OWASP Germany Chapter Meeting am 17.05.2013 in Frankfurt
← Older revision
Revision as of 14:10, 17 April 2013
Line 14:
Line 14:
This page contains all informations about Chapter Meetings of the OWASP German Chapter.
This page contains all informations about Chapter Meetings of the OWASP German Chapter.
−
PLease
note, that most infoprmations are in German only.
+
Please
note, that most infoprmations are in German only.
|}
|}
+
+
==OWASP Germany Chapter Meeting am 17.05.2013 in Frankfurt==
+
+
{| width="100%" style="background-color:inherit;"
+
| width="70%" style="vertical-align:top; padding-right:0.5em;" |
+
Das OWASP Germany Chapter Meeting findet am 17.05.2012 um 14 Uhr in Frankfurt statt.
+
+
Ort: Saalbau Gallus, Frankenallee 111, 60326 Frankfurt am Main
+
[[http://maps.google.de/maps?q=Frankenallee+111,+60326+Frankfurt+am+Main&hl=de&sll=50.104389,8.642389&sspn=0.002883,0.010375&vpsrc=0 Karte]] (Wenige Meter von der S-Bahnstation Galluswarte entfernt, ein Halt von Frankfurt Hbf)
+
----
+
==== Einladung ====
+
Hiermit laden wir Euch nochmals herzlich zum Chapter Meeting des OWASP German Chapters ein.
+
+
Wer sich aktiv in die Gestaltung des Chapters einbringen möchte, ist hier genau richtig. Die Chapter-Meetings richten sich an all diejenigen, die aktiv am Chapter geschehen teilhaben möchten. Wir stellen die Weichen, um OWASP in Deutschland noch präsenter zu machen und freuen uns auf Deinen Beitrag! OWASP lebt von der Community, von der aktiven Beteiligung.
+
+
[[https://reg.owasp.de Meldet Euch bitte hier an]]. Bitte!
+
+
| width="30%" style="vertical-align:top; padding-left:0.5em;border-left:1px solid black" |
+
|-
+
| style="vertical-align:top;" |
+
==== Agenda ====
+
+
* 14.00h Tobias Glemser, OWASP German Chapter (30 min): Warme Willkommensworte und Rückblick auf Chapter-Aktivitäten 2012
+
* 14:30h Laurent Levi von Checkmarx (45 min): DevOps and Security: It's Happening. Right Now.
+
* 15:15h Dirk Wetter, OWASP German Chapter und AppSec EU Research Conference Chair (30 min): Rückblick OWASP Day 2012 und Ausblick AppSec EU Research 2013
+
* 15:45h Pause (15 min)
+
* 16.00h Jim Manico, OWASP Board Member (45 min): Top Ten Web Defenses
+
* 16.45h Tobias Glemser, OWASP German Chapter (15 min) Chapter Board Wahl
+
* 17.00h offene Runde (30 min): OWASP Germany im kommenden Jahr
+
* Gegen 17.30 Uhr Ende und wer mag im Anschluss noch einen Absacker im benachbarten Griechen.
+
+
| style="vertical-align:top; padding-left:0.5em;border-left:1px solid black" |
+
==== Agenda ====
+
* 14.00h Tobias Glemser, OWASP German Chapter (30 min): Welcome and Review of Chapter Activities 2012
+
* 14:30h Laurent Levi von Checkmarx (45 min): DevOps and Security: It's Happening. Right Now.
+
* 15:15h Dirk Wetter, OWASP German Chapter und AppSec EU Research Conference Chair (30 min): Review OWASP Day 2012 and Outlook AppSec EU Research 2013
+
* 15:45h Break (15 min)
+
* 16.00h Jim Manico, OWASP Board Member (45 min): Top Ten Web Defenses
+
* 16.45h Tobias Glemser, OWASP German Chapter (15 min) Chapter Board Election
+
* 17.00h offene Runde (30 min): OWASP Germany next year
+
* About 17.30h we will be finished. Who's interested in joining a get together in a greek restaurant nearby is asked to note
+
|-
+
| style="vertical-align:top; padding-right:0.5em;" |
+
==== Ergebnisse / Protokoll ====
+
tbd
+
| style="vertical-align:top; padding-left:0.5em;border-left:1px solid black" |
+
==== Protocol ====
+
tbd
+
|
+
+
|-
+
! colspan="2" align="left" style="vertical-align:top;" |
+
==== Abstracts/Bios ====
+
|-
+
| colspan="2" |
+
===== DevOps and Security: It's Happening. Right Now. =====
+
How do you integrate security within a Continuous Deployment (CD) environment - where every 5 minutes a feature, an enhancement, or a bug fix needs to be released? Traditional application security tools which require lengthy periods of configuration, tuning and application learning have become irrelevant in these fast-pace environments. Yet, falling back only on the secure coding practices of the developer cannot be tolerated.
+
Secure coding requires a new approach where security tools become part of the development environment – and eliminate any unnecessary code analysis overhead. By collaborating with development teams, understanding their needs and requirements, you can pave the way to a secure deployment in minutes. Steps include:
+
* Re-evaluate existing security tools and consider their integration within a CD environment
+
* Deliver a secured development framework and enforce its usage
+
* Pinpoint precise security code flaws and provide optimal fix recommendations
+
+
Laurent Levi
+
Laurent is an experienced security professional with extensive technical knowledge in all aspects of application security. Over the last 6 years, Laurent has been managing Checkmarx's professional services team and prior to that led the code audit team of Lexsi in France. Laurent has extensive software development experience and has a post graduate degree in AI from Paris VI Université Pierre et Marie Curie.
+
+
===== Top Ten Web Defenses =====
+
We cannot “firewall” or “patch” our way to secure websites. In the past, security professionals thought firewalls, Secure Sockets Layer (SSL), patching, and privacy policies were enough. Today, however, these methods are outdated and ineffective, as attacks on prominent, well-protected websites are occurring every day. Citigroup, PBS, Sega, Nintendo, Gawker, AT&T, the CIA, the US Senate, NASA, Nasdaq, the NYSE, Zynga, and thousands of others have something in common – all have had websites compromised in the last year. No company or industry is immune. Programmers need to learn to build websites differently. This talk will review the top coding techniques developers need to master in order to build a low-risk, high-security web application.
+
+
Jim Manico is the VP of Security Architecture for WhiteHat Security, a web security firm. He authors and delivers developer security awareness training for WhiteHat Security and has a background as a software developer and architect. Jim is also a global board member for the OWASP foundation. He manages and participates in several OWASP projects, including the OWASP cheat sheet series and the OWASP podcast series.
+
+
|}
+
==OWASP Germany Chapter Meeting am 03.02.2012 in Frankfurt==
==OWASP Germany Chapter Meeting am 03.02.2012 in Frankfurt==