OWASP Hyderabad

Example

Put whatever you like here: news, screenshots, features, supporters, or remove this file and don’t use tabs at all.

##2024 Meetings

October OWASP Meet

OWASP Hyderabad Chapter October month meetup

We are excited to invite you to the upcoming OWASP Hyderabad Local Chapter Meeting in collaboration with ORBCOMM . This event is going to be an on-campus event bringing together cybersecurity enthusiasts, professionals, and experts to discuss the latest trends, best practices, and advancements in Application security. Event Details: Date: 5th Oct 2024 Time: Starts at 10:00 am IST Location: ORBCOMM,The Platina, Banjara Basthi, Jayabheri Enclave, Gachibowli, Hyderabad, Telangana 500032 Agenda Highlights:

9:30 AM to 10:00AM -Check-in for the registered persons for the meetup at ORBCOMM office 10:00AM to 10:10 AM -Keynote address and welcome by Owasp core team 10:15AM to 10:30AM -Keynote address by ORBCOMM leadership team. 10:30AM to 11:30AM- Session 1 Introduction to DevSecops and Container security Saikrishna Gobburi Co Chapter lead for OWASP Hyderabad has around 13 years of experience on Devops / SRE and Secops practices.

Break/Networking 11:45AM to 12:45PM - Session 2 Exploiting XXE and Remediation SM Krishna Reddy Padala is a Principal Cloud Security Consultant with OpenText has 15+ years of experience on Application Security,Penetration Testing and also an Certified OSCP Professional .

12:45PM to 13:00PM Q&A and closing notes Our guest speakers and facilitators are industry specialists who will share their insights, experiences, and knowledge to help you stay updated on the latest security practices and vulnerabilities.

August OWASP Meet

We are excited to invite you to the upcoming OWASP Hyderabad Local Chapter Meeting in collaboration with OpenText. This event is going to be an on-campus event bringing together cybersecurity enthusiasts, professionals, and experts to discuss the latest trends, best practices, and advancements in Appsec. Event Details: Date: 10th Aug 2024 Time: Starts at 10:00 am IST Location: Unit No. 301, 3rd Floor, Building 14, Mind Space IT Park, HITEC City, Madhapur, Hyderabad, Telanagana 500081 Agenda Highlights:

9:30 AM to 10:00AM -Check-in for the registered persons for the meetup at OpenText Campus 10:00AM to 10:10 AM -Keynote address and welcome by Owasp core team 10:15AM to 10:30AM -Keynote address by OpenText leadership team. 10:30AM to 11:30AM- Session 1 AI / LLM Pentesting OWASP top 10 risks for AI/LLM by Sai dutt Mekala (Opentext). Sai is an Application Security Enthusiast with a diverse skill set and deep interests in various facets of cybersecurity like network, cloud and AI/LLM. His expertise includes Secure Code Review , DAST, Threat Modelling, Penetration Testing, Supply chain security etc. His regular routine is recommending effective remediation’s to development teams, conducting thorough research on CVEs, performing architecture reviews, and implementing robust dependency scanning practices. Also, a part time bug bounty hunter on HackerOne with 75+ valid submissions to multiple organizations

Break/Networking 11:45AM to 12:45PM - Session 2 Security and Privacy by Design – A practical guide for Healthcare Domain by Bidesh (Innominds)

12:45PM to 13:00PM Q&A and closing notes Our guest speakers and facilitators are industry specialists who will share their insights, experiences, and knowledge to help you stay updated on the latest security practices and vulnerabilities.

February OWASP Meet

Welcome and Intro OWASP Team Topic by Expert : Mobile Security Framework - MobSF MobSF is an automated mobile application security testing environment designed to help security engineers, researchers, developers, and penetration testers to identify security vulnerabilities, malicious behaviors and privacy concerns in mobile applications using static and dynamic analysis. It supports all the popular mobile application binaries and source code formats built for Android and iOS devices. In addition to automated security assessment, it also offers an interactive testing environment to build and execute scenario based test/fuzz cases against the application. Ajin will cover the following in this session Walk through of the latest Static Analysis features Brand new MobSF iOS Dynamic Analyzer Analyzing and Defeating an Android ransomware at Runtime Solving Mobile app CTF challenges Adding MobSF to your CI/CD pipeline Speaker Profile:

A expert on Computer Security, Applied Security Research and Author of some of the well known open source security tools like Mobile Security Framework - MobSF, an automated pentesting platform for mobile applications OWASP Xenotix XSS Exploit Framework, an advanced cross site scripting detection and exploitation framework Droid Application Fuzz Framework, an android browser pdf fuzzing framework nodejsscan, a semantic aware SAST for Node.js web applications A special mention for OWASP Xenotix and MobSF by Ajin has been among the Top 10 Security tools by ToolsWatch for the years 2013, 2014, 2016 and 2017. He has been a regular in publishing of security research at notable security conferences around the globe including BlackHat Europe, BlackHat Asia, Hack In the Box, OWASP AppSec AsiaPac, OWASP AppSec EU, Nullcon, ClubHack, Sacon, c0c0n, Ground Zero Summit, Hack In Paris, and PHDays.

Past Events

##2021 Meetings

August OWASP Meet

OWASP Hyderabad Chapter August month meetup

The following talks are lined up for the day :

1. Overview of DLT and DeFi Vulnerabities - Dr David Utzke

This session will cover various attack vectors on distributed ledgers and DeFi DApps such as node network, smart contract, and oracle vulnerabilities.

About Dr.David: A consultative thought leader in distributed ledger technology, digital assets, DeFi, Smart City Technology Integration Design, alternative payment systems, and crime prevention.Dr.David Utzke has spent the past 30 years in the digital asset and distributed ledger ecosystem as a researcher, academic, and user.

1. DevSecOps build Failure enablement with Powershell- Mr.Krishna Reddy Padala

About Mr.Krishna Reddy Padala: 12 + years’ of experience with Application Security , Source Code Reviews and Network Vulnerability Assessments and DevSecOps.He is an OSCP, CISM, AWS Security Specialty Certified, Masters in Technology (CSE), Helping companies to secure their data, code and applications with Fortify on Demand. He is currently working as a Technical Solutions Consultant at Micro Focus.

April OWASP Meet

OWASP Hyderabad Chapter (https://owasp.org/www-chapter-hyderabad/) April 2021 month meetup

The following talks are lined up for the day :

1. Often Missed Critical Vulnerabilities - Mr. Sarwar Jahan

This talk intents to cover the Various Critical Vulnerabilities which are often missed by Internal Security Testers and Developers will be explained.

There exist many Critical Security flaws which cost the target application/organization a huge amount as well as reputation damage. Explanation of such Critical vulnerabilities and steps on identifying them

About the speaker: Sarwar Jahan is Associate Manager - Information Security working for Gainsight. He has presented sessions in Owasp security community and Null.

Sarwar works significantly on leading Bug Bounty platforms and also participates in Ethical Hacking community activities

1. Cloud security, past, present and future - Mr. Prashanth Kumar

The talk is intended to cover the aspects of Cloud Security. Cloud security, past, present and future.

• different security controls

• security and privacy

• Data security

• Different encryption modes cloud offers

• compliance

• finally future security

About the speaker: Mr. Prashanth Kumar with 17+ years’ experience in IT. Started my carrier as developer and then moved onto different roles such as Technical Lead & Technical architect. Holds different Microsoft/ Citrix certifications along with trained “Microsoft certified trainer”

Currently associated with Fortune 100 Global retailer giant as Cloud Architect/Bigdata Lead, focusing more on Microsoft Azure and Google Cloud comprises of Network, architecture, security, compliance etc.

Also provides consulting and conducts web sessions for tech community primarily on Microsoft Azure

##Feb -2020-OWASP Hyderabad Meetup

Organized by : OWASPHyderabad Date : 15/Feb/2020 Event : 10.00 AM to 03.00 PM IST Venue : OpsRamp Hyderabad 1st & 4th Floor, Plot No. 20, Survey #12, Legend Platinum, Kothaguda, Kondapur Hyderabad, TS 500084, India Phone: 040-48500563, 040-48554949

Agenda:

Strengthening the cybersecurity defences using MITRE Attack Framework About speaker: Sartaj is a Security Advisor, Pentester. He has around 8+ experience who is actively involved with projects including Threat Modelling,Secure SDLC. He is majorly working on Cloud Security with a primary focus on AWS and Azure.

Automate and Exploit multi-step chained attacks for webapplications. About Speaker: Aqeel aka Ciph3r00t is a passionate Information Security Analyst with an overall 7+ years of hands-on offensive security experience. He holds OSCP, CEH and Masters’ degree in Computer Science & Engineering. He specializes in Web, Mobile & Cloud Applicaitons pentesting, Code Reviews and Network Security Testing. He also has been acknowledged by many globally renowned organizations including Apple, Microsoft, Google, SANS Inst, CERT-EU, Dell, SAP, Eset, Intel, LinkedIn, TrendMicro, Amazon, Blackberry, NASA and Department of Defense U.S for reporting security vulnerabilities.

SaaS Security

PMV Krishna Reddy is an Information Security Engineer(Level 2) at OpsRamp. He has 6+ years experience in the field of Information Security. He is a Post Graduate from Vels University, Chennai.

Jibin Jacob Jibin Jacob is an Application Security Engineer at OpsRamp. He has 2+ years experience in the field of Application Security. He holds a B Tech in Computer Science from Mahatma Gandhi University, Kottayam.

Nov - 2019 - OWASP Day Workshop

Organized by : Salesforce India Private Limited

Date : 23/Nov/2019

Event : 10.00 AM to 06.00 PM IST

Venue : Salesforce India Private Limited Block 5, DivyaSree Orion IT/ITES SEZ Survey 66/1 Panmakhta, Raidurg Village Serilingampally Mandal, Ranga Reddy District Hyderabad 500 032 India

Registration Link: https://www.meraevents.com/previewevent?view=preview&eventId=218015

Agenda :

Welcome and Overview by OWASP Core Team

Welcome note by Salesforce Information Security team

• The security model of the web
• Security fundamentals for HTTP applications
• Lab sessions
• Server-side Injection vulnerabilities
• Lunch Break
• Understanding XSS attacks and defenses
• Lab sessions
• Q\&A and conclusion
• Vote of Thanks
• Closing: Network Business / Announce Next Meeting – By OWASP Team
• Meeting Concludes: Network Social

Directions to Venue: Google Map Link

Aug - 2019 - One-Day Conference

Organized by : Broadridge Financial Solutions (India) Private Limited

Date : 31/Aug/2019

Timings : 9.00 AM Registration starts

Event : 10.00 AM to 06.00 PM IST

Venue : Broadridge Financial Solutions (India) Private Limited, Adjacent to Cyber Towers, Hi-Tec City, Madhapur | Hyderabad 500081 Telangana

Registration Link: https://www.meraevents.com/event/owasp-hyderabad-august-meet-2019

Mar - 2019 - One-Day Conference

Organized by : S\&P Global

Date : 09/Mar/2019

Timings : 9.00 AM Registration starts

Event : 10.00 AM to 06.00 PM IST

Venue : @Ness Software Engineering Services India ,LLP, 4th Floor, Block 5, East Tower, North wing Divyasree NSL Infrastructure Pvt, ,Sy No.66/1, Raidurgam Village, Serlingampally Mandal, RR Dist, Hyderabad-500032, Telangana, India

Registration Link: https://www.meraevents.com/event/owasp-hyderabad-chapter-march-2019-oneday-meet-by-sandp-global

Dec - 2018

Organized by : ThoughtWorks Technologies Private Limited

Date : 15/Dec/2018

Timings : 10.00 AM to 1.00 PM IST

Venue : ThoughtWorks Technologies Private Limited, Hyderabad, Telangana, India

Registration Link: https://www.eventbrite.com/e/owasp-hyderabad-december-2018-chapter-meet-tickets-53371662078#

Agenda:

1) All about Java Deserialization Vulnerability

Java Deserialization of untrusted data has been a security buzzword for the past couple of years with almost every application using native Java serialization framework being vulnerable to Java deserialization attacks. Since it’s inception, there have been many scattered attempts to come up with a solution to best address this flaw. In this talk we will focus on Java deserialization vulnerability and mitigation framework provided by Oracle in its latest JDK.

About Speakers: Venkata Suresh Sanga is a Principle Security Engineer in Oracle having more than 13+ years of experience in Application Development and Security. Currently working on SAST Tools to remediate or mitigate the Application Vulnerabilities. He has Masters in Computer Science (M.Tech) from Andhra University. Linkedin : https://in.linkedin.com/in/svsuresh-appse

Our Facebook URL: https://www.facebook.com/OWASPHyderabad/

Our Twitter URL: https://twitter.com/owasphyderabad

Our Telegram URL: https://goo.gl/EHqdLM

Sept-2018 - One-Day Conference

Organized by : S\&P Global and Ness

Date : 01/Sept/2018

Timings : 10.00 AM to 05.30 PM IST

Venue : @Ness Software Engineering Services India ,LLP, 4th Floor, Block 5, East Tower, North wing Divyasree NSL Infrastructure Pvt, ,Sy No.66/1, Raidurgam Village, Serlingampally Mandal, RR Dist, Hyderabad-500032, Telangana, India

Registration Link:

https://www.meraevents.com/event/owasp-hyderabad-september-2018-chapter-meet?ucode=organizer

Agenda:

Sponsor :

| | | | | ————————————————————— | —————————————————————— | —————————————————————— |

July - 2018[edit | edit source]

Time & Venue: @28/July/2018

CCD, Banjara Hills, Hyderabad, Telangana.

Agenda:

1. Planning for Sep 2018 OWASP meet - Done

2. Telegraph Group Mentoring - Done

3. Speakers Finalizing - Done

Attendees : Hyderabad OWASP Core Team


June - 2018

 Venue: coMakeIT Software Pvt Ltd

Address: 7th Floor, Block-I, My Home Hub, Hitech City, Madhapur, Hyderabad, INDIA

Event Start Time: Saturday, 23rd June, 2018 at 10:00 AM (IST)

Event Registration URL: https://tinyurl.com/yc9cb6hg

Agenda:

1) Adapting to DevSecOps in Agile World

In this talk, speaker will try talk about basics of DevSecOps and its benefits when we integrate it in Agile SDLC space.

2) Understanding the internals of ‘Server-Side Request Forgery’ (SSRF)

Here speaker will try to touch the basics about how application communicates with end devices and using the same he will try to explain SSRF issue and criticality of it, if exploited.

About Speakers:

1) Saikrishna Gobburi has around 8.5 years of work experience on QA automation, performance and security testing .Currently he is working as Principle engineer with Pramati technologies. He is also associated as core member with OWASP-Hyderabad. For more details please visit: https://www.linkedin.com/in/saikrishna-gobburi-b0088118/

2) Bhaskar Puppala is an Information Security Professional, working as a consultant for a fortune 500 company and has 8.5 years of experience. He is more interested in application security area and love to share his knowledge when possible. He also has some experience in bug bounty programs and listed on couple of Security Hall of Fames. For more details please visit : https://in.linkedin.com/in/bhaskar-puppala-3bb11316

Our Facebook URL: https://www.facebook.com/OWASPHyderabad/

Our Twitter URL: https://twitter.com/owasphyderabad

Our Telegram URL: https://goo.gl/EHqdLM

Mar - 2018

 Venue: Daspalla Hotel 

Address: Rd Number 37, CBI Colony, Jubilee Hills, Hyderabad, Telangana 500033, Phone: 040 6654 5678

Event Start Time: Saturday, 10th Mar, 2018 at 10:00 AM (IST)

Agenda:

1) Does your Pentesting cover all the basis of IT Security ?

This talk focuses on how to align the security validation of a web application with the three basic elements of security namely,Confidentiality,Integrity, and Availability (CIA). The test effectiveness can be achieved by analyzing the requirements of each element and identifying the potential breaches that can compromise each element. The efficiency should be built by relating these breaches with the known OWASP Top 10 and other vulnerabilities and, leveraging that knowledge to identify the testing approach - static and dynamic throughout the SDLC.

About Speakers:

Bhushan Gupta has over 30 years of experience in software engineering, 23 of which have been in the software industry. Although recognized for his contributions in the areas of software engineering such as agile processes and quality methods and metrics, Bhushan has taken a vigorous interest in web application security and is keen on applying pragmatic software development practices that yield a secure product. He is one of the leaders of the OWASP Portland Chapter. Bhushan has been a speaker, a panelist, and a reviewer for software quality and security organizations. As a change agent, Bhushan volunteers his time and energy for organizations that promote software security and quality. He has a MS degree in Computer Science from New Mexico Institute of Mining and Technology, Socorro, New Mexico, 1985.

Facebook URL: https://www.facebook.com/OWASPHyderabad/

Twitter URL: https://twitter.com/owasphyderabad

Telegram URL: https://goo.gl/EHqdLM

Registration URL: https://goo.gl/tEXnec

Feb-2018

Venue: coMakeIT

7th Floor, Block-I, My Home Hub, Hitech City, Madhapur, Hyderabad, INDIA

Time: Saturday, 03rd Feb, 2018 at 10:30 AM (IST)

Agenda:

1) Mobile Application Pentest & Mobile Application Ransomware

2) Using Static Analyser tools while coding

About Speakers:

1) Spv Reddy is an Application Security Analyst at IMImobile Pvt Ltd, member of National Technical Committee Member at National Cyber Safety and Security Standards

Also a Steering Committee Lead Member in National Information Security Summit.

2) Dathu Rachapudi is having 9 years of experience with 6+ years into Application Security only. He is currently working with ValueLabs as a “Technical Lead-Security”

He likes to teach and a happy a bug hunter during his leisure time.

Dec-2017

Time & Venue:

@15/Dec/2017

KFC location, Shilparamam, Hi-Tech city, Hyderabad

Agenda:

1. Planning for Jan 20th 2018 general OWASP meet - Done

2. Need to clear OWASP mail account - Done

Attendees : Hyderabad OWASP Core Team

Sec-2017

Time & Venue:

@03/Sep/2017

Cafe Coffee day, Road Number 10, Banjara Hills, Hyderabad

Below decisions were made after careful discussions

1. Uploading of OWASP presentation template, speakers should make use of this template to prepare their presentation

2. Recording the technical demo is mandate for presenters

Attendees : Hyderabad OWASP Core Team

July 2017

Time & Venue:

OpenText Technologies, Building No-14, 3rd Floor, Raheja  Mindspace, HITEH City, Hyderabad

Saturday, July 15th, 2017 at 10:30 AM (IST)

Agenda:

1. Introduction to DevOps and its Tools - Krishna Reddy Pedala

2. API Security Auditing using RESTED Plug-in - Vikas Kumar Pal

About the speaker:

Krishna Reddy Pedala is currently working as an Sr.Information Security consultant in financial sector. His previous endeavour was with Microsoft and has 9+ years of experience in Information security domain  with expertise in service industry and banking domains.

Vikas Kumar Pal is an information security professional working with Ceredox Technologies Pvt Ltd, Hyderabad with an interest in research and development in the areas of Application Security, Penetration Testing and Web Application Development.

Feb 2017

Time & Venue:

Starbucks, Opp: Cybergateway, HiTech City, Hyderbad

Monday, February 20th, 2017 at 7.30 PM (IST)

Agenda:

Topic: New Core Team Meeting

Road map for year 2017

Changes in core team members responsibilities

Getting OWASP accounts for core members

Administration of all social accounts of OWASP Hyderabad Chapter

April 2016

Time & Venue:

OpenText Technologies, Building No-14, 3rd Floor, Raheja  Mindspace, HITEH City, Hyderabad

Saturday, April 2nd, 2016 at 10:30 AM (IST)

Agenda:

Topic: Mobile application security and testing by Satish Kumar Patnaik

About the speaker - Satish Kumar Patnayak : he is currently working as an Senior Information Security Consultant financial sector and has 5+ years of experience in Information Security domain with different domain expertise in service industry and banking domains. His areas of interest are android security, ios security.

February 2016

Time & Venue:

Saturday, February 27th, 2016 at 10:30 AM (IST)

Location: Pramati Technologies Private Limited, Mid Town 6-3-348 Road No. 1, Banjara Hills, Hyderabad, Telangana, India

Agenda:

Microsoft Threat Modeling Tool 2016 by Krishna Reddy Padala

Creating DFD STRIDE Model Identifying STRIDE Threats by DFD, Mitigation Techniques and Technologies

About the speaker: Krishna Reddy Padala, he is currently working as an Senior Information Security Consultant financial sectore and worked with Microsoft and has 8+ years of experience in Information Security domain with different domain expertise in service industry and banking domains. QUALYS GUARD Certified Vulnerability Management Specialist.Certified Ethical Hacker from EC Council.Worked extensively on Web Application Security, Secure Code Reviews in Banking & Financial, Healthcare, Retail, Logistics domains.

Previous Meets:

May 11, 2013

Venue:

CA Technologies, 115, IT Park Area, Nanakramguda, Gachibowli - (Phone - 040 6687 8000), Hyderabad

Agenda: Exploiting Java 0-day by Ravindra and Raghuveer, CA Technologies Compliance and Governance by Shalem Raj, Cognizant.

February 9, 2013

’'’Date & Time: Saturday, February 9, 2013 from 10:00 AM to 1:00 PM ‘’’

Venue: CA Technologies 115, IT Park Area Nanakramguda, Gachibowli - (Phone - 040 6687 8000) Hyderabad

Agenda: IBM Appscan - An automated approach to web app security by Rohit Tamma Insecure Storage in iPhone applications by Satish Bommisetty

’’’ Speakers: ‘’’

Rohit Tamma Rohit Tamma has been working in the field of Application Security since 3.5 years. He has experience in Vulnerability Assessments and Penetration Testing of web applications. He is passionate about Mobile security with special interest in Android security. He is currently working with ADP.

Satish Bommisetty Satish is an Information Security Professional with 6.5 years of experience in penetration testing of web applications and mobile applications. He is currently working with ADP as a security analyst. He is a Facebook whitehat. He also reported vulnerabilities in Bing, Linkedin and Paypal.

October 27, 2012

’'’Date & Time: Saturday, October 27, 2012 at 11:00 AM (IST) ‘’’.

Venue:

Invesco private Limited 15th Floor , North Block, Beside Raidurg Police Station DivyaSree Orion SEZ Hyderabad, Andhra Pradesh 500032

Agenda:

A bird’d eye view of securing Web Applications by Imran Mohammed

SSDLC BSIMM by M S Sripathi

’’’ Speakers ‘’’

Imran Mohammed

Mohammed Imran works as Researcher at TCS, Innovation Labs. He also leads the Null Hyderabad chapter and is the Board member of OWASP Hyderabad Chapter. Imran is a CEH and his interests include application security assessment, penetration testing and secure code review. When not at work he practices horse riding and marksmanship.

’'’Sreepati M S ‘’’

Sripati (http://www.sripati.info/) has little study, moderate & varied experience (dev-2 yrs., security-4+ yrs.), and lots of aspirations (as far as security goes, at least). He started his career in web-application development, then took a detour towards quality compliance for some time (~6 months) and later moved to security compliance. Still learning the ropes, he believes there is so much to learn and so little time! Interested in web-app security (as if ISMS implementation is not enough), so that says something about his guts! He thinks OWASP is a very good platform for web-app people, and that since he joined OWASP, he has learnt a lot from people around him .

Sponsor

Invesco Pvt Ltd

August 11, 2012

’'’Date & Time: Saturday, Aug 11, 2012 at 10:30 AM ‘’’.

Venue:

ADP pvt ltd Kothaguda Ground floor, Block C Laxmi cyber city Opposite TCS e-park Hyderabad, Andhra Pradesh 500081 Agenda:

HTML5 Security Part II by Krishna Chaitanya

’’’ Speakers ‘’’

Krishna Chaitanya T

Krishna Chaitanya T is a web geek working at Security & Privacy Research Lab, Infosys Labs. He is very much passionate about the web with special interest on Web security and areas such as HTML5, JavaScript, Web browsers, social networking platforms etc. He is a regular blogger and speaker at technical events. For his contributions to technical communities, he has been awarded Microsoft MVP award for 3 consecutive years-ASP.NET MVP(2010) and Internet Explorer MVP (2011, 2012). He is also pursuing M.S by Research at IIIT-Hyd with focus on security aspects of the modern web. When not at work he practices Yoga and plays Chess.

Sponsor

https://www.owasp.org/images/9/91/Adp.jpg

May 19, 2012

’'’Date & Time: Saturday, May 19, 2012 at 10:30 AM ‘’’.

Venue:

Cognizant Technology Solutions, 3rd floor, Phase 2, DLF Building, APHB Colony,Gachibowli,Hyderabad

Agenda:

HTML5 Security by Krishna Chaitanya

’’’ Speakers ‘’’

Krishna Chaitanya T

Krishna Chaitanya T is a web geek working at Security & Privacy Research Lab, Infosys Labs. He is very much passionate about the web with special interest on Web security and areas such as HTML5, JavaScript, Web browsers, social networking platforms etc. He is a regular blogger and speaker at technical events. For his contributions to technical communities, he has been awarded Microsoft MVP award for 3 consecutive years-ASP.NET MVP(2010) and Internet Explorer MVP (2011, 2012). He is also pursuing M.S by Research at IIIT-Hyd with focus on security aspects of the modern web. When not at work he practices Yoga and plays Chess.

February 25, 2012

’'’Date & Time: Saturday, February 25, 2012 at 11:00 AM ‘’’.

Venue:

Cognizant Technology Solutions, 3rd floor, Phase 2, DLF Building, APHB Colony,Gachibowli,Hyderabad

Agenda:

How to find zero days in web applications by Imran & Raghunath

’’’ Speakers ‘’’

Mohammed Imran

Imran works as Application Security Researcher at Tata consultancy services,leads the Null Hyderabad chapter and is the Board member of OWASP Hyderabad Chapter. Apart from his day job he contributes to matriux and Fedora open source projects. Imran is a CEH and his interests include application security assessment, penetration testing and code review.

Raghunath

Raghunath works as a senior security engineer at entersoft information systems private limited. His interests include web application penetration testing.

December 17, 2011

’'’Date & Time: Saturday, at 10:30 AM ‘’’.

’'’Venue: ‘’’

Hotel Sitara Grand Road No.12, Road No.12, Banjara Hills Hyderabad, Andhra Pradesh 500034, India

Agenda:

Cloud Security by Arshad Noor

’’’ Speakers ‘’’

Arshad Noor Chief Technology Officer StrongAuth, Inc., Sunnyvale, California

Started his great profession as a senior systems designer way back in 1986 at Port Authority of Newyork and New Jersey,- Newyork and worked in Citibank - newyork as Vice President apart from Newyork Life Insurance, BASF Corporation, Sun IT ,Sun Microsystems, INC to name. Architected and built several Public Key Infrastructure (PKI) assignments for several defense, communication, medical, Banking, e-commerce, life sciences and other industries.

November 12, 2011

’'’Date & Time: Saturday, at 10:30 AM ‘’’.

Venue:

Cognizant Technology Solutions, 3rd floor, Phase 2, DLF Building, APHB Colony,Gachibowli,Hyderabad

Agenda:

HP WebInspect by Rohit Tamma

Pentesting Iphone Applications By B Satish

’’’ Speakers ‘’’

Rohit Tamma

Rohit Tamma (CEH) has been working as a Application security Analyst in TCS from past 2 years. His job responsibilities include Vulnerability Assessment and Penetration Testing which enabled him to acquire extensive knowledge on HP WebInspect,IBM Rational Appscan Source Edition and HP Assessment Management Platform. Recently he also gave a presentation in Null Hyderabad meet on HP WebInspect.

Satish B

Satish has been working as a web application penetration tester since 5 years. Pentested over 200 web applications during this period. Recently he got involved in reverse engineering of binaries, WLAN security and mobile application hacking. He also Performed a couple of network assessments and source code reviews. Developed a compiler in the early stage of the career. He has a Bachelor’s Degree in Computer Science from JNTU, Hyderabad.Passionate about hacking and sharing knowledge.

20th August 2011

’'’Date & Time: Saturady, at 11 AM ‘’’

Venue:

Cognizant Technology Solutions, 3rd floor, Phase 2, DLF Building, APHB Colony,Gachibowli,Hyderabad

Agenda:

Oracle Padding Attack by B. Satish

Open SAM part II by Sripati MS

’’’ Speakers ‘’’

B Satish

I have been working as a web application penetration tester since 5 years. Pentested over 200 web applications during this period. Recently got involved in reverse engineering of binaries, WLAN security and mobile application hacking. Performed a couple of network assessments and source code reviews. Developed a compiler in the early stage of the career. I have a Bachelor’s Degree in Computer Science from JNTU, Hyderabad. Passionate about hacking and sharing knowledge

Sreepati M S

Sripati (http://www.sripati.info/) has little study, moderate & varied experience (dev-2 yrs., security-4+ yrs.), and lots of aspirations (as far as security goes, at least). He started his career in web-application development, then took a detour towards quality compliance for some time (~6 months) and later moved to security compliance. Still learning the ropes, he believes there is so much to learn and so little time! Interested in web-app security (as if ISMS implementation is not enough), so that says something about his guts! He thinks OWASP is a very good platform for web-app people, and that since he joined OWASP, he has learnt a lot from people around him

July 2011

’'’Date: 23/07/2011 saturady of at 12:00 Noon ‘’’.

Venue:

Cognizant Technology Solutions, 3rd floor, Phase 2, DLF Building, APHB Colony,Gachibowli,Hyderabad

Agenda:

Presentation on Burp Suite by Omair Seminar on Open SAM by Sreepati

’’’ Speakers ‘’’

’'’Sreepati M S ‘’’

Sripati (http://www.sripati.info/) has little study, moderate & varied experience (dev-2 yrs., security-4+ yrs.), and lots of aspirations (as far as security goes, at least). He started his career in web-application development, then took a detour towards quality compliance for some time (~6 months) and later moved to security compliance. Still learning the ropes, he believes there is so much to learn and so little time! Interested in web-app security (as if ISMS implementation is not enough), so that says something about his guts! He thinks OWASP is a very good platform for web-app people, and that since he joined OWASP, he has learnt a lot from people around him

’'’Omair ‘’’

Omair works as penetration tester in NII consulting, has over 5 years of experience in Penetration testing. His interests include Network Penetration testing, Exploit generation and Reverse engineering

’ Facility Sponsor & Refreshment sponsor’

3i Infotech

june 2011

Meet on: 11/06/2011 saturday

Venue:

Cognizant Technology Solutions, 3rd floor, Phase 2, DLF Building, APHB Colony,Gachibowli,Hyderabad

Facility Sponsor & Refreshment sponsor Cognizant Technology Solutions

May 2011

Meet on: 07/05/2011 saturday

Venue:

Cognizant Technology Solutions, 3rd floor, Phase 2, DLF Building, APHB Colony,Gachibowli,Hyderabad

Agenda:

XSS Autopsy and w3af by Imran

’’’ Speakers ‘’’

Mohammed Imran

Imran works as Application Security Researcher at Tata consultancy services,leads the Null Hyderabad chapter and is the Board member of OWASP Hyderabad Chapter. Apart from his day job he contributes to matriux and Fedora open source projects. Imran is a CEH and his interests include application security assessment, penetration testing and code review.

Sponsor Cognizant Technology Solutions

Audio/Video/Slides Archive

NOTOC

Category:OWASP_Chapter Category:Asia/Pacific/Middle East Category:India Category:Hyderabad