Difference between revisions of "Switzerland"

From OWASP
Jump to: navigation, search
m (Next Meetings: Changed Volume Testing to Load Testing)
m
 
(108 intermediate revisions by 2 users not shown)
Line 7: Line 7:
 
Welcome to the Home Page of the OWASP Switzerland Chapter.  
 
Welcome to the Home Page of the OWASP Switzerland Chapter.  
  
*The chapter leader is [mailto:sven.vetsch__AT__owasp.org Sven Vetsch] supported by the members of the board [mailto:antonio.fontes__AT__owasp.org Antonio Fontes] and [mailto:alexis.fitzgerald__AT__owasp.org Alexis FitzGerald]. Please contact us with any questions about the chapter.
+
*If you want to give a talk, provide a venue or in case of other questions regarding this chapter - just ping [mailto:robert.schneider__AT__owasp.org Robert Schneider] or [mailto:sven.vetsch__AT__owasp.org Sven Vetsch].
*Please subscribe to the [https://lists.owasp.org/mailman/listinfo/owasp-switzerland mailing list] for meeting announcements and other news related to OWASP in Switzerland.  
+
*Please join us on [https://www.meetup.com/de-DE/OWASPSwitzerland/ Meetup] and/or subscribe to our (low-traffic) [https://lists.owasp.org/mailman/listinfo/owasp-switzerland mailing list] for meeting announcements and other news related to OWASP in Switzerland.  
*You can follow us on [https://twitter.com/owasp_ch Twitter] and [https://www.facebook.com/OWASPSwitzerland Facebook]
 
  
 
<br> If you're living in the French speaking part of Switzerland, please also visit the '''[[Geneva|OWASP Geneva chapter]]''' for more information.  
 
<br> If you're living in the French speaking part of Switzerland, please also visit the '''[[Geneva|OWASP Geneva chapter]]''' for more information.  
  
 
= Next Meetings  =
 
= Next Meetings  =
Please find below the planned dates for all OWASP Switzerland Meetings in 2014:
+
Please see our list of upcoming meetings on Meetup:
* '''Wednesday, February 19th 2014'''
+
[[Image:Meetup-button.png|left|alt=See our planned meeting and register for them here|link=https://www.meetup.com/de-DE/OWASPSwitzerland/]]
* Wednesday, April 9th 2014
 
* Tuesday, June 17th 2014
 
* Wednesday, August 20th 2014
 
* Tuesday, October 21th 2014
 
* Wednesday, December 10th 2014
 
 
 
<br>
 
----
 
 
<br>
 
<br>
'''Wednesday, February 19th 2014'''<br>
 
We'd like to invite you to the first of six OWASP Switzerland meetings in 2014. Please make sure to [https://doodle.com/aa8822cp5qfkpu3z register] for the event using your full name as this is needed to access the Swisscom premises where the meeting will take place.
 
 
<br>
 
<br>
* When:
 
*:Wednesday, February 19th 2014
 
*:Starting at 18:00
 
*:Doors at 17:30
 
 
* What:
 
*:'''S-SDLC – Ready for Clouds?''' (''by Robert Schneider, Swisscom IT Services AG [[Image:person.png|20px|link=User:Schattenbaum]]'')
 
*:Many companies have it (somehow) and numerous are planning to implement one – a Secure Software Development Life Cycle (S-SDLC). As Swisscom is building a new Cloud, the whole S-SDLC had to be reconsidered to match the new challenges. In this presentation I would like to give you an overview of the four fundamental phases that we plan to implement in our new S-SDLC (Intellectual Property Scan, Code Review, Vulnerability Scanning and Stress & Load Testing) as well as an idea of what these phases are meant to do. Additionally, I would like to give you an idea of what possible candidates (i.e. tools) could be of interest for you and where we see the biggest pitfalls so far.
 
*:As this is a considerable topic, I hope that you bring with you many questions, answers as well as your own experiences to share with each other.
 
 
* Where:
 
*:Swisscom IT Services AG
 
*:Pfingstweidstrasse 51
 
*:CH-8005 Zürich
 
*:[https://maps.google.ch/maps?q=Pfingstweidstrasse+51+Z%C3%BCrich+8005 Google Maps]
 
 
<pre>Please *don't* use the main entrance.
 
We will be waiting for you on the back side of the building (opposite to the Renaissance Hotel).</pre>
 
 
* Who:
 
*:As usual, all of our meetings are open to everyone and free of charge.
 
 
* Agenda
 
*:18:00 – 18:15 | Intro and Update on OWASP by Sven Vetsch, OWASP Switzerland [[Image:person.png|20px|link=User:Disenchant]]
 
*:18:20 – 19:30 | S-SDLC – Ready for Clouds? by Robert Schneider, Swisscom IT Services AG [[Image:person.png|20px|link=User:Schattenbaum]]
 
*:20:00 – **:** | Dinner
 
 
<!--Fore this year we are planning to serve you with six meetings. The first one will take place in February.<br>
 
Keep yourself informed and up-to-date by using one of the possibilities listed below. -->
 
<!-- There are no planned meetings for 2015 yet. Keep yourself informed and up-to-date by subscribing to our (low-traffic) [https://lists.owasp.org/mailman/listinfo/owasp-switzerland mailinglist]. -->
 
 
  
 
= Past Meetings  =
 
= Past Meetings  =
Line 67: Line 25:
 
|-
 
|-
 
| 2013-12-17
 
| 2013-12-17
| [[Image:info.png|20px|link=https://lists.owasp.org/pipermail/owasp-switzerland/2013-October/000258.html]]
+
| <center>[[Image:info.png|20px|link=https://lists.owasp.org/pipermail/owasp-switzerland/2013-October/000258.html]]</center>
| [[Image:person.png|20px|link=User:USERNAME]]
+
| <center>[[Image:person.png|20px|link=User:USERNAME]]</center>
| [[Image:slides.png|20px|link=File:FILENAME.pdf]]
+
| <center>[[Image:location.png|20px|link=http://www.owasp.ch]]</center>
 +
| <center>[[Image:slides.png|20px|link=File:FILENAME.pdf]]</center>
 
| Chapter Meeting (or as an example: Area41)
 
| Chapter Meeting (or as an example: Area41)
 
| Node security
 
| Node security
Line 76: Line 35:
 
-->
 
-->
  
 +
Please see our list of past meetings on Meetup:
 +
[[Image:Meetup-button.png|left|alt=See our past meeting and register for them here|link=https://www.meetup.com/de-DE/OWASPSwitzerland/]]
 +
<br>
 +
<br>
 +
<br>
 +
<br>
 +
 +
Previous meetings "prior" Meetup:
 
{| class="wikitable sortable" border="0"
 
{| class="wikitable sortable" border="0"
 
|-
 
|-
 
! scope="col" | Date
 
! scope="col" | Date
! scope="col" class="unsortable" | Info
 
 
! scope="col" class="unsortable" | Speaker
 
! scope="col" class="unsortable" | Speaker
! scope="col" class="unsortable" | Slides
+
! scope="col" class="unsortable" | Host
 +
! scope="col" | Slides
 
! scope="col" | Event
 
! scope="col" | Event
 
! scope="col" | Topic
 
! scope="col" | Topic
 +
|-
 +
|2017-08-16
 +
|<center>[[Image:person.png|20px|link=http://www.christian-folini.ch/]]</center>
 +
|<center>[[Image:location.png|20px|link=https://www.swisscom.ch/]]</center>
 +
|<center>[[Image:slides.png|20px|link=File:20170816-Introducing_the_OWASP_ModSecurity_Core_Rule_Set_3-Christian_Folini.pdf]]</center>
 +
|Chapter Meeting
 +
|Introducing the OWASP ModSecurity Core Rule Set 3.0
 +
|-
 +
| 2016-10-04
 +
| <center>[[Image:person.png|20px|link=https://www.xing.com/profile/Florian_Badertscher]]</center>
 +
| <center>[[Image:location.png|20px|link=https://www.swissre.com/]]</center>
 +
| <center>[[Image:slides.png|20px|link=File:20161004-Bug_Bounty_progams_in_Switzerland-Florian_Badertscher.pdf]]</center>
 +
| Chapter Meeting
 +
| Bug Bounty programs in Switzerland?
 +
|-
 +
| 2016-06-07
 +
| <center>[[Image:person.png|20px|link=https://twitter.com/fenceposterror]]</center>
 +
| <center>[[Image:location.png|20px|link=https://www.swisscom.ch/]]</center>
 +
| <center>[[Image:slides.png|20px|link=File:20160607-xssi-the_tale_of_a_fameless_but_widepsread_vulnerability-Veit_Hailperin.pdf]]</center>
 +
| Chapter Meeting
 +
| XSSI - The Tale of a Fameless but Widespread Vulnerability
 +
|-
 +
| 2015-12-15
 +
| <center>[[Image:person.png|20px|link=http://intothesymmetry.blogspot.ch/]]<br>[[Image:person.png|20px|link=https://www.xing.com/profile/Pascal_Buchbinder]]</center>
 +
| <center>[[Image:location.png|20px|link=https://www.liip.ch/]]</center>
 +
| <center>[[Image:slides.png|20px|link=File:20151215-Top_X_OAuth_2_Hacks-asanso.pdf]]<br>[[Image:slides.png|20px|link=File:20151215-Reliable_log_data_transfer-Pascal_Buchbinder.pdf]]</center>
 +
| Chapter Meeting
 +
| Top X OAuth 2 Hacks<br>Reliable log data transfer: about syslog, logstash and log data signing
 +
|-
 +
| 2015-10-14
 +
| <center>[[Image:person.png|20px|link=https://twitter.com/blitzfranklyn]]</center>
 +
| <center>[[Image:location.png|20px|link=https://www.ergon.ch/]]</center>
 +
| <center>[[Image:slides.png|20px|link=File:20151014-Application_Security_Testing_by_Static_Code_Analysis-blitzfranklyn.pdf]]</center>
 +
| Chapter Meeting
 +
| Application Security Testing by Static Code Analysis
 +
|-
 +
| 2015-08-19
 +
| <center>[[Image:person.png|20px|link=]][[Image:person.png|20px|link=]][[Image:person.png|20px|link=]][[Image:person.png|20px|link=]]</center>
 +
| <center>[[Image:location.png|20px|link=https://www.swisscom.ch/]]</center>
 +
|
 +
| Chapter Meeting
 +
| BarCamp
 +
|-
 +
| 2015-06-17
 +
| <center>[[Image:person.png|20px|link=http://eprints.hsr.ch/414/]][[Image:person.png|20px|link=http://eprints.hsr.ch/414/]]</center>
 +
| <center>[[Image:location.png|20px|link=http://www.csnc.ch/]]</center>
 +
| <center>[[Image:slides.png|20px|link=File:OWASP_Switzerland_Meeting_2015-06-17_XSLT_SSRF_ENG.pdf]]</center>
 +
| Chapter Meeting
 +
| XSLT Processing Security and Server Side Request Forgeries
 +
|-
 +
| 2015-04-15
 +
| <center>[[Image:person.png|20px|link=http://www.floyd.ch/]]</center>
 +
| <center>[[Image:location.png|20px|link=https://www.credit-suisse.com/ch/]]</center>
 +
| <center>[[Image:slides.png|20px|link=File:20150415-Android_apps_in_sheeps_clothing-Tobias_Ospelt-modzero.pdf]]</center>
 +
| Chapter Meeting
 +
| Android apps in sheep's clothing
 +
|-
 +
| 2015-02-18
 +
| <center>[[Image:person.png|20px|link=https://miki.it/]]</center>
 +
| <center>[[Image:location.png|20px|link=http://www.swisscom.com/]]</center>
 +
| <center>[[Image:slides.png|20px|link=File:20150218-Abusing_JSONP_with_Rosetta_Flash-miki.it.pdf]]</center>
 +
| Chapter Meeting
 +
| Abusing JSONP with Rosetta Flash
 +
|-
 +
| 2014-12-10
 +
| <center>[[Image:person.png|20px|link=User:Disenchant]]</center>
 +
| <center>[[Image:location.png|20px|link=http://www.vorbahnhof.ch/]]</center>
 +
|
 +
| Chapter Meeting
 +
| OWASP Switzerland Fondue
 +
|-
 +
| 2014-11-12
 +
| <center>[[Image:person.png|20px|link=http://www.christian-folini.ch/]]</center>
 +
| <center>[[Image:location.png|20px|link=https://www.open.ch/]]</center>
 +
| <center>[[Image:slides.png|20px|link=File:Owasp-ch-folini-nov-2014.pdf]]</center>
 +
| Chapter Meeting
 +
| Living on the Edge - Advanced ModSecurity to Save Your Ass
 +
|-
 +
| 2014-08-20
 +
| <center>[[Image:person.png|20px|link=http://www.arcus-security.ch/]]</center>
 +
| <center>[[Image:location.png|20px|link=http://www.kshp.ch/]]</center>
 +
| <center>[[Image:slides.png|20px|link=File:20140820-Flash_Security_by_Arcus_Security.pdf]]</center>
 +
| Chapter Meeting
 +
| (Client-Side) Flash Security
 +
|-
 +
| 2014-06-17
 +
| <center>[[Image:person.png|20px|link=https://www.sec-consult.com/]]</center>
 +
| <center>[[Image:location.png|20px|link=http://www.credit-suisse.ch/]]</center>
 +
| <center>[[Image:slides.png|20px|link=File:20140617-XSS_and_beyond-Rene.pdf]]</center>
 +
| Chapter Meeting
 +
| XSS and beyond
 +
|-
 +
| 2014-04-09
 +
| <center>[[Image:person.png|20px|link=https://twitter.com/dobinrutis]]</center>
 +
| <center>[[Image:location.png|20px|link=http://www.ubs.com/ch/]]</center>
 +
| <center>[[Image:slides.png|20px|link=File:20140409-SSL_TLS_jungle-Dobinrutis.pdf]]</center>
 +
| Chapter Meeting
 +
| SSL/TLS jungle - bringing light into the cipher forest
 +
|-
 +
| 2014-02-19
 +
| <center>[[Image:person.png|20px|link=User:Schattenbaum]]</center>
 +
| <center>[[Image:location.png|20px|link=http://www.swisscom.ch/]]</center>
 +
| <center>[[Image:slides.png|20px|link=File:20140219-SSDLC_Ready_for_Clouds-Robert.pdf]]</center>
 +
| Chapter Meeting
 +
| S-SDLC – Ready for the Cloud?
 
|-
 
|-
 
| 2013-12-17
 
| 2013-12-17
| [[Image:info.png|20px|link=https://lists.owasp.org/pipermail/owasp-switzerland/2013-December/000262.html]]
+
| <center>[[Image:person.png|20px|link=User:Disenchant]]</center>
|
+
| <center>[[Image:location.png|20px|link=http://www.credit-suisse.ch/]]</center>
 
|  
 
|  
 
| Chapter Meeting
 
| Chapter Meeting
Line 93: Line 165:
 
|-
 
|-
 
| 2013-10-22
 
| 2013-10-22
| [[Image:info.png|20px|link=https://lists.owasp.org/pipermail/owasp-switzerland/2013-October/000258.html]]
+
| <center>[[Image:person.png|20px|link=https://www.xing.com/profiles/Alexandre_Herzog]]</center>
| [[Image:person.png|20px|link=https://www.xing.com/profiles/Alexandre_Herzog]]
+
| <center>[[Image:location.png|20px|link=http://www.colab-zurich.ch/]]</center>
| [[Image:slides.png|20px|link=File:20131022-advances_in_secure_aspnet_development-alexandre.pdf]]
+
| <center>[[Image:slides.png|20px|link=File:20131022-advances_in_secure_aspnet_development-alexandre.pdf]]</center>
 
| Chapter Meeting
 
| Chapter Meeting
 
| Advances in secure (ASP).NET development – Break the hacker's spirit
 
| Advances in secure (ASP).NET development – Break the hacker's spirit
 
|-
 
|-
 
| 2013-10-22
 
| 2013-10-22
| [[Image:info.png|20px|link=https://lists.owasp.org/pipermail/owasp-switzerland/2013-October/000258.html]]
+
| <center>[[Image:person.png|20px|link=User:Disenchant]]</center>
| [[Image:person.png|20px|link=User:Disenchant]]
+
| <center>[[Image:location.png|20px|link=http://www.colab-zurich.ch/]]</center>
| [[Image:slides.png|20px|link=File:20131022-node_security-disenchant.pdf]]
+
| <center>[[Image:slides.png|20px|link=File:20131022-node_security-disenchant.pdf]]</center>
 
| Chapter Meeting
 
| Chapter Meeting
 
| Node.js Security
 
| Node.js Security
 
|-
 
|-
 
| 2013-04-09
 
| 2013-04-09
| [[Image:info.png|20px|link=https://lists.owasp.org/pipermail/owasp-switzerland/2013-March/000241.html]]
+
| <center>[[Image:person.png|20px|link=User:Disenchant]]</center>
|
+
| <center>[[Image:location.png|20px|link=http://www.securesafe.com/]]</center>
 
|  
 
|  
 
| Chapter Meeting
 
| Chapter Meeting
|  
+
| Tools (not) to use
 
|-
 
|-
 
| 2012-09-19
 
| 2012-09-19
|  
+
| <center>[[Image:person.png|20px|link=User:Disenchant]]</center>
| [[Image:person.png|20px|link=User:Disenchant]]
+
| <center>[[Image:location.png|20px|link=http://www.security-zone.info/]]</center>
| [[Image:slides.png|20px|link=File:Owasp_top_10_mobile_risks.pdf]]
+
| <center>[[Image:slides.png|20px|link=File:Owasp_top_10_mobile_risks.pdf]]</center>
 
| Security-Zone
 
| Security-Zone
 
| OWASP Top 10 Mobile Risks
 
| OWASP Top 10 Mobile Risks
 
|-
 
|-
 
| 2012-06-12
 
| 2012-06-12
| [[Image:info.png|20px|link=https://lists.owasp.org/pipermail/owasp-switzerland/2012-June/000229.html]]
+
| <center>[[Image:person.png|20px|link=https://www.xing.com/profile/Tobias_Ospelt]]</center>
|
+
| <center>[[Image:location.png|20px|link=http://www.rheinfelder.ch/]]</center>
 
|  
 
|  
 
| Chapter Meeting
 
| Chapter Meeting
|  
+
| Reversing Android Apps
 
|-
 
|-
 
| 2012-02-14
 
| 2012-02-14
| [[Image:info.png|20px|link=https://lists.owasp.org/pipermail/owasp-switzerland/2012-February/000224.html]]
+
| <center>[[Image:person.png|20px|link=https://www.blackhat.com/html/bh-us-12/speakers/Gianni-Gnesa.html]]</center>
 +
| <center>[[Image:location.png|20px|link=http://www.rheinfelder.ch/]]</center>
 
|  
 
|  
 +
| Chapter Meeting
 +
| Analysis of the RSA Security Breach
 +
|-
 +
| 2011-12-13
 +
| <center>[[Image:person.png|20px|link=https://www.xing.com/profile/Alexis_FitzGerald]]</center>
 +
| <center>[[Image:location.png|20px|link=http://www.rheinfelder.ch/]]</center>
 
|  
 
|  
 
| Chapter Meeting
 
| Chapter Meeting
|
+
| AppSec - Why is it important
 
|-
 
|-
 
| 2011-12-13
 
| 2011-12-13
| [[Image:info.png|20px|link=https://lists.owasp.org/pipermail/owasp-switzerland/2011-December/000223.html]]
+
| <center>[[Image:person.png|20px|link=https://www.xing.com/profile/Stephan_Berger37]][[Image:person.png|20px|link=https://plus.google.com/106548980928636767176/posts]]</center>
|  
+
| <center>[[Image:location.png|20px|link=http://www.rheinfelder.ch/]]</center>
 
|  
 
|  
 
| Chapter Meeting
 
| Chapter Meeting
|  
+
| Dangers of Firefox Add-On's
 
|-
 
|-
 
| 2011-10-11
 
| 2011-10-11
| [[Image:info.png|20px|link=https://lists.owasp.org/pipermail/owasp-switzerland/2011-September/000218.html]]
+
| <center>[[Image:person.png|20px|link=https://www.xing.com/profile/Cyrill_Brunschwiler]]</center>
|
+
| <center>[[Image:location.png|20px|link=http://www.itacs.ch/]]</center>
 
|  
 
|  
 
| Chapter Meeting
 
| Chapter Meeting
|  
+
| Presentation of the OWASP Top 10 & a hands-on session
 
|-
 
|-
 
| 2011-08-09
 
| 2011-08-09
| [[Image:info.png|20px|link=https://lists.owasp.org/pipermail/owasp-switzerland/2011-August/000215.html]]
+
| <center>[[Image:person.png|20px|link=User:Disenchant]]</center>
|
+
| <center>[[Image:location.png|20px|link=http://www.rheinfelder.ch/]]</center>
|
 
| Foundation of OWASP Switzerland Association
 
 
|  
 
|  
 +
| Chapter Meeting
 +
| Foundation of OWASP Switzerland Association
 
|-
 
|-
 
| 2011-06-14
 
| 2011-06-14
| [[Image:info.png|20px|link=https://lists.owasp.org/pipermail/owasp-switzerland/2011-June/000208.html]]
+
| <center>[[Image:person.png|20px|link=https://www.xing.com/profiles/Pascal_Buchbinder]]</center>
| [[Image:person.png|20px|link=https://www.xing.com/profiles/Pascal_Buchbinder]]
+
| <center>[[Image:location.png|20px|link=http://www.rheinfelder.ch/]]</center>
| [[Image:slides.png|20px|link=File:Owasl_lcm_20110614_mod_sslcrl.pdf]]
+
| <center>[[Image:slides.png|20px|link=File:Owasl_lcm_20110614_mod_sslcrl.pdf]]</center>
 
| Chapter Meeting
 
| Chapter Meeting
 
| Automatic CRL updates for the Apache Web server
 
| Automatic CRL updates for the Apache Web server
 
|-
 
|-
 
| 2011-06-14
 
| 2011-06-14
| [[Image:info.png|20px|link=https://lists.owasp.org/pipermail/owasp-switzerland/2011-June/000208.html]]
+
| <center>[[Image:person.png|20px|link=User:Disenchant]]</center>
| [[Image:person.png|20px|link=User:Disenchant]]
+
| <center>[[Image:location.png|20px|link=http://www.rheinfelder.ch/]]</center>
| [[Image:slides.png|20px|link=File:OWASP_Browser_Security.pdf]]
+
| <center>[[Image:slides.png|20px|link=File:OWASP_Browser_Security.pdf]]</center>
 
| Chapter Meeting
 
| Chapter Meeting
 
| New Standards and upcoming Technologies in Browser Security (Slides by [https://www.owasp.org/index.php/User:Tgondrom Tobias Gondrom])
 
| New Standards and upcoming Technologies in Browser Security (Slides by [https://www.owasp.org/index.php/User:Tgondrom Tobias Gondrom])
 
|-
 
|-
 
| 2011-05-12
 
| 2011-05-12
|  
+
| <center>[[Image:person.png|20px|link=User:Afontes]]</center>
| [[Image:person.png|20px|link=User:Afontes]]
+
| <center>[[Image:location.png|20px|link=https://www.swisscyberstorm.com/]]</center>
| [[Image:slides.png|20px|link=https://www.owasp.org/index.php/File:SwissCyberStorm3-Do_you_know_OWASP.pdf]]
+
| <center>[[Image:slides.png|20px|link=https://www.owasp.org/index.php/File:SwissCyberStorm3-Do_you_know_OWASP.pdf]]</center>
 
| Swiss Cyber Storm III
 
| Swiss Cyber Storm III
|  
+
| Do you know OWASP?
 
|-
 
|-
 
| 2011-04-12
 
| 2011-04-12
| [[Image:info.png|20px|link=https://lists.owasp.org/pipermail/owasp-switzerland/2011-April/000204.htmll]]
+
| <center>[[Image:person.png|20px|link=https://www.xing.com/profiles/Alexandre_Herzog]]</center>
| [[Image:person.png|20px|link=https://www.xing.com/profiles/Alexandre_Herzog]]
+
| <center>[[Image:location.png|20px|link=http://www.rheinfelder.ch/]]</center>
| [[Image:slides.png|20px|link=File:20110412-aspnet_viewstate_security-alexandre.pdf]]
+
| <center>[[Image:slides.png|20px|link=File:20110412-aspnet_viewstate_security-alexandre.pdf]]</center>
 
| Chapter Meeting
 
| Chapter Meeting
 
| ASP.NET & ViewState Security
 
| ASP.NET & ViewState Security
 
|-
 
|-
 
| 2010-04-12
 
| 2010-04-12
| [[Image:info.png|20px|link=https://lists.owasp.org/pipermail/owasp-switzerland/2010-February/000152.html]]
+
| <center>[[Image:person.png|20px|link=https://www.xing.com/profiles/Tobias_Christen]]</center>
| [[Image:person.png|20px|link=https://www.xing.com/profiles/Tobias_Christen]]
+
| <center>[[Image:location.png|20px|link=http://www.rheinfelder.ch/]]</center>
 
|  
 
|  
 
| Chapter Meeting
 
| Chapter Meeting
Line 191: Line 270:
 
|-
 
|-
 
| 2010-04-12
 
| 2010-04-12
| [[Image:info.png|20px|link=https://lists.owasp.org/pipermail/owasp-switzerland/2010-February/000152.html]]
+
| <center>[[Image:person.png|20px|link=https://www.xing.com/profiles/Michael_Tschannen]]</center>
| [[Image:person.png|20px|link=https://www.xing.com/profiles/Michael_Tschannen]]
+
| <center>[[Image:location.png|20px|link=http://www.rheinfelder.ch/]]</center>
 
|  
 
|  
 
| Chapter Meeting
 
| Chapter Meeting
Line 198: Line 277:
 
|-
 
|-
 
| 2009-06-25
 
| 2009-06-25
| [[Image:info.png|20px|link=https://lists.owasp.org/pipermail/owasp-switzerland/2009-June/000144.html]]
+
| <center>[[Image:person.png|20px|Jerry Hoff]][[Image:person.png|20px|Jason Li]]</center>
 +
| <center>[[Image:location.png|20px|link=https://www.avantec.ch/]]</center>
 
|  
 
|  
 +
| Chapter Meeting
 +
| Benefits of a security API such as ESAPI
 +
|-
 +
| 2009-06-25
 +
| <center>[[Image:person.png|20px|link=https://www.xing.com/profile/Bruno_Blumenthal]]</center>
 +
| <center>[[Image:location.png|20px|link=https://www.avantec.ch/]]</center>
 
|  
 
|  
 
| Chapter Meeting
 
| Chapter Meeting
 +
| Advanced SQL injection exploitation to operating system full control
 +
|-
 +
| 2009-04-07
 +
| <center>[[Image:person.png|20px|link=https://www.xing.com/profile/Tobias_Christen]]</center>
 +
| <center>[[Image:location.png|20px|link=https://www.avantec.ch/]]</center>
 
|  
 
|  
 +
| Chapter Meeting
 +
| Open security architecture (www.opensecurityarchitecture.org)
 
|-
 
|-
 
| 2009-04-07
 
| 2009-04-07
| [[Image:info.png|20px|link=https://lists.owasp.org/pipermail/owasp-switzerland/2009-March/000140.html]]
+
| <center>[[Image:person.png|20px|link=https://www.xing.com/profile/Cyrill_Brunschwiler]]</center>
 +
| <center>[[Image:location.png|20px|link=https://www.avantec.ch/]]</center>
 
|  
 
|  
 +
| Chapter Meeting
 +
| XSRF and JSON hijacking & a hands-on session
 +
|-
 +
| 2008-09-08
 +
| <center>[[Image:person.png|20px|link=https://www.xing.com/profile/Pascal_Buchbinder]]</center>
 +
| <center>[[Image:location.png|20px|link=http://www.swissre.com/]]</center>
 
|  
 
|  
 
| Chapter Meeting
 
| Chapter Meeting
 +
| Quality of services for web applications (Hands-On Workshop)
 +
|-
 +
| 2008-09-08
 +
| <center>[[Image:person.png|20px|link=https://www.xing.com/profile/Cyrill_Brunschwiler]]</center>
 +
| <center>[[Image:location.png|20px|link=http://www.swissre.com/]]</center>
 
|  
 
|  
 +
| Chapter Meeting
 +
| XML Security (Hands-On Workshop)
 
|-
 
|-
 
| 2008-09-08
 
| 2008-09-08
| [[Image:info.png|20px|link=https://lists.owasp.org/pipermail/owasp-switzerland/2008-August/000132.html]]  
+
| <center>[[Image:person.png|20px|link=https://www.xing.com/profile/Alessandro_Moretti]]</center>
|
+
| <center>[[Image:location.png|20px|link=http://www.swissre.com/]]</center>
 
|  
 
|  
 
| Chapter Meeting
 
| Chapter Meeting
|  
+
| ISC2/Application security
 
|-
 
|-
 
| 2008-04-01
 
| 2008-04-01
|  
+
| <center>[[Image:person.png|20px|link=https://www.xing.com/profiles/Christian_Folini]]</center>
| [[Image:person.png|20px|link=https://www.xing.com/profiles/Christian_Folini]]
+
| <center>[[Image:location.png|20px|link=https://www.ethz.ch/]]</center>
 
|  
 
|  
 
| Global OWASP Week
 
| Global OWASP Week
Line 226: Line 333:
 
|-
 
|-
 
| 2008-04-01
 
| 2008-04-01
|  
+
| <center>[[Image:person.png|20px|link=https://www.xing.com/profiles/Alessandro_Moretti]]</center>
| [[Image:person.png|20px|link=https://www.xing.com/profiles/Alessandro_Moretti]]
+
| <center>[[Image:location.png|20px|link=https://www.ethz.ch/]]</center>
 
|  
 
|  
 
| Global OWASP Week
 
| Global OWASP Week
Line 233: Line 340:
 
|-
 
|-
 
| 2008-04-01
 
| 2008-04-01
|  
+
| <center>[[Image:person.png|20px|link=User:Disenchant]]</center>
| [[Image:person.png|20px|link=User:Disenchant]]
+
| <center>[[Image:location.png|20px|link=https://www.ethz.ch/]]</center>
 
|  
 
|  
 
| Global OWASP Week
 
| Global OWASP Week
Line 240: Line 347:
 
|-
 
|-
 
| 2007-12-11
 
| 2007-12-11
| [[Image:info.png|20px|link=https://lists.owasp.org/pipermail/owasp-switzerland/2007-November/000106.html]]
+
| <center>[[Image:person.png|20px|link=https://www.xing.com/profile/Thomas_Bader]]</center>
 +
| <center>[[Image:location.png|20px|link=http://www.zurich.com/]]</center>
 
|  
 
|  
 +
| Chapter Meeting
 +
| Certified Secure Web
 +
|-
 +
| 2007-12-11
 +
| <center>[[Image:person.png|20px|link=https://www.xing.com/profile/Tobias_Christen]]</center>
 +
| <center>[[Image:location.png|20px|link=http://www.zurich.com/]]</center>
 
|  
 
|  
 
| Chapter Meeting
 
| Chapter Meeting
 +
| Secure Development Life Cycle
 +
|-
 +
| 2007-12-11
 +
| <center>[[Image:person.png|20px|Daniel Hulliger]]</center>
 +
| <center>[[Image:location.png|20px|link=http://www.zurich.com/]]</center>
 
|  
 
|  
 +
| Chapter Meeting
 +
| Securing my Assets (Presentation & Demo)
 
|-
 
|-
 
| 2007-09-20
 
| 2007-09-20
| [[Image:info.png|20px|link=http://www.disenchant.ch/blog/owasp-switzerland-goes-public/80]]
+
| <center>[[Image:person.png|20px|link=User:Disenchant]]</center>
|
+
| <center>[[Image:location.png|20px|link=http://www.security-zone.info/]]</center>
 
|  
 
|  
 
| Security-Zone
 
| Security-Zone
|  
+
| OWASP Testing Guide
 
|-
 
|-
 
| 2007-09-19
 
| 2007-09-19
| [[Image:info.png|20px|link=http://www.disenchant.ch/blog/owasp-switzerland-goes-public/80]]
+
| <center>[[Image:person.png|20px|link=User:Disenchant]]</center>
|
+
| <center>[[Image:location.png|20px|link=http://www.security-zone.info/]]</center>
 
|  
 
|  
 
| Security-Zone
 
| Security-Zone
 +
| OWASP Top 10
 +
|-
 +
| 2007-07-24
 +
| <center>[[Image:person.png|20px|link=User:Disenchant]]</center>
 +
| <center>[[Image:location.png|20px|link=https://www.zurich.ch/]]</center>
 
|  
 
|  
 +
| Chapter Meeting
 +
| OWASP - An Overview
 
|-
 
|-
 
| 2007-07-24
 
| 2007-07-24
| [[Image:info.png|20px|link=https://lists.owasp.org/pipermail/owasp-switzerland/2007-July/000095.html]]
+
| <center>[[Image:person.png|20px|link=https://www.xing.com/profiles/Pierre_Parrend]]</center>
| [[Image:person.png|20px|link=https://www.xing.com/profiles/Pierre_Parrend]]
+
| <center>[[Image:location.png|20px|link=https://www.zurich.ch/]]</center>
| [[Image:slides.png|20px|link=Mobile_Java_Security]]
+
| <center>[[Image:slides.png|20px|link=Mobile_Java_Security]]</center>
 
| Chapter Meeting
 
| Chapter Meeting
 
| Dependability for Java Mobile Code
 
| Dependability for Java Mobile Code
 +
|-
 +
| 2007-07-24
 +
| <center>[[Image:person.png|20px|link=https://www.xing.com/profile/HansPeter_Waldegger]][[Image:person.png|20px|link=https://www.xing.com/profiles/Pascal_Buchbinder]]</center>
 +
| <center>[[Image:location.png|20px|link=https://www.zurich.ch/]]</center>
 +
|
 +
| Chapter Meeting
 +
| OWASP Top 10 (Demo)
 
|-
 
|-
 
| 2007-04-26
 
| 2007-04-26
| [[Image:info.png|20px|link=https://lists.owasp.org/pipermail/owasp-switzerland/2007-April/000086.html]]  
+
| <center>[[Image:person.png|20px|link=http://www.linkedin.com/in/bchess]]</center>
|
+
| <center>[[Image:location.png|20px|link=https://www.zurich.ch/]]</center>
 
|  
 
|  
 
| Chapter Meeting
 
| Chapter Meeting
|  
+
| Risk metrics
 
|-
 
|-
 
| 2007-02-12
 
| 2007-02-12
| [[Image:info.png|20px|link=https://lists.owasp.org/pipermail/owasp-switzerland/2007-February/000079.html]]
+
| <center>[[Image:person.png|20px|link=User:Disenchant]]</center>
| [[Image:person.png|20px|link=User:Disenchant]]
+
| <center>[[Image:location.png|20px|link=https://www.zurich.ch/]]</center>
| [[Image:slides.png|20px|link=File:20070212-xss_worms-disenchant.pdf]]
+
| <center>[[Image:slides.png|20px|link=File:20070212-xss_worms-disenchant.pdf]]</center>
 
| Chapter Meeting
 
| Chapter Meeting
 
| XSS-Worms
 
| XSS-Worms
 
|-
 
|-
 
| 2006-11-11
 
| 2006-11-11
 +
| <center>[[Image:person.png|20px|link=User:Disenchant]]</center>
 
|  
 
|  
 
|  
 
|  
|  
+
| Chapter Meeting
 
| OWASP Switzerland Chapter Kick-Off Meeting
 
| OWASP Switzerland Chapter Kick-Off Meeting
|
 
 
|}
 
|}
 
  
 
= Participation  =
 
= Participation  =
Line 296: Line 430:
 
<br> Our main topics are:  
 
<br> Our main topics are:  
  
 +
*DevOps
 
*Security testing  
 
*Security testing  
 
*Secure development  
 
*Secure development  
Line 301: Line 436:
 
*Secure Architectures
 
*Secure Architectures
  
<br> If you would like to give a presentation (make sure that you have read and understood the [[Speaker_Agreement|speaker agreement]]), or have any questions about the OWASP Switzerland Chapter, send an email to [mailto:sven.vetsch__AT__disenchant.ch Sven Vetsch].  
+
<br> If you would like to give a presentation (make sure that you have read and understood the [[Speaker_Agreement|speaker agreement]]), or have any questions about the OWASP Switzerland Chapter, send an email to [mailto:robert.schneider__AT__owasp.org Robert Schneider].  
  
 
= Sponsoring  =
 
= Sponsoring  =
Line 313: Line 448:
 
*Facility Sponsor  
 
*Facility Sponsor  
 
*Organization Supporters (allocating 40% of your annual donation to our Chapter)
 
*Organization Supporters (allocating 40% of your annual donation to our Chapter)
 +
<br>
 +
{{#widget:PayPal Donation
 +
|target=_blank
 +
|budget=OWASP Switzerland
 +
}}
  
 
= Chapter Material  =
 
= Chapter Material  =
Line 322: Line 462:
 
'''OWASP Switzerland Update Presentation (December 13th 2011)'''<br> [[Media:Owasp_update_presentation.pdf|Download Presentation]]
 
'''OWASP Switzerland Update Presentation (December 13th 2011)'''<br> [[Media:Owasp_update_presentation.pdf|Download Presentation]]
  
<headertabs />
+
<headertabs></headertabs>
 
 
<paypal>Switzerland</paypal>
 
  
 
{| cellspacing="15"
 
{| cellspacing="15"
 
|-
 
|-
| [[Image:Join the list.png|120px|link=https://lists.owasp.org/mailman/listinfo/owasp-switzerland]]  
+
| [[Image:Mailinglist_button.png|62px|link=https://lists.owasp.org/mailman/listinfo/owasp-switzerland]]  
| [[Image:Follow-us-on-twitter.png|120px|link=https://twitter.com/owasp_ch]]
+
| [[Image:Meetup-logo.png|62px|link=https://www.meetup.com/de-DE/OWASPSwitzerland/]]
| [[Image:Facebook-icon.png|120px|link=https://www.facebook.com/OWASPSwitzerland]]
 
 
|}
 
|}
  
[[Category:OWASP_Chapter]] [[Category:Switzerland]] [[Category:Europe]]
+
[[Category:OWASP_Chapter]]  
 +
[[Category:Switzerland]]  
 +
[[Category:Europe]]

Latest revision as of 04:17, 20 October 2017


OWASP Switzerland Chapter Logo

Welcome to the Home Page of the OWASP Switzerland Chapter.

  • If you want to give a talk, provide a venue or in case of other questions regarding this chapter - just ping Robert Schneider or Sven Vetsch.
  • Please join us on Meetup and/or subscribe to our (low-traffic) mailing list for meeting announcements and other news related to OWASP in Switzerland.


If you're living in the French speaking part of Switzerland, please also visit the OWASP Geneva chapter for more information.

Please see our list of upcoming meetings on Meetup:

See our planned meeting and register for them here



Please see our list of past meetings on Meetup:

See our past meeting and register for them here





Previous meetings "prior" Meetup:

Date Speaker Host Slides Event Topic
2017-08-16
Person.png
Location.png
Slides.png
Chapter Meeting Introducing the OWASP ModSecurity Core Rule Set 3.0
2016-10-04
Person.png
Location.png
Slides.png
Chapter Meeting Bug Bounty programs in Switzerland?
2016-06-07
Person.png
Location.png
Slides.png
Chapter Meeting XSSI - The Tale of a Fameless but Widespread Vulnerability
2015-12-15
Person.png
Person.png
Location.png
Slides.png
Slides.png
Chapter Meeting Top X OAuth 2 Hacks
Reliable log data transfer: about syslog, logstash and log data signing
2015-10-14
Person.png
Location.png
Slides.png
Chapter Meeting Application Security Testing by Static Code Analysis
2015-08-19
Person.pngPerson.pngPerson.pngPerson.png
Location.png
Chapter Meeting BarCamp
2015-06-17
Person.pngPerson.png
Location.png
Slides.png
Chapter Meeting XSLT Processing Security and Server Side Request Forgeries
2015-04-15
Person.png
Location.png
Slides.png
Chapter Meeting Android apps in sheep's clothing
2015-02-18
Person.png
Location.png
Slides.png
Chapter Meeting Abusing JSONP with Rosetta Flash
2014-12-10
Person.png
Location.png
Chapter Meeting OWASP Switzerland Fondue
2014-11-12
Person.png
Location.png
Slides.png
Chapter Meeting Living on the Edge - Advanced ModSecurity to Save Your Ass
2014-08-20
Person.png
Location.png
Slides.png
Chapter Meeting (Client-Side) Flash Security
2014-06-17
Person.png
Location.png
Slides.png
Chapter Meeting XSS and beyond
2014-04-09
Person.png
Location.png
Slides.png
Chapter Meeting SSL/TLS jungle - bringing light into the cipher forest
2014-02-19
Person.png
Location.png
Slides.png
Chapter Meeting S-SDLC – Ready for the Cloud?
2013-12-17
Person.png
Location.png
Chapter Meeting Annual Review & Outlook
2013-10-22
Person.png
Location.png
Slides.png
Chapter Meeting Advances in secure (ASP).NET development – Break the hacker's spirit
2013-10-22
Person.png
Location.png
Slides.png
Chapter Meeting Node.js Security
2013-04-09
Person.png
Location.png
Chapter Meeting Tools (not) to use
2012-09-19
Person.png
Location.png
Slides.png
Security-Zone OWASP Top 10 Mobile Risks
2012-06-12
Person.png
Location.png
Chapter Meeting Reversing Android Apps
2012-02-14
Person.png
Location.png
Chapter Meeting Analysis of the RSA Security Breach
2011-12-13
Person.png
Location.png
Chapter Meeting AppSec - Why is it important
2011-12-13
Person.pngPerson.png
Location.png
Chapter Meeting Dangers of Firefox Add-On's
2011-10-11
Person.png
Location.png
Chapter Meeting Presentation of the OWASP Top 10 & a hands-on session
2011-08-09
Person.png
Location.png
Chapter Meeting Foundation of OWASP Switzerland Association
2011-06-14
Person.png
Location.png
Slides.png
Chapter Meeting Automatic CRL updates for the Apache Web server
2011-06-14
Person.png
Location.png
Slides.png
Chapter Meeting New Standards and upcoming Technologies in Browser Security (Slides by Tobias Gondrom)
2011-05-12
Person.png
Location.png
Slides.png
Swiss Cyber Storm III Do you know OWASP?
2011-04-12
Person.png
Location.png
Slides.png
Chapter Meeting ASP.NET & ViewState Security
2010-04-12
Person.png
Location.png
Chapter Meeting Usability vs. Security
2010-04-12
Person.png
Location.png
Chapter Meeting 2-factor authentication for mobile devices: a secure and practical approach
2009-06-25
Jerry HoffJason Li
Location.png
Chapter Meeting Benefits of a security API such as ESAPI
2009-06-25
Person.png
Location.png
Chapter Meeting Advanced SQL injection exploitation to operating system full control
2009-04-07
Person.png
Location.png
Chapter Meeting Open security architecture (www.opensecurityarchitecture.org)
2009-04-07
Person.png
Location.png
Chapter Meeting XSRF and JSON hijacking & a hands-on session
2008-09-08
Person.png
Location.png
Chapter Meeting Quality of services for web applications (Hands-On Workshop)
2008-09-08
Person.png
Location.png
Chapter Meeting XML Security (Hands-On Workshop)
2008-09-08
Person.png
Location.png
Chapter Meeting ISC2/Application security
2008-04-01
Person.png
Location.png
Global OWASP Week Taking Apache access logs to the next level
2008-04-01
Person.png
Location.png
Global OWASP Week Implementing an Application Security Lifecycle programme
2008-04-01
Person.png
Location.png
Global OWASP Week WebAppSec the Big Picture
2007-12-11
Person.png
Location.png
Chapter Meeting Certified Secure Web
2007-12-11
Person.png
Location.png
Chapter Meeting Secure Development Life Cycle
2007-12-11
Daniel Hulliger
Location.png
Chapter Meeting Securing my Assets (Presentation & Demo)
2007-09-20
Person.png
Location.png
Security-Zone OWASP Testing Guide
2007-09-19
Person.png
Location.png
Security-Zone OWASP Top 10
2007-07-24
Person.png
Location.png
Chapter Meeting OWASP - An Overview
2007-07-24
Person.png
Location.png
Slides.png
Chapter Meeting Dependability for Java Mobile Code
2007-07-24
Person.pngPerson.png
Location.png
Chapter Meeting OWASP Top 10 (Demo)
2007-04-26
Person.png
Location.png
Chapter Meeting Risk metrics
2007-02-12
Person.png
Location.png
Slides.png
Chapter Meeting XSS-Worms
2006-11-11
Person.png
Chapter Meeting OWASP Switzerland Chapter Kick-Off Meeting

OWASP Chapter meetings are free and open. Our chapter's meetings are informal and encourage open discussion of all aspects of application security. Anyone in our area interested in application security is welcome to attend. We encourage attendees to give short presentations about specific topics.


Our main topics are:

  • DevOps
  • Security testing
  • Secure development
  • Hacking
  • Secure Architectures


If you would like to give a presentation (make sure that you have read and understood the speaker agreement), or have any questions about the OWASP Switzerland Chapter, send an email to Robert Schneider.

Help us to make application security visible and become a supporter of the OWASP or our Chapter in Switzerland. All information about becoming a member/sponsor can be found here.

If your company is interested in supporting us directly, please contact Sven Vetsch to talk about the following sponsoring possibilities.

  • Chapter Supporter
  • Single Meeting Supporter
  • Facility Sponsor
  • Organization Supporters (allocating 40% of your annual donation to our Chapter)


Here you can find material related to the OWASP Switzerland Chapter.

OWASP Switzerland bylaws (in German)
Download bylaws

OWASP Switzerland Update Presentation (December 13th 2011)
Download Presentation

Mailinglist button.png Meetup-logo.png