OWASP Belfast September meetup

Hello OWASP Belfast!

We are delighted to announce our next hybrid event for 2023 with an exciting lineup of talks from local industry leaders. The Meet up will be in partnership with ESO, who have also kindly offered to host the evening and provide pizza, beers, and soft drinks for everyone.

Date: 28th September 2023

Time: 6.00 PM

Location: ESO, 42 Fountain St, Belfast BT1 5EF.

Zoom Link: https://eso.zoom.us/j/95951081970?from=addon

First, we will share an example of how identifying and assessing an attack on an application was used to gain insights into attacker behavior, and how invaluable this can prove in informing future actionable steps to prevent exposure. Next, we will present an overview of the key vulnerabilities associated with the use of social media in business and how easy it is to experience a breach when you do not have the correct policies and procedures in place. We will then delve into the world of ethical hacking, exploring the most common "low-hanging fruit" issues encountered over the past year. We will focus on prevalent vulnerabilities like HTML injection, Insecure Direct Object References (IDOR), and authentication flaws. Finally, we will finish with a technical talk from Ciaran from Rapid 7 who will take you through software supply chain software issues – malicious attackers, unsuitable licenses, and deprecated code which can all lead to problems in stuff that used to "just work". He will talk about how (despite what sales teams might tell you) there’s no single simple solution to this and show you how to manage your risk in an achievable way.

Agenda:

6.00 - 6.20 Networking & Food

6.20 - 6.30 Welcome to ESO Finian / Sarah

6:40 - 7:00 Talk 1: "The Safety Law of An Idiot Next to You" by Tanya Vacarda

7:00– 7:20 Talk 2: "From Likes to Leaks: Understanding the Security Risks of Social Media" by Anne-Marie O'Donnell

7:20 – 7:30 BREAK (10 min)

7:30 – 7:50 Talk 3: "Hacking For Devs: Bridging the Gap Between Developers and Hackers" by Jacob Steadman

7:50 – 8:10 Talk 4 "A Pragmatic Approach to Software Supply Chain Security" by Ciaran Conliffe

8.10 - 8.30 Networking and Exit

Disclaimer

As always, our events are designed to educate. Any tools and techniques demonstrated are for informative purposes only. We do not endorse their use for malicious purposes.

OWASP, the Open Web Application Security Project, is an open community dedicated to enabling organizations to conceive, develop, acquire, operate, and maintain applications that can be trusted. So come along to Belfast chapter meetings if you would like to hear about, or share information with the community on how to ethically hack your own systems, how to defend your applications, and how to build security into your applications. Chapter meetings also provide a great opportunity to meet like-minded people with similar interests for general discussion, chit-chat, and banter!

Speaker Info:

Tanya Vacarda - Allstate NI, Sr. Consultant https://www.linkedin.com/in/tanyavacarda/

Jacob Steadman- Vertical Structure Ltd, Ethical Hacker/Lead Penetration Tester https://www.linkedin.com/in/jacob-steadman-08b17395/

Anne-Marie O'Donnell, BH Consulting Ltd, Cybersecurity Consultant https://www.linkedin.com/in/anne-marie-o-donnell-71536411a/

Ciaran Conliffe, Security Architect, Rapid7 https://www.linkedin.com/in/ciaran-conliffe-7133843a/

Additional Information

ESO is located between Waterstones bookshop and the back of Boots in Belfast city center. They have two working lifts. ESO employees will be at the door to welcome attendees and show them to the meetup space.