17th March - Leeds

Location: Novotel Leeds, 4 Whitehall quay, Leeds, LS1 4HR

Schedule:

18:00 for 18:15 start

18:15 - 18:30

OWASP Chapter introduction. OWASP values. Chapter information.

OWASP Leeds Chapter Board

[[Media:Leeds17032010.ppt]]

18:30 - 19:00

Introduction to DVWA (Damn Vulnerable Web Application)

Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and aid teachers/students to teach/learn web application security in a class room environment. More information regarding Ryan and DVWA can be found on his personal blog http://www.ethicalhack3r.co.uk or on the official DVWA homepage http://www.dvwa.co.uk/

Ryan Dewhurst - Lead developer and creator of DVWA

[[Media:DVWA.ppt]]

19:00 - 19:45

Empirical Software Security Assurance

‘Empirical Software Security Assurance’ that compares and contrasts the approach to application security taken by 9 leading European companies along with practical tips that can be applied to any organisation regardless of scale.

David Anumudu - Software Security Consultant for Fortify Software EMEA

19:45 - 20:30 - (if time permits)

Attacking Web Services

Companies worldwide are deploying SOA infrastructure using web services both in intranet and extranet environments. While web services offer many advantages over traditional alternatives they are often over looked when it comes to security. This presentation hopes to educate the audience about web services and their potential vulnerabilities. Also included (technology gremlins permitting) will be some attack vector demonstrations.

Jason Alexander - OWASP Leeds Board Member.

[[Media:Attacking_Web_Services.ppt‎]]

20:30

Finish/Networking

Don't forget to RSVP via the eventbrite website. http://www.eventbrite.com/event/604010612