[Owasp-cambridge] Joint ISC(2), IISP & OWASP Cambridge Chapter “Pentesting Tales” Security Seminar Thursday 10th November 5:30 - 8:30
adrian.winckles at owasp.org
Sun Oct 23 13:41:21 UTC 2016
Joint ISC(2), IISP & OWASP Cambridge Chapter “Pentesting Tales” Security Seminar
Thursday 10th November 2016 17:30 – 20:30, Lord Ashcroft Building (LAB002), Anglia Ruskin University, Cambridge.
Hosted by the Department of Computing & Technology, Anglia Ruskin University, OWASP (Open Web Application Security Project) Cambridge Chapter, ISC(2) East of England Chapter and Institute of Information Security Professionals - Eastern Region
Guest speaker: Marc Wickenden - Technical Director at 4ARMED
Abstract: “A day in the life of a pentester"
In this talk Marc will give an overview of the what, why and how of professional penetration testing, from client proposal right through to the report, with tips and examples from our years of delivering many types of security testing engagements. We’ll finish up with what we look for when recruiting penetration testers and how you can get into this field of work.
Biography: Marc Wickenden
Marc cut his teeth looking after networks and infrastructure for various online financial services companies before venturing into consultancy and ultimately founding 4ARMED. He is a hacker at heart, in the creative sense, and still enjoys rolling his sleeves up with his team and getting under the hood of, well, pretty much anything with a CPU.
Guest Speaker: Mr Graham Rymer MSc, MBCS, University of Cambridge
Abstract: Tales from the Crypt
A whistle-stop tour of some web-application horrors. These "Tales from the Crypt" will introduce the audience to some real-world examples of common security vulnerabilities discovered in the University's own infrastructure. This will include cases of insidious XSS, SQL injection, and also a description of a novel vulnerability discovered in the University's decade-old web authentication service, "Raven"
Biography: Mr Graham Rymer
Currently a contract researcher at The University of Cambridge's Computer Laboratory, Graham has also provided ad-hoc support to the University's CERT. A trained ethical hacker, he is a keen exponent of using cyber war games in education and training, having recently helped to organise the inaugural Cambridge2Cambridge cyber security challenge held at MIT earlier this year. Graham has also completed 7Safe's CSTA, CSTP, CFIP, CMI, CFIS, CWSA, and CIIP courses, and is listed in AT&T's bug bounty hall of fame.
OWASP (Open Web Application Security Project is a 501(c)(3) not-for-profit worldwide charitable organisation focused on improving the security of application software. Their mission is to make application security visible, so that people and organisations can make informed decisions about true application security risks.
The Institute of Information Security Professionals (IISP) is a not-for-profit organisation, owned by its members and dedicated to raising the standard of professionalism in information security and the industry as a whole. The IISP does this through accrediting skills and competence, by sharing best practice and by providing a network of support and guidance on individual skill development. It speaks with an authoritative voice and its competency based memberships are widely recognised in the information security industry.
(ISC)²® is the largest not-for-profit membership body of certified information security professionals worldwide, with over 93,000 members in more than 135 countries. The (ISC)2 East of England Chapter is committed to the growth and advancement of Information Security Professionals within the region, development of the information security Industry and promotion of Information Security Standards across industry. We will do this by holding events, collaborating with the companies, professionals and academia within the region to strengthen networks and provide members with opportunities to grow professionally, share knowledge and experience, educate others, support new entrants to the industry and collaborate on projects focused on Information Security Enhancement
The Department of Computing & Technology at Anglia Ruskin University is enhancing its curricula and capabilities in information security following its successful BSc(Hons) Information Security and Forensic Computing pathway. Establishing a joint professional networking group with OWASP concentrating on aspects of computing and application security is a key part of this enhancement. A key aim the department is working towards is developing a MSc Information Security specialising in Application Security and as part of this activity looking to develop and a local Information Security Student Society.
17:30 – 17:45 Welcome from the OWASP Cambridge Chapter Leader, Adrian Winckles, Course Leader in Information Security & Forensic Computing, Anglia Ruskin University
17:45 - 18:45 Talk from Marc Wickenden - 4ARMED - “Day in the Life of a Pentester”
18:45 - 19:45 Talk from Graham Rymer - University of Cambridge - “Tales from the Crypt”
19:45 – 20:30 Refreshments & Networking in LAB107
To register for this free event, please register online at
The meeting will be held in the Lord Ashcroft Building, Room LAB002 (Breakout Room LAB107 for networking & refreshments).
Please enter through the Helmore Building and ask at reception.
Anglia Ruskin University, Cambridge Campus
Cambridge CB1 1PT
Get further information on travelling to the university.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-cambridge