Free

OWASP London Chapter Meeting - Thursday 26th April 2018 6:30pm

Event Information

Share this event

Date and Time

Location

Location

Ernst & Young LLP

1 More London Riverside

London

SE1 2AF

United Kingdom

View Map

Event description

Description

This event is kindly hosted and sponsored by EY (Ernst & Young LLP)

Location: EY, 1 More London Riverside, London, SE1 2AF (please note: there are two EY offices on the same street - No 1 and No 6, the event will take place at Number 1 More Place)

Nearest Tube: London Bridge (5-minute walk)

Doors Open at 6:00pm for registration, pizza, drinks and networking. The talks start at 6:30pm (we start on time)

TALKS:

OWASP Introduction, Welcome and News - Sam Stepanyan, Sherif Mansour & Greg Fragkos

Welcome and a brief update on OWASP Projects & Events from the OWASP London Chapter Leaders and a Welcome from Ian McCaw, Associate Partner​,​ Operational Transaction Services, EY.

"SCADA and Other Dangerous Things" - Professor Andrew Blyth

This talk will discuss a forensic readiness approach to SCADA and IPCS. Through a series of case studies we will discuss forensic requirements as they relate to SCADA and IPCS. We will also define a forensic readiness model in response to these requirements.

Lightning Talk: "Introducing Remediate the Flag: a Hands-On AppSec Training Platform" - Andrea Scaduto

Developers aren’t born knowing how to code securely and AppSec training often lacks provide practical examples.
This talk introduces, RTF an open source ApppSec training platform that offers hands-on exploitation, remediation, and secure coding exercises

"Is There Room for SecArch in DevSecOps?" - Dimitrios Petropoulos

If security is (still?) an afterthought, is shifting security to the left with automation enough for DevSecOps to deliver on its promises in the era of software at the speed of thought?

Lightning Talk: "Security Testing Automation via Jenkins and Threadfix" - Lucian Corlan & Nikos Savvidis
This lightning talk will show you: how we have architected and configured our Security Jenkins pipeline to perform security tests, how Threadfix helps to achieve automation (use cases), how can Security Champions help to achieve the above

SPEAKERS:

Andrew Blyth
Professor Andrew Blyth received his PhD in Computer Science in 1995 at Newcastle University, UK. He is currently director of the Cyber Defence Centre at the University Of South Wales. Over the past twenty years he has spent much of his time working and publishing in the area of computer forensic and Computer Network Defence. Andrew and his Information Security Research Group has delivered ground-breaking work in the area of computer network defence over the years. He has published numerous conference/journal papers in the areas of computer network defence and computer forensics, with key highlights including: a) The first forensic analysis of games consoles such as the X-Box and Play-Station, b) first forensic analysis of automobile engine management systems and c) develop and deployment of forensic capability in the automobile engine management systems and SCADA/IPCS. In addition, Professor Blyth, is also lead examiner for the GCHQ accredited Tiger Scheme. He is the author of the "Information Assurance: Surviving in the Information Environment" book that has become the cornerstone of knowledge for every Information Security professional in the past 15 years. Many well-known security professionals and cybersecurity experts across different industries worldwide, have been taught and trained under his watch over the past 20 years. (@ajcblyth)

Dimitrios Petropoulos
Over the last thirty years, Dimitrios Petropoulos has been developing security middleware, designing enterprise security architectures, performing security R&D, conducting technical security assessments and advising on security strategy across EMEA. He is currently a Principal for DXC's Security Advisory practice

Andrea Scaduto
Andrea is a Penetration Tester and Software Engineer. He is specialised in Web/Mobile applications security and development and he has an in-depth experience in defensive techniques for secure coding, aiming at the optimisation of costs in addressing security issues.

Lucian Corlan
Lucian is a Director Application Security at SagePay. Lucian holds a number of security certifications – MSc ITSec, MA Security Studies, CISSP, CSSLP (a), CISM, CISA, CEH, OSCP, SABSA Foundation and has previously worked for Betfair in the InfoSec/AppSec Manager and Acting Head of AppSec roles. Lucian has also led one of the Romanian OWASP Chapters and is still involved in OWASP. Before that he worked for several multi-national organisations in the banking (chip card security & app security) and telecom (infra & app security) sectors. If there’s any free time left…, he spends it meddling with astronomy (planetary & galactic), reading philosophy/crypto detective books and dissecting bits of geo-economy politics.

Nikos Savvidis
Software engineer with a strong interest in application security and embedding security in the SDLC, having previous experience in companies ranging from a start-up with 15 employees, to a big enterprise with >10k employees.

TICKETS

This event is free to attend for both members and non-members of OWASP and is open to anyone interested in web application and cyber security. Please note that you MUST book your place to be admitted to the event by the building security - your name will be checked against the guest list.

Share with friends

Date and Time

Location

Ernst & Young LLP

1 More London Riverside

London

SE1 2AF

United Kingdom

View Map

Save This Event

Event Saved