounts Bay Rd'''
+
'''Time: 5:15pm'''
+
'''RSVP: by 05 February 2009 to [mailto:perth@aisa.org.au perth@aisa.org.au]'''
+
 
+
-Updated 23/01/09 by [mailto:xntrik@gmail.com Christian Frichot]
+
  
 
[[Category:OWASP Chapter]]
 
[[Category:OWASP Chapter]]
 
[[Category:Australia]]
 
[[Category:Australia]]

Revision as of 19:36, 3 March 2009

Contents

OWASP Perth, Western Australia

Welcome to the Perth, Western Australia chapter homepage. The chapter leaders are:

Click here to join the local chapter mailing list.

Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is and open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

Btn donate SM.gif to this chapter or become a local chapter supporter.

Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG

funds to OWASP earmarked for Perth Australia.


Upcoming OWASP Meeting

Title: TBA

About the presenter

Wade Alcorn is a Principal Security Consultant for NGSSoftware working in all aspects of computer security. He has managed one the largest penetration testing teams in the UK and is currently involved within management in NGS Australia. His technical experience over the past 10 years has ranged from developing/designing PKI and military messaging software, to managing large scale penetration assessments.

Wade has developed various publicly available security tools in areas including browser exploitation frameworks, RFID and BlueTooth. He has produced and presented professional hacking courses for financial and government organisations.

Wade has also published leading papers on emerging threats within Information Security. These have included papers on Inter-protocol Exploitation and Cross-site Scripting Viruses. His Cross-site Scripting Virus paper was the first research to warn of the serious impact this threat would have on the Internet.

Date: Wednesday, 11 March 2009
Location: Edith Cowan University, Mt Lawley
Time: 5:30pm
RSVP: by 9 March 2009 to David Taylor

Previous OWASP Meetings

Threat Modelling in the Software Development Lifecycle (Feb 2009)

One of the most important concepts being promoted in the security industry is security in the software development lifecycle. This concept is important due to two primary factors:

  • It is generally recognised that by shifting security activities closer towards the requirements gathering stage, or the design stage, that less vulnerabilities will make their way into the production systems.
  • It is also recognised that the cost of mitigating vulnerabilities increases later in the lifecycle.

By walking through a case study I hope to demonstrate the effectiveness of addressing risk during the earlier stage of the software development lifecycle, and that these activities are not solely the responsibility of the "security guy", but all participants in a software project including the project manager, business stakeholders and software designer.

About the presenter

Christian Frichot is currently employed by Bankwest working within the Security Consulting Services team. His core responsibilities include phishing and online fraud response, security assessments, information risk assessments and other ad-hoc information security consulting. Christian hopes to spend more time in '09 focusing on education and application security, where he feels more effort needs to be applied.

-Updated 4/03/09 by Christian Frichot