Viewing 0 current events matching “AppSec” by Date.

Sort By: Date Event Name, Location , Default
No events were found.

Viewing 3 past events matching “AppSec” by Date.

Sort By: Date Event Name, Location , Default
Tuesday
Jan 23
OWASP: AppSec Testing Beyond Pen Test
Jama Software (New Office)

Abstract: Most web application security testing efforts are concentrated around penetration testing which is an art based on a hacker’s psyche, thought process, and determination to exploit vulnerabilities. But, does it yield a high level of confidence and sense of security in a developer’s mind? The answer is a “maybe” especially when the bad guy is obsessed with figuring out new exploits to hack your application. The web application developers have to think about intrinsic security - that is, building security throughout the SDLC. We build applications based upon well-formed customer requirements. Why should we not, then, build our applications based upon the fundamental principles of security and then harden security from the hacker’s perspective?

Bio: Principal consultant at Gupta Consulting LLC., Bhushan Gupta is passionate about development methods and tools that yield more secure web applications especially in the agile software development environment. As a researcher he has keen interest in understanding and applying fundamental principles and known methodologies to develop dependable and secure software solutions. His interests extend to Social Engineering and Attack Surface Analysis. Bhushan worked at Hewlett-Packard for 13 years in various roles including software quality lead, engineer, software process architect, and software productivity manager. He then developed a strong interest in web application security while working as a quality engineer for Nike Inc. Bhushan has been studying various facets of web application security and promoting how to apply common sense approach to build secure solutions. He is a certified Six Sigma Black Belt (HP and ASQ) and an adjunct faculty member at the Oregon Institute of Technology in Software Engineering. To learn more about Bhushan’s contributions to SDLC, visit www.bgupta.com

Website
Monday
Feb 26
OWASP February Chapter Meeting : Jon Bottarini on Bug Bounties
Jive Software

Jon Bottarini will be presenting on bug bounties (from both a hacker and a program perspective), common mistakes in the software development lifecycle that make it easier to find bugs, and what developers can do to understand their full attack surface.

Bio:

Jon Bottarini is a Technical Program Manager at HackerOne, where he is responsible for managing the bug bounty programs for the US Department of Defense and other companies looking to leverage talent from hacker-powered security. In his free time he is also a hacker and bug bounty hunter who has reported vulnerabilities to worldwide brands and organizations such as New Relic, Apple, Google, the US Department of Defense, and many more.

Twitter: https://www.twitter.com/jon_bottarini
LinkedIn: http://www.linkedin.com/in/jonbottarini

Website
Wednesday
Oct 3
OWASP Portland 2018 Training Day
World Trade Center

For the third year in a row, the Portland OWASP chapter is proud to host our information security training day! This is be an excellent opportunity for those interested to receive top quality information security and application security training for prices far lower than normally offered. It's also a great chance to network with the local infosec community and meet those who share your interests.

OWASP Portland 2018 Training Day will be October 3, 2018.

Courses Courses will be held in two tracks: four in the morning session, and four in the afternoon session. Each participant can register for one morning course, or one afternoon course, or one of each.

The Portland OWASP chapter is hosting its 3rd annual training day. This will be an excellent opportunity for students to receive quality information security and application security training for next to nothing. It will also be a great chance to network with the local infosec community. For more information, see the main event page.

Courses are held in four tracks: four in the morning session, and four in the afternoon session. Each student can register for one morning course, or one afternoon course, or one of each!

NOTE: If you see that a course is sold out, then it is unlikely we will have any additional seats in that course. You can email ian DOT melven AT owasp.org OR benny DOT zhao AT owasp.org OR bhushan DOT Gupta AT owasp.org to request being added to the waiting list. Please be sure to specify which class(es) you want to be added to the wait list for.

OWASP Portland 2018 Training Day will be October 3, 2018. This year we'll be located at:

World Trade Center Portland 121 SW Salmon St. Portland, OR 97204. Later in the evening, a social mixer will also be held at Rock Bottom Restaurant & Brewery, just a short walk away:

206 SW Morrison St Portland, OR 97204

Time Activity 8:00 AM - 8:30 AM Morning Registration and Continental Breakfast 8:30 AM - 12:00 PM Intro to Hacking Web 3.0 (Mick Ayzenberg)

Introduction to Computer Forensics (Kris Rosenberg)

Intro to Practical Internal Vulnerability Scanning (Patterson Cake)

Incident Handling in Cloud Environment - a primer (Derek Hill)

12:00 PM - 1:30 PM Lunch on your own - Meet a new friend and grab a bite!

1:00 PM - 1:30 PM Afternoon Registration (for those attending only in the afternoon)

1:30 PM - 5:00 PM Advanced Application Security Testing (Timothy Morgan)

AppSec Testing Beyond Pen Test (Bhushan Gupta)

Applied Physical Attacks on Embedded Systems, Introductory Version (Joe FitzPatrick)

Advanced Custom Network Protocol Fuzzing (Joshua Pereyda)

5:00 PM - 7:30 PM Evening Mixer @ Rock Bottom Restaurant and Brewery

Want to get news and information on our 2018 Training Day? Subscribe to the Portland OWASP mailing list or follow @PortlandOWASP on Twitter!

Website