OWASP London Chapter Meeting, Thursday 29th September 2016, 6:30pm
Free
OWASP London Chapter Meeting, Thursday 29th September 2016, 6:30pm

OWASP London Chapter Meeting, Thursday 29th September 2016, 6:30pm

Event Information

Share this event
Date and Time
Location
Location

Skype(Microsoft) London

2 Waterhouse Square

140 Holborn

London, United Kingdom

View Map

Event description

Description

Event Details

This event is kindly sponsored and hosted by Skype (Microsoft).

Doors Open at 6pm, the talks start at 6:30pm (we start on time).


Talks:

  • Introduction and OWASP News -  Sam Stepanyan and Sherif Mansour
    Welcome and OWASP updates from the OWASP London Chapter Leaders

  • The Thermostat, the Hacker, and the Malware - Ken Munro and Andrew Tierney
    Following the PoC thermostat ransomware Ken Munro and Andrew Tierney performed at DefCon 24, this presentation digs even deeper into IoT devices and their apps. Staying with the thermostat Ken and Andrew will walk through the ransomware attack and then move onto general malware - which has no easy method for detection. Even when firewalled these devices are still vulnerable to local attacks so we’ll show you how you can achieve a compromise. We’ll also take a look at CSRF spraying, IoT gear in public areas, supply chain tampering, and malicious firmware updates.

  •  Using Tests To Attack and Defend Node.js Applications - Dinis Cruz
    Abstract TBC

Speakers:

Ken Munro

Ken Munro is a successful entrepreneur and is founder and partner in Pen Test Partners, a partnership of like-minded professional penetration testers all of whom have a stake in the business. He takes a key role in conducting investigations as well as encouraging team members to pursue their own research, the results of which are published on the company blog and in the wider media. Ken has a wealth of experience in penetration testing but it’s the systems and objects we come into contact with on an everyday basis that really pique his interest. This has seen him hack everything from hotel keycards, to cars and a range of Internet of Things (IoT) devices, from wearable tech to children’s toys (Cayla) and smart home control systems. Ken has been in the infosecurity business for 15 years.

Andrew Tierney

Andrew Tierney is a security consultant at Pen Test Partners. Prior to this he gained notoriety for his blog where he documented his findings regarding embedded systems such as routers, intruder alarms, thermostats, IP cameras, and DVRs. He expanded his skills into the realms of IoT web applications and mobile applications before joining the team. With a background in electronic engineering, Andrew employs some novel techniques for attacking embedded systems, such as simple and differential power analysis, firmware recovery, and glitching attacks. He has experience in both writing and disassembling a multiple of architectures, including ARM, MIPS, x86, AVR, and PIC, he is capable of reverse engineering a wide spectrum of devices from the smallest 8bit microcontoller up to the latest Android phones.

Dinis Cruz

Dinis Cruz is a renowned application security expert who is passionate about creating Application Security teams and providing Application Security assurance across the Software Development Lifecycle (from development, to operations, to business processes, to board-level decisions). His focus is in the alignment of the business’s risk appetite with the reality created by internally developed applications. He is also an active Developer and Application Security Engineer. A key drive of his is to 'Automate Application Security Knowledge and Workflows' which is the main concept behind the OWASP O2 Platform.

RSVP

This event is free to attend for both members and non-members of OWASP and is open to anyone interested in web application and information security. Please note that you MUST book your place to be admitted to the event by the building security. 

Share with friends
Date and Time
Location

Skype(Microsoft) London

2 Waterhouse Square

140 Holborn

London, United Kingdom

View Map

Save This Event

Event Saved