[Owasp-switzerland] Next OWASP Meeting in December

Sven Vetsch / Disenchant sven.vetsch at disenchant.ch
Tue Nov 13 11:45:33 EST 2007

Hash: SHA1

Hi everybody,
first of all I have to say that I'm very sorry, that you haven't heard
something about the next meeting until now. There were different reasons
for this, like some problems with the presentations and also because of
personal stuff. Anyway, now I'd like to announce the next meeting of the
OWASP Switzerland Local Chapter :)

- -------------------------------------------------------------------------

Date and time:
Please vote again at doodle.ch for all dates, where you can attend the
meeting and don't forget the dinner ;)


IMPORTANT: The voting pool is just open for one week (20. November 2007)

The meeting will be from 17:00 - ca. 19:00

Zurich Financial Services
Mythenquai 2 / Zurich


Thanks again to Tobias Christen and the Zurich Financial Services for
sponsoring the meeting room.

As at all of our meetings, everyone is welcome, so if you know someone
who could also be interested in participate, ask him/her to come too :)

- - Certified Secure Web (Presentation)
Certified Secure Web (CSW) takes the best out of two. The mission of
Certified Secure Web is to integrate two different methodologies in a
way that a reliable security certification of a web application is
possible. Certified Secure Web strictly follows the OSSTMM guidelines of
conducting security tests and adapts the OWASP TOP 10 to assure adequate
testing results of web applications. Companies that are already using
OSSTMM-certification can now profit of the OWASP TOP 10. This leads to a
broad integration of OWASP TOP 10 into a large number of companies who
are already using OSSTMM today.

The speaker Thomas Bader is representativ of ISECOM Switzerland.

- - Secure Development Life Cycle (Presentation)
Tobias Christen from the Zurich Financial Services will give a short
presentation on the Secure Development Life Cycle.

- - Securing my Assets (Presentation/Demo)
"We need an absolutely secure application, so lets spend all available
resources on the protection of this application"
All too often we are confronted with such statements. But can we really
achieve security for an application only considering the application
itself? What is the relevance of the underlying operating system,
network or even the transmitting copper cable? Even more isn't the end
user playing the potentially most dangerous role?
A couple of attacks - from user to pysical layer - will demonstrate that
maximized security can only be achieved by investing an appropriate
amount of security related work on each layer.

The speaker Daniel Hulliger works for Dreamlab Technologies AG as
security consultant and security tester.

There will be a sponsored dinner again. This time Dreamlab Technologies
(http://dreamlab.net), a security company from Bern will be our host.
So, please don't forget to register at the doodle.ch voting pool if
you'd also like to get some food.

- -------------------------------------------------------------------------

As usual, if there are any further questions, don't hesitate to ask.


- --

sent by Sven Vetsch / Disenchant


Version: GnuPG v1.4.3 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org


More information about the Owasp-switzerland mailing list