This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Pune"

From OWASP
Jump to: navigation, search
(Past Events/Archives)
Line 5: Line 5:
 
= '''Upcoming Meeting/Event(s)''' =
 
= '''Upcoming Meeting/Event(s)''' =
  
December 2015 meet on '''17th December, 2015 () 5.00 pm to 6.00 pm -  IST'''
+
January 2016 meet on '''21st January, 2015 () 5.00 pm to 6.00 pm -  IST'''
  
 
'''Note''' – OWASP Pune chapter meets are free and open to everyone. Prior registrations are mandatory in order to be allowed to attend the meet.  
 
'''Note''' – OWASP Pune chapter meets are free and open to everyone. Prior registrations are mandatory in order to be allowed to attend the meet.  
  
For '''Registration''' please visit - https://docs.google.com/forms/d/1hAdZn7JFFbzZQ6HJa-iQ6QL9eA43iZKkrxoaBVpUVus/viewform
+
For '''Registration''' please visit - https://docs.google.com/a/owasp.org/forms/d/1hAdZn7JFFbzZQ6HJa-iQ6QL9eA43iZKkrxoaBVpUVus/viewform
  
 
'''Session Details/Agenda:'''
 
'''Session Details/Agenda:'''
 
----------------------
 
----------------------
'''5.00 pm to 6.00PM:''' CICD - Continuous integration, continuous development by Mahesh Saptarshi/ Rohit Pitke
+
'''5.00 pm to 6.00PM:''' SECURITY TRAINING/CERTIFICATIONS AND ITS CHALLENGES by Sadik Shaikh
  
In the present scenario of rapid product development, CICD (continuous integration, continuous deployment), and always-available e-retail, banking and social media services it is imperative that security assurance practices also scale up to the shorter timelines.
+
When it comes to information security, you only read the headlines to observe that those with malicious intent constantly find new and scary ways to access and misuse privileged information for criminal, unscrupulous or questionable purposes.
  
While we know that tools and automation is the way to go, running different tools, collating the reports, filing the evidences for audits and assuring management and auditors of the security preparedness of the deployment is still not scalable to weekly deployments, let alone daily and hourly roll outs.
+
As a result, IT professionals skilled in information security remain in very high demand and should do so for the foreseeable future. There are number of certifications linked with security but how to know which is best for us is always a challenge.
  
Mahesh will demonstrate a security automation framework where this problem is addressed through separating the tool running intelligence from the report parsing and orchestration. It serves two purposes:
+
When evaluating prospective InfoSec candidates, employers frequently look at certifications as one of the measure of excellence and commitment to quality. In this talk, speaker take a look at top InfoSec certifications and security training. If you're serious about advancing your career in the IT field and are interested in specializing in security, certification is a good bet. It's an effective way to validate your skills and show a current or prospective employer that you're qualified and properly trained.
1. Periodic and predictable (baseline) tool runs for trend analysis
 
2. Rapid integration framework to add more and more tools without the entire team learning the new tools, and protecting "institutional learning".
 
  
This also allows for collecting the security assurance related data in a single place so the data analysis (eventually this will be Big Data) to be performed independent of the tools and targets
+
Speaker will also share knowledge about various security attacks and mitigation techniques.
  
 +
You will also get to know the opportunities where an individual can enhance his skills by participating in bug bounties and other programs. There will be deep dive in explaining the exact difference between Vulnerability Assessment and Penetration Testing.
  
'''When:''' 17th December, 2015 (Thursday) - 5.00 PM to 6.00 PM IST  
+
'''About speaker:'''
 +
Mr. Sadik Shaikh is a Technology Evangelist at ARIZONA Infotech, He has conducted more than 137 successful pentest projects.He is listed in Hackers Hall Of Fame for 23 companies.He is associated with numerous government and private organisations in Information Security and Cyber Forensics since past eight years. He carries a robust technical experience in VAPT for Network, Cloud, Scada, Mobile, and Web Applications.
 +
He is on EC Council's CAST, ECSA/LPT and CEH Review Board Committee Member.He is MPhil, MBA(I.T), MCA, PG Diploma in Cyber Security, PG Diploma in Forensics Science and pursuing PhD in Cyber Security.He is certified for CCNA, CCNA Security, MCP, MCSA, MCSE, SCJP, CCI, CEI, CEH, ECSA, CHFI, CAST 611, CAST 612, ISO 27001:2013. He actively works with DRDO, National Defence Academy, Pune Police, CID and ATS – Maharashtra.
 +
 
 +
'''When:''' 21st January, 2016 (Thursday) - 5.00 PM to 6.00 PM IST  
  
 
'''Where:'''  
 
'''Where:'''  
PTC Software Pvt. Ltd.
+
505, A-Wing, MCCIA Trade Tower,ICC Complex,403, Senapati Bapat Road,Pune-411 016 INDIA.
Marisoft complex, Kalyani Nagar, Wadgoan Shery
 
Pune 122001
 
 
 
  
  

Revision as of 06:14, 19 January 2016

OWASP Pune

Welcome to the Pune chapter homepage. The chapter leader is Ashwini Paranjpe


Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

Btn donate SM.gif to this chapter or become a local chapter supporter. Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG


<paypal>Pune</paypal>

January 2016 meet on 21st January, 2015 () 5.00 pm to 6.00 pm - IST

Note – OWASP Pune chapter meets are free and open to everyone. Prior registrations are mandatory in order to be allowed to attend the meet.

For Registration please visit - https://docs.google.com/a/owasp.org/forms/d/1hAdZn7JFFbzZQ6HJa-iQ6QL9eA43iZKkrxoaBVpUVus/viewform

Session Details/Agenda:


5.00 pm to 6.00PM: SECURITY TRAINING/CERTIFICATIONS AND ITS CHALLENGES by Sadik Shaikh

When it comes to information security, you only read the headlines to observe that those with malicious intent constantly find new and scary ways to access and misuse privileged information for criminal, unscrupulous or questionable purposes.

As a result, IT professionals skilled in information security remain in very high demand and should do so for the foreseeable future. There are number of certifications linked with security but how to know which is best for us is always a challenge.

When evaluating prospective InfoSec candidates, employers frequently look at certifications as one of the measure of excellence and commitment to quality. In this talk, speaker take a look at top InfoSec certifications and security training. If you're serious about advancing your career in the IT field and are interested in specializing in security, certification is a good bet. It's an effective way to validate your skills and show a current or prospective employer that you're qualified and properly trained.

Speaker will also share knowledge about various security attacks and mitigation techniques.

You will also get to know the opportunities where an individual can enhance his skills by participating in bug bounties and other programs. There will be deep dive in explaining the exact difference between Vulnerability Assessment and Penetration Testing.

About speaker: Mr. Sadik Shaikh is a Technology Evangelist at ARIZONA Infotech, He has conducted more than 137 successful pentest projects.He is listed in Hackers Hall Of Fame for 23 companies.He is associated with numerous government and private organisations in Information Security and Cyber Forensics since past eight years. He carries a robust technical experience in VAPT for Network, Cloud, Scada, Mobile, and Web Applications. He is on EC Council's CAST, ECSA/LPT and CEH Review Board Committee Member.He is MPhil, MBA(I.T), MCA, PG Diploma in Cyber Security, PG Diploma in Forensics Science and pursuing PhD in Cyber Security.He is certified for CCNA, CCNA Security, MCP, MCSA, MCSE, SCJP, CCI, CEI, CEH, ECSA, CHFI, CAST 611, CAST 612, ISO 27001:2013. He actively works with DRDO, National Defence Academy, Pune Police, CID and ATS – Maharashtra.

When: 21st January, 2016 (Thursday) - 5.00 PM to 6.00 PM IST

Where: 505, A-Wing, MCCIA Trade Tower,ICC Complex,403, Senapati Bapat Road,Pune-411 016 INDIA.


Join our low traffic mailing list for events information and technical discussions

Delhi JoinEmailList.jpg Subscribe to OWASP Pune Mailing list


Follow @OWASPdelhi for event updates on Twitter

Twitter-bird-cropped-onwhite-40%smaller.png OWASP Pune Twitter Account


Join our LinkedIn group for event updates on LinkedIn

Delhi linkedin.jpg OWASP Pune LinkedIn Group

OWASP Pune November, 2015 Monthly Meeting Presentations
- OWASP top 5 issues by Manish Dussad and Sumita Uday