Free

Bristol Regional Meeting - 28th September 2017

Event Information

Share this event

Date and Time

Location

Location

Grant Thornton

Hartwell House

55-61 Victoria Street

Bristol

BS1 6AD

United Kingdom

View Map

Friends Who Are Going
Event description

Description

ISSA-UK Bristol Regional Meeting, partnering with OWASP

Explore the many ways we can hack an (intentionally) insecure website and how to fix the problems.

Learn about threat modelling used in Secure Development Lifecycles and how to use Threat Dragon modelling tool.

Agenda:

• 6:30 pm - Social, refreshments and pizza

• 6:55 pm - OWASP update

• 7:00 pm - Presentation 1: Let's hack a website - Craig Francis

• 8:00 pm - Presentation 2: A short introduction to Threat Modelling - Jon Gadsden

Presentation 1: Let's hack a website

Abstract: We will look at the most (intentionally) insecure website ever created, and work out how many ways we can hack it - discussing each approach, with a quick demo, along with ways to fix the problems.

Bio: I'm Craig Francis, and I've been creating websites for a while (let's just say that I once considered IE6 a good thing). Those websites help businesses operate on a daily basis (invoices, diaries, reports, etc), and operate with Security, Performance, and Accessibility in mind. From a security point of view, I created the first website to gain 130 points on the Mozilla Observatory.


Presentation 2: "A short introduction to Threat Modelling

Abstract: This short introduction will provide an overview of threat modelling used in Secure Development Lifecycles, and covers:

• Threat Models

• The tools used to create them

• Why they are useful

• Open source Threat Dragon

• How to get involved

Bio: Jon is an embedded C/C++ engineer who specialises in product security and secure development lifecycle activities. For the last few years he has been a security advocate at Cisco, a role which requires interest and knowledge of secure development along with a hefty dose of tact. Jon tends to enjoy threat modeling more than static analysis, and penetration testing more than security baselines ... but it is all good.

In his spare time he likes to help organise security conferences and contribute to open source projects - the latest being the OWASP Threat Dragon modelling tool.

Networking & Refreshments

- Drinks & light refreshments sponsored by ISSA-UK & OWASP
- Kindly hosted by Grant Thornton




Share with friends

Date and Time

Location

Grant Thornton

Hartwell House

55-61 Victoria Street

Bristol

BS1 6AD

United Kingdom

View Map

Save This Event

Event Saved