[Owasp-royalholloway] Reminder: Next OWASP London Event - May Chapter Meeting - Thursday, 15th May 2014, 6:30pm-8:30pm
justin.clarke at owasp.org
Thu May 8 11:29:56 UTC 2014
Just to remind you all, our next meeting is next Thursday at our new venue sponsor for the year, Skype, at their offices at 2 Waterhouse Square, 140 Holborn, London, EC1N 2ST. Talks are scheduled to start at 6:30pm, but we can all arrive from around 6pm, and there should be plenty of time for networking (and grabbing pizza and drinks) before and between the talks.
As previously noted, the lineup has changed as Rick Doten can’t make it (we’ll look to reschedule with him), but I think you’ll agree that the replacement talk will both be very interesting and timely for you all!
• Heartbleed Teardown - Hacker Fantastic
An analysis of CVE-2014-0160 ("heartbleed") covering detailed assessment of the vulnerability since it's introduction to OpenSSL on NYE 2011. The talk will also cover exploitation notes and detailed usage scenarios from an attackers perspective. We will discuss exploit development processes, traffic analysis and signature creation by IDS/IPS vendors as well as interesting things learned during exploitation. A demonstration of the vulnerability being exploited and its implications within multiple scenarios will also be performed.
• AppSensor 2.0 - Colin Watson
The AppSensor Project defines the concept of application-specific real time attack detection and response. A new AppSensor Guide book has been written to document the cumulative knowledge of the project's contributors, to provide illustrative case studies, and most importantly to showcase several demonstration working implementations. In this presentation Colin Watson will summarise the concept, bring the topic up-to-date, explain alternative architectural models, discuss the newly published implementation guide, demonstrate application security dashboards, and explain the code and web services implementations that attendees will be able to use immediately in their own projects.
• Hacker Fantastic
Hacker Fantastic is a white hat who enjoys writing software, tinkering with computers and everything security related. He has been extensively researching computer security topics for over 10 years and has a deep interest in offensive security techniques. Hacker Fantastic is extremely passionate about computer security and has researched and developed offensive security tools against major product vendors including Microsoft, Apple, NetBSD, Cisco, Linux, Hewlett Packard, SCO, Silicon Graphics, IBM, SAGEM and NetGear.
• Colin Watson
Colin Watson is founder of Watson Hall Ltd, based in London, where his work involves the management of application risk, designing defensive measures, building security & privacy in to systems development and keeping abreast of relevant international legislation and standards. He was a member of the former OWASP Global Industry Committee, and is currently project leader for the OWASP Codes of Conduct and OWASP Cornucopia projects, co-leader for the OWASP AppSensor project, contributes to Open Software Assurance Maturity Model, CISO Guide and CISO Survey, and wrote the Application Logging Cheat sheet. He holds a BSc in Chemical Engineering from Heriot-Watt University in Edinburgh, and an MSc in Computation from the University of Oxford.
The RSVP page is here - http://owasp-london.eventbrite.co.uk/ (Please note that RSVPs close the evening before the event so we get names on the door!)
See you all there :)
More information about the Owasp-royalholloway