Difference between revisions of "Scotland"

From OWASP
Jump to: navigation, search
(Local News)
Line 3: Line 3:
 
== Local News ==
 
== Local News ==
  
'''Next Meeting'''
+
'''Next Meeting - Cancelled (See [https://lists.owasp.org/pipermail/owasp-scotland/2007-December/000002.html here] for details )
  
 
Guest Speaker: John McDonnell, Project Leader, CESG/GCHQ
 
Guest Speaker: John McDonnell, Project Leader, CESG/GCHQ

Revision as of 03:07, 12 December 2007

Contents

OWASP Scotland

Welcome to the Scotland chapter homepage. The chapter leader is John D Wood
Click here to join the local chapter mailing list.

Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is and open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

Btn donate SM.gif to this chapter or become a local chapter supporter.

Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG

Local News

Next Meeting - Cancelled (See here for details )

Guest Speaker: John McDonnell, Project Leader, CESG/GCHQ

Venue: Hilton Caledonian

Time: Wednesday 12th December; 7.00pm for a 7.30pm start

Abstract to follow


Inaugural Meeting


Venue: Hilton Caledonian Hotel

Time: Tuesday 23rd October; 7.00pm for a 7.30pm Start

Main Speaker: Brain Chess, Chief Scientist, Fortify Software

Title: Secure Programming with Static Analysis

Abstract:

Creating secure code requires more than just good intentions. Programmers need to know how to make their code safe in an almost infinite number of scenarios and configurations. Static source code analysis gives users the ability to review their work with a fine tooth comb and uncover the kinds of errors that lead directly to vulnerabilities. This talk frames the software security problem and shows how static analysis is part of the solution.

Highlights include:

- The most common security short-cuts and why they lead to security failures

- Why programmers are in the best position to get security right

- Where to look for security problems

- How static analysis helps

- The critical attributes and algorithms that make or break a static analysis tool

We will look at how static analysis works, how to integrate it into the software development processes, and how to make the most of it during security code review. Along the way we'll look at examples taken from real-world security incidents, showing how coding errors are exploited, how they could have been prevented, and how static analysis can rapidly uncover similar errors.

Other: 10 Minutes on OWASP and the Edinburgh Chapter