September 2022 OWASP Chapter Netherlands Meetup

Location: Radboud University, Huygens building, Room zaal HG00.307
Address: Heyendaalseweg 135, Nijmegen
Link: https://www.ru.nl/fnwi/faculteit/profiel/huygensgebouw

See https://owasp.org/www-chapter-netherlands/#div-upcoming for more information about the OWASP Netherlands chapter.

18:00 - 18:15 - Reception of attendees
18:15 - 19:00 - Pizza
19:00 - 19:15 - Welcome and OWASP updates
19:15 - 20:00 - The Red Cross of the Internet by Shairesh Algoe
20:00 - 20:15- Break with drinks
20:15 - 21:00 - Digitally securing The Netherlands - or convincing others to do it by Koen Sandbrink

The Red Cross of the Internet
Abstract:
Over the year 2021 the Dutch Institute for Vulnerability Disclosure (DIVD) notified a total of 86,427 IP addresses that were found to be vulnerable. Compared to 58,358 e-mails in 2020, that is a growth of more that 33%. This year we already sent out 141,078 emails.
The DIVD scans the internet for vulnerabilities and reports these to the people who can fix them. I will go into some of our recent cases, ranging from KaseyaVSA, to Log4j in 2021 and some of the 2022 highlights. Next to that you will get an introduction in how the DIVD has professionalise vulnerability disclosure and why we are allowed to somewhat break laws on computer crime and privacy.
Bio:
Shairesh Algoe is passionate about information security and tech and enjoys teaching and telling stories. He tries to keep information security simple with more than 12 years of experience and has had several security hats. From technical to leadership roles.

His day job is being a Chief Information Security Officer for TM-Pro an FinTech company provides banking as a service platform to small, medium and lager financial institutions.
Beside that he is a board member at the DIVD and responsible together with the management team for the continuity of this hacker collective that helps to clean up the internet for free within our code of conduct.

In his other spare time, he is also an entrepreneur who delivers security products and services to multiple companies. He is also a speaker and teaches students about information security and quantum technology.

Digitally securing The Netherlands - or convincing others to do it
Abstract:
NCSC-NL has a clear mission: to make The Netherlands digitally secure. To achieve this, we need to understand what's going on and connect all the relevant parties to exchange knowledge and provide a perspective for action, hopefully to prevent digital disruptions. But the NCSC does not own or control any part of the internet. We do not have actual buttons to push or knobs to turn. We need to make others do this for the greater good. Let's take a dive into the efforts of the NCSC to help assess digital risks, help resolve vulnerabilities in systems and help respond to incidents.
Bio:
Koen Sandbrink is a cyber security advisor for the National Cyber Security Centre of The Netherlands (NCSC-NL). Originally educated to make IT, he started his career as a security tester to break IT. In the following decade, he has seen too many things gone wrong and has developed a few opinions on how not to do those things anymore. Koen likes trains, architecture and classical music and is also convinced that Ludwig van Beethoven was a hacker.