Post on 31-Dec-2020
26thJanuary2017
Agenda
• Networking,snacks&drinks• WelcomeandOWASPUpdate-SamStepanyan&SherifMansour
• IdentitiesExposed-HowDesignFlawsinAuthenticationSolutionsMayCompromiseYourPrivacy-DavidJohansson
• LightningTalk:IntroducingOWASPSummit2017-FrancoisRaynaud,DinisCruz ——————break——snacks—drinks—————-
• OWASP-SAMMMaturityModels-DinisCruz• Networking&Beer
LondonChapter
ChapterLeaders:• SamStepanyan(@securestep9)
• SherifMansour(@kerberosmansour) KeepingInTouch:➤ JointheOWASPLondonmailinglist➤ Follow@OWASPLondononTwitter➤ “Like”OWASPLondononFacebook➤ SubscribetoOWASPLondonChannelonYouTube➤ Chatwith#chapter-londonteamowasp.Slack.com
OWASP
• WeareaGlobalnot-for-profitcharitableorganisation
• Focusedonimprovingthesecurityofsoftware
• Vendor-NeutralCommunity
• CollectiveWisdomoftheBestMindsinApplicationSecurityWorldwide
• Providefreetools,guidance,documentation
• Allmeetingsarefreetoattend(*freebeerincluded)
BecomeaMember
WeareallVOLUNTEERS!(45,000worldwide)
Membership
$50/year!
LondonChapterSupporters
OWASPCorporateMembers
PremierMembers
Premiermembers
Hackathon&CTFTournament
Awesomehackathon
HackathonPrizes
HackathonSponsorsNeeded
TherewillbeaHackathonthisyear-needhostingsponsors!
AppSecEurope2017
8-12May2017,BelfastNorthernIreland
Belfast,Belfast!
AppSecEurope2017-CallForPapersisOPEN!Submityourproposals!
SCLondon
VolunteersWanted!!!
SCCongress
• VolunteerswantedtostafftheOWASPBoothon23February2017
Pleasegetintouchifyoucanvolunteer
GoogleSummerofCode
Flipbits!Notburgers!
GoogleSummerOfCode
GSOC:Howyoucangetinvolved
• BecomeaMentorforastudent:
• ChooseaparticipatingOWASPprojectfromthewikipage,preferablytheoneyouaremostfamiliarwith.
• TouchbasewiththeprojectleaderandaskoneoftheOWASPAdministratorstosendyouaninvitationtogetstartedtoday.
• HelpOWASPInviteStudents:
• Areyousomehowaffiliatedwithauniversity?Getintouchwithstudents,informthemabouttheprogramandhowtheycanparticipatewithOWASP.Pleasedirectstudentstothewikipagefordetails:https://www.owasp.org/index.php/GSOC_2017_for_Students
GSoC:April3rdDeadline
NewFlagship:SecurityShepherd
SecurityShepherdCTF
CompetitiveLearningEnvironment-learnaboutvulnerabilities!
DefectDojo
DefectDojo
• OWASPDefectDojoisasecurityprogramandvulnerabilitymanagementtool.
• DefectDojoallowsyoutomanageyourapplicationsecurityprogram,maintainproductandapplicationinformation,schedulescans,triagevulnerabilitiesandpushfindingsintodefecttrackers
DefectDojo
DefectDojo
AppSecUSA2016Videos
DevSecConSummitPlanned
Talktime
MainTalks:
• DavidJohansson
• DinisCruz
StayinginTouchOWASPLondon
KeepinTouch–getinformedaboutfutureevents:
JoinTheOWASPLondonMailingList:http://lists.owasp.org/mailman/listinfo/owasp-london
WatchusonYouTube:YouTube.com/OWASPLondon
Slack:owasp.slack.com#chapter-london
VisitOWASPLondonChapterwebpagehttps://www.owasp.org/index.php/London
OWASPLondonSaveTheDatesofFuture
meetings:
30March2017
FollowusonTwitter@owasplondon
“Like”usonFacebookhttps://www.facebook.com/OWASPLondon
PresentYourTalk
CallForSpeakersForFutureEvents
DoyouhaveagreatWebApplicationSecurityRelatedTalk?
3Tracks:
•Breakers•Defenders•Builders
Submittheabstractofyourtalkandyourbioto:
owasplondon@owasp.org
ThankYou!
Speakers:
• DavidJohansson• DinisCruz• FrancoisRaynaud
Hostsforthisevent• J.P.MorganChase
• Attendees(you!)
PubTime!
• NetworkingandDrinksinthelocalpub