16th june Leeds

Date: Wednesday 16th June

RSVP your ticket for this event here http://www.eventbrite.com/event/708377777

Location: Lecture Room EBA102A, Ellison Building, School of Applied Sciences, Northumbria University, Newcastle upon Tyne, NE1 8ST

The venue is being kindly provided by Northumbria University, an OWASP education sponsor. http://www.northumbria.ac.uk

Schedule: 18:00 for 18:20 start

18:20 - 18:30

OWASP Chapter introduction. OWASP values. Chapter information.

Jason Alexander - OWASP Leeds/Northern Chapter Board Member

18:30 - 18:50

ENISA Common Assurance Maturity Model

OWASP is contributing to the development of an international information assurance framework, principally aimed at identifying a set of security controls mapped to maturity levels for cloud computing services. The framework has been split into a number of domains and OWASP's contributors are working on the o "software development" domain. The presentation will discuss the project, work to-date on the maturity model and how this relates to OWASP SAMM.

Colin Watson - Technical Director at Watson Hall Ltd and Global Industry Committee Member at OWASP Foundation

18:50 - 19:20

Open Source Security Myths

(details to follow)

David Anumudu - Software Security Consultant for Fortify Software EMEA

19:20 - 20:05

SSL/TLS - Just when you thought it was safe to return

2009 was a serious year in breaking secure protocols. SSL/TLS was no different. Hacking SSL/TLS has a big return as a blackhat hacker, once you penetrate a corporate network, stealing login details and passwords are just the beginning. SSL VPN's can also be vulnerable to a number of attacks. There are a number of tools and techniques that are readily available that can make defeating SSL/TLS both simple and well within the reach of the unauthorized attackers.The talk focuses on the research and tools of Moxie Marlinspike, who has gained an excellent reputation as an independent security research. With some interesting attack vectors, you'll be surprised at the results one can achieve.

Arron Finnon - www.finux.co.uk

20:05 - 20:30

OWASP AppSensor - The Self-Aware Web Application

An overview of the AppSensor project which defines a conceptual framework and methodology on the implementation of an application layer intrusion detection and automated response system within a web application.

Colin Watson - Technical Director at Watson Hall Ltd and Global Industry Committee Member at OWASP Foundation