[Owasp-cork] OWASP Cork Chapter Meeting - December 11 2014

Fiona Collins fiona.collins at owasp.org
Fri Nov 28 12:53:56 UTC 2014


The next OWASP Cork Chapter meeting is taking place on Thursday December
11th in UCC (Western Gateway Building, WGB G04) at 7PM.

You can sign-up on our Meet-up page:
http://www.meetup.com/OWASP-Cork/events/218796493/

Hope to see you there.

There are two talks lined up:

Talk 1: Eoin Carroll - Android Webview Exploitation

Bio:

Eoin Carroll is an IT Security Engineer and member of OWASP since 2009.
Based in Cork and works on all things security with keen interests in the
Android Stack, Threat Modeling, HTML5, Cryptanalysis, Reversing and
Exploitation.

Eoin has 13 years’ experience spanning across the IT, Semi-Conductor and
Medical Device industries, working as an Electronic Engineer for 10 yrs and
in Security for the last 3 years.

Android Webview Exploitation

This talk will focus on the AddJavascriptInterface which is remotely
exploitable leading to Shell and Cross Application Scripting (XAS). Eoin
will discuss the importance of Threat Modeling with cross platform
development frameworks such as Phonegap/Cordova as well as security tools
such as Drozer and AFE (Android Exploitation Framework).

The session will finish with a MITM demo exploiting the
AddJavascriptInterface.



Talk 2: Eoin Keary & Rahim Jina - 2014 EdgeScan Vulnerability Stats Report

Eoin Keary - BCC Risk Advisory / OWASP

Eoin is international board member and vice chair of OWASP, The Open Web
Application Security Project (owasp.org), and during his time in OWASP he
has lead the OWASP Testing and Security Code Review Guides and also
contributed to OWASP SAMM, and the OWASP Cheat Sheet Series.
Eoin is a well-known technical leader in industry in the area of software
security and penetration testing, and has led global security engagements
for some of the world's largest financial services and consumer products
companies. He was a senior manager, responsible for penetration testing in
EMEA for a “big 4” professional services firm for 4.5 years. He is the CTO
and founder of BCC Risk Advisory Ltd (bccriskadvisory.com) an Irish company
who specialise in secure application development, advisory, penetration
testing, Mobile & Cloud security and training.
Eoin has delivered security training and talks for OWASP to over 600
developers in the past year including events such as RSA (2013), RSA
Europe, OWASP EU (2013), OWASP Dublin 2013.

Rahim Jina - BCC Risk Advisory / OWASP

Rahim is a member of OWASP and has contributed to many open source security
projects over the past 8 years such as the OWASP Testing and Security Code
Review Guides and also OWASP SAMM. Previously Rahim was a senior consultant
at a “big 4” professional services for and the head of security for a large
VoIP/IPT company in Los Angeles, USA and now works as the Director of
information security for BCC Risk Advisory (bccriskadvisory.com). His is
also responsible for the security architecture of the edgescan.com
vulnerability management solution.


We will go along to the Woolshed bar for some drinks and chats after the
talk: (http://www.woolshedbaa.com/cork/)


Chapter meetings are provided free of charge although OWASP membership is
encouraged and besides supporting the organisation, will provide the holder
with benefits in other areas such as free/discounted entry to conferences,
etc.

Hope to see you there,
Fiona & Darren

(OWASP Cork Team)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-cork/attachments/20141128/749d4e42/attachment.html>


More information about the Owasp-cork mailing list