Revision as of 14:07, 10 January 2008 by Maddari (talk | contribs) (<font color="red"> <font size="5"> OWASP Vancouver Chapter meeting January 21, 2008</font> </font>)

Jump to: navigation, search

OWASP Vancouver

Welcome to the Vancouver chapter homepage. The chapter leader is Neil Rerup


OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.


Btn donate SM.gif to this chapter or become a local chapter supporter.

Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG }

OWASP Vancouver Chapter meeting January 21, 2008

Time: January 21, 2008 6:30 p.m. to 7:30 p.m.

Location Business Objects 910 Mainland Street Vancouver BC, Canada  V6B 1A9

For the January meeting of the OWASP Vancouver chapter we have a very interesting presentation from Michael Weider, Founder and CTO of IBM Watchfire. Michael will provide insights into the latest trends in application security, what is the threat and what best practices are companies employing to address this growing threat.

The session will be held on January 21st starting at 6:30 p.m.

Please contact Mauro Addari at Mauro to register

OWASP Vancouver Chapter meeting November 29, 2007

Location: Business Objects Main office Attendance: Rodrigo, Rui, Zenko, Russ, Mauro

The meeting started with an introduction of the OWASP group and its objectives: goals and projects that OWASP is leading. There are various open source projects that the OWASP team has been a part of, namely, the OWASP top ten list of vulnerabilities; CLASP ( a guideline for companies to address security issues in their products ); GOAT ( practice your hacking skills on their machines); Web Scarab; plus other scanning/hacking tools.

We then introduced the OWASP Vancouver chapter: lately the chapter has been a little be dormant and all the presents agreed to provide help to revamp the chapter. The objective of the OWASP Vancouver chapter is to promote web application security and security awareness in the community.

In the fall off 2007 the Vancouver chapter reached into the other Vancouver security and technical groups. Some groups as for example SIG Security and Vantug have been interested to hear more about OWASP and the asked for presentations. More presentation can be done to these groups in the next year. We all agree that reaching into Vancouver groups is an important goal for the OWASP Vancouver chapter.

Another goal of the group is to facilitate some technical discussion and presentation on the security field. Some of the topics of interest are the following:

  • Honeypot;
  • Vulnerabilities;
  • Secure Development LifeCycle;
  • Hands on seminar using various security/pen tools;
  • Wireless security;
  • Http and basic encryption;
  • Forensic;
  • Law and enforcement in security;
  • International security groups like CISSP or SANS.

We've also discussed the possibility to promote OWASP in the community and other groups and to capturing new membership through social sites such as and

The next meeting is planned for the end of January

OWASP Chapter Meeting May 30th 5:30pm - 7:00pm


  • Neil (PDB Security)
  • Chris (Sxip Identity)
  • Mauro (Business Objects)


Ideas for new members?

  • Chris to lead web page
  • Mauro to contact other local security groups (ISACA, ISSA, CIPS Security Special Interest Group)
  • Neil to arrange speakers
  • Group to invite friends :)

Future Speakers

  • Topics of interest: fuzzing, risk modeling (CLASP), other risk methodologies, cryptography, web services, tools

Other ideas?

  • Goals of the chatper: grow, crosponation of ideas in app. sec. space, evangilize app sec!
  • Chatted about compliance standards.
  • Chatted about info sec. vs app. sec. as a whole.