This month's talk will be an interesting mix of application security and the world of concryptocurrency. It will be appealing to security people, developers, cryptocurrency enthusiasts and techies.
"An Introduction to Bitcoin Security within Applications"
Bojan Simic will provide a short background into Bitcoin and how it works. He will then provide some of his firsthand experiences with the state of Bitcoin businesses with regard to security and how many individuals are (insecurely) handling their Bitcoins. These experiences will demonstrate some "hacks" that pertain to the OWASP Top 10 as well as other types of vulnerabilities. The talk will include an overview of simple security steps that individuals and businesses who are working with Bitcoin should take to in order to mitigate the chance of hackers stealing Bitcoin and Personally Identifiable Information (PII) from them and their customers.
Bojan is a security engineer in the industry as well as the founder and main contributor to the Bitcoin Security Project (https://bitcoinsecurityproject.org). The project is a free and open source resource that is dedicated to spreading security awareness across the Bitcoin community by helping individual bitcoin holders and businesses follow security best practices. These practices ensure better security of individual holders' investments and Bitcoin business customers.
Professionally, Bojan has performed hundreds of penetration tests, threat modeling, and security code reviews of different applications. These reviews identify vulnerabilities associated with software, the network software, and infrastructure they are deployed on. He also performs research in the field of web application security and teaches developer training on web application best practices, architecture, and security.
We believe this will be another great talk that will spark compelling thoughts, comments and discussion points.
Come join us at the Dupont UberOffices ( http://uberoffices.com/dupont.php ) and spread the word! Beer, soda and pizza will be served.
- The DC OWASP team -