Looks like this event has already ended.
Check out upcoming events by this organizer, or organize your very own event.
OWASP BeNeLux 2010
Wednesday, December 1, 2010 at 9:30 AM - Thursday, December 2, 2010 at 6:00 PM (CET)
When & Where
OWASP Belgium, Netherlands and Luxembourg Chapters
The Open Web Application Security Project (OWASP) is a 501c3 not-for-profit worldwide charitable organization focused on improving the security of application software. Our mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks.
|Sebastien Deleersnyder (OWASP Board, SAIT Zenitel)|
|Sebastien started the successful Belgian OWASP Chapter and performed several public presentations on web application and web services security. Sebastien specialises in (web) application security, combining his software development and information security experience. He is currently OWASP Foundation board member and Managing Technical Consultant at SAIT Zenitel.|
|Radu State (University of Luxembourg)|
|Radu received his PhD degree from INRIA, Nancy – University Henri Poincaré in 2001.
Radu has held positions as Research Engineer and Senior Engineer at INRIA-LORIA and has been working as Senior Researcher at the University of Luxembourg, FSTC-CSC Research Unit from October 2008 to September 2010. Radu's research activity will be on one side investigate interoperability aspects to supply security components in the area of ubiquitous computing and on the other side set up a project specific interoperability research lab in close cooperation with industry.
|Nick Nikiforakis (Katholieke Universiteit Leuven)|
|Nick Nikiforakis is a PhD student at the Katholieke Universiteit
Leuven, in Belgium. He belongs to the DistriNet research group and
specifically in the “Security & Languages” task-force. His current
research interests are: low-level security for unsafe languages and web
Nick holds a BSc in Computer Science and a MSc on Distributed Systems from the University of Crete in Greece. He worked for 3 years as a research assistant in the Distributed Computing Systems group at the Foundation of Research and Technology in Crete where he did research in network data visualization, authentication schemes using mobile devices and phishing countermeasures. In the past, Nick has presented his work in academic conferences as well as hacking conventions. His work can be found online at www.securitee.org.
|Matias Madou (Fortify)|
|Matias Madou is principal security researcher at Fortify's Security Research Group, which is responsible for building security knowledge into Fortify's products. His work focuses on developing new techniques to detect vulnerabilities. Matias holds a Ph.D. in computer engineering from Ghent University, where he studied application security through program obfuscation to hide the inner workings of an application. During his Ph.D., he collaborated with top research and industry players in the field of program obfuscation.|
|Marco Balduzzi (Eurecom)|
Marco Balduzzi is an IT security specialist with several years of
experience as engineer and consultant for different international
companies located in Milan, Munich and Nice. At the moment, he is a PhD
researcher in EURECOM and a proud member of the International Secure System Lab. He designs systems for the detection of botnets/malware, the analysis of
web threats and the security of cloud computing.
|Walter Belgers (Madison Gurkha)|
|Walter Belgers heeft Technische Informatica gestudeerd aan de Technische Universiteit Eindhoven met als extra vak o.a. Computercriminaliteit (Universiteit van Tilburg). Walter is in 1994 begonnen bij Philips C&P (tegenwoordig Atos Origin) als ontwikkelaar van wereldwijde firewall-diensten en de uitrol daarvan. Daarna heeft hij enkele jaren lesgegeven op het gebied van UNIX en Internet beveiliging bij AT Computing. In 2002 is hij toegetreden tot Madison Gurkha als partner. Naast zijn technische consultancy-activiteiten, houdt Walter zich bezig met het schrijven van artikelen en columns, het geven van lezingen en voorlichten van de pers. Walter is gecertificeerd security professional (CISSP) en security auditor (CISA).|
|Martin Knobloch (Sogeti Nederland B.V.)|
|Martin Knobloch is employed at Sogeti Netherlands as Senior Security
Consultant. He is founder and thought leader of the Sogeti task force
PaSS, Proactive Security Strategy, with an integral solution of
information security within organisation, infrastructure and software.
At OWASP, Martin is board member of the OWASP Netherlands Chapter and member of the Global Education Committee.
|Michael Sandee (Fox-IT)|
|Michael Sandee, Lead Expert Cybercrime at Fox-IT, has been working analyzing Cybercrime for over 5 years. With day-to-day analysis of malware and cybercrime activities he has developed a good understanding on how the underground economy operates and how large this market is, and also how we are affected by this every day.|
|Chen Gour-Arie (Comsec Consulting)|
|Chen Gour-Arie has years of experience in information security, with a specific expertise in application level security. Chen
has conducted projects in all areas of information security, in diverse environments, utilizing a wide range of professional tools. Some of his notable projects have focused on: complex penetration testing, comprehensive White Box audits, network security, policy and procedure formulation, manual and automated security testing, security evaluation of products, leading secure software development lifecycles, infrastructure security audits, risk assessments, PCI and PA-DSS consulting, and more.
|Location - December 2nd, 2010|
|10h00-10h15||Welcome (by Martin Knobloch and Ferdinand Vroom, OWASP NL Chapter)|
|10h15-10h45||OWASP Update (by Seba Deleersnyder, OWASP Board, SAIT Zenitel)|
|11h00-11h40|| Clickjacking: an empirical study with an automated testing/detection system (by Marco Balduzzi, Eurecom)
|11h40-12h20|| Privacy of file sharing service (by Nick Nikiforakis, Katholieke Universiteit Leuven)
|12h20-13h00|| Finding Backdoors in Code (by Matias Madou, Fortify)
|14h00-14h40|| How NOT to implement a Payback/Cashback System (by Thierry Zoller)
|14h40-15h20|| Botnets/Bredolab (by Michael Sandee, Fox-IT)
|15h20-16h00|| 0wning Networks with VoIP and Web attacks (by Radu State, University of Luxembourg)
|16h20-17h00|| The Social Networking Corporate Threat (by Chen Gour-Arie, Comsec Consulting)
|17h00-17h40|| Attacking is easy, defending is hard (by Walter Belgers, Madison Gurkha)
|17h40-17h50||Closing (by Martin Knobloch and Ferdinand Vroom, OWASP NL Chapter)|
Part of the BeNeLux OWASP Day 2010
|Overview & Goal|
|Date||Venue & Directions|
|December 1, 2010||
5612 AM Eindhoven,
How to get here:
|Price & Registration|
|COURSE'S MODULES DETAILS|
|Time||Module||Trainer||Presentation||Overview & Goal|
|10h30 (30m)||Welcome Coffee||
|11h00 (30m)||Guided tour of OWASP Projects||Sebastien Deleersnyder||Tour of OWASP’s projects||See details and Trainer's notes|
|11h30 (60m)||OWASP Top 10||Sebastien Deleersnyder||OWASP Top 10 - Issues and Remedies||See details and Trainer's notes|
|12h30 (30m)||Lunch Break||
|13h30 (45m)||Threat Risk Modeling||Martin Knobloch||Threat Modeling – how to do it||See details and Trainer's notes|
|14h15 (45m)||OWASP Testing Guide||Martin Knobloch||Application Security Using the Testing Guide||See details and Trainer's notes|
|15h00 (15m)||Coffee Break||
|15h15 (60m)||OWASP WebGoat Project||Martin Knobloch||WebGoat - Do it Yourself - QuickStart||See details and Trainer's notes|
|16h15 (60m)||OWASP Software Assurance Maturity Model||Sebastien Deleersnyder||Software Assurance Maturity Model & Secure Development Lifecycle||See details and Trainer's notes|