OWASP Dublin - Realex Payments Application Security Workshop
Thursday, May 30, 2013 from 1:30 PM to 8:00 PM (PDT)
I’m happy to announce that we will be hosting an OWASP Dublin https://www.owasp.org/index.php/Ireland-Dublin chapter event in the Realex Payments Dublin office later this month. I gave my first OWASP Dublin talk nearly five years ago so I’m delighted to say we are going to host an exciting chapter event!
The chapter will be offering free application security training followed by two interesting security talks in the evening. This is similar to the format we have used for our application security workshops so I hope people find the training and talks useful!
Eoin Keary will be delivering free application security training between 2pm and 5pm on the 30th May. Eoin was the founder of OWASP Ireland and is currently the global vice chair for OWASP (amongst many other things! https://www.owasp.org/index.php/Eoin_Keary). He has delivered application security training to many developers and security professionals around the world and recently delivered a training course to over 400 people at the RSA Conference.
The training will focus on secure application development and why we can't hack ourselves secure. It will be covering why penetration testing on its own does not work approaches to improvement including "knowing what you don't know" and how to measure change.
It will be technical training covering XSS eradication, client side security and browser DOM curiosities.
The talks will be starting at 6pm in our office and OWASP have arranged two very interesting talks! Diarmaid McManus https://twitter.com/elephant_rb from Realex Payments will be expanding his award winning SecurityBSides London Rookie Track talk https://www.securityninja.co.uk/application-security/securitybsides-london-esp-security-plugin/ to include more details about static analysis approaches and his research and development work on ESP: Security Plugin https://github.com/diarmaid-mcmanus/ESPSecurityPlugin.
Hugh Pearse https://twitter.com/hughpearse will be talking about Low Level Exploits and this looks like it will be a great talk:
“In 2010 Mr Haroon Meer from thinkst.com presented a timeline of memory corruption vulnerabilities and their mitigation techniques dating from 1985 to 2010. In his 35 page publication he referenced almost 150 events in low level information security history. The scope of the presentation "Low Level Exploits" is to explain in detail some of the most significant attacks in from Haroon Meers research. The attacks covered in this presentation include buffer overflows on the stack, heap overflows, integer overflows, format strings, null pointers and ROP chains. This brings us to exploits in the present day where researchers are looking for the successor of the buffer overflow attack, next big exploit.”
When and where?
The training and talks will be held in our Dublin office (address and map can be found here http://www.realexpayments.com/about-realex/our-office-locations) on the 30th May. The training will start at 2pm so please aim to get to our office for 13:30 at the latest. The first talk will start at 6pm so please aim to get to our office for 17:30 at the latest.
How do I register for the training and the talks?
You can sign up on this page. We do have a limited number of places available for both the training and the talks so sign up early to avoid disappointment!If you would like to attend both the training then please select both tickets types.
We hope to see you in the Realex Payments office for OWASP Dublin on the 30th May!