June 2018 OWASP Chapter Netherlands Meetup

Program:
18:30 - 19:00 Drinks and pizzas, sponsored by Nixu
19:00 - 19:15 Welcome, OWASP update
19:15 - 20:00: Building a Security ‘Culture’ by Gareth O’Sullivan
20:15 - 21:00: Building secure software with OWASP tools and guides by Martin Knobloch
21:00 - Closing

Vergader Inn
Croeselaan 207
3521 BN Utrecht

Building a Security ‘Culture’ Rushing Towards Digital Transformation Breaches. Despite significant investments in security technology and processes, attackers still gain access to protected data on a regular basis. IT builds higher and higher walls around the locations where data lives but attacks persist. Mass migration to cloud computing has improved scalability, lowered costs, and freed IT from having to manage the application environment. However, this means cloud becomes a target for attackers, and it becomes more risky to store sensitive data there. BYOD makes users’ devices a target as well. Obviously from a security standpoint, the greater number of devices there are to manage, the greater the risk of attack. What to do, and where to start?

Gareth O’Sullivan Lead Technology Research Consultant at Genomics Medicine Ireland, a company helping map the Irish Genome & recently established as Managing Director of Progress Distribution Ireland a leading EMEA Cyber Security distributor. Gareth is an IT Security Executive with 20 years’ experience in the software industry, 13 of which have been security focused. Previously Snr Director of Solutions Architecture at WhiteHat Security covering EMEA plus similar roles in the past with IBM & Watchfire. Technical, Compliance and Commercially focused so enjoy engaging with technology but also like to build teams, conducting business development, sales channel development & pipeline generation.

Building secure software with OWASP tools and guides All know the OWASP TopTen, some one or more other projects. The problem is, where the wiki is good to archive the project information, it is hard to find information if you don't know what you are looking for. Therefore, only a few have a broader understanding of projects (being tools or guides) you can use in your software development lifecycle, even before, to create more secure software. This talk is highlighting various OWASP projects taking you from CISO policies, security requirements to building and secure software and verifying the security level.

Martin Knobloch is security consultant at Xebia.com. His main working area is (software) security in general, from awareness to implementation. In his daily work, he is responsible for education in application security matters, advise and implementation of application security measures. With his background in Java Development, he understands the complexity of Enterprise software development, Agile Scrum environments and continuous delivery / deployment.