OWASP Dorset

Welcome to the Dorset Chapter. Our chapter leaders are Daniel Warden, Mark Davison and Alexios Mylonas.

We are a welcoming and inclusive chapter no matter your background, our community is made up of cyber security professionals, students, enthusiasts and newcomers, all are welcome. We aim to educate, inform and entertain with every event.

Participation

Due to the current situation our events are entirely virtual until further notice.

Welcome to the Dorset chapter, whether this is your first time thinking about security, or you have been involved in security for decades; everyone is welcome. All events are free to attend thanks to the generous support of our sponsors. OWASP Dorset is a volunteer led and run chapter with everyone involved donating, their time and expertise including our attendees.

OWASP Dorset is a welcoming community, to facilitate inclusion we have a code of conduct to ensure everyone feels comfortable and benefits from participation. If you face any issues at an event or with one of our participants please contact one of the chapter leaders and we will endeavour to address your issue as swiftly as possible.

Event Sponsors

These organisations have generously supported one of our events

3-Sided-Cube WardenGroup Bournemouth University
Hays Digital Barclays Security Innovation

Speaking at OWASP Dorset Chapter Events

Call For Speakers is open - if you would like to present a talk on any aspect of cyber security at an OWASP Dorset Chapter event please review and agree with the OWASP Speaker Agreement and send the proposed talk title, abstract and speaker bio to the Chapter Leaders via e-mail. We also welcome people new to public speaking and can offer advice and coaching. We are a friendly and supportive community, come give your first talk with us!

Code of Conduct

We hope you enjoy our events, we care deeply about inclusivity and diversity so that OWASP Dorset is a comfortable and welcoming community for everyone. Please reach out to one of our chapter leaders if you have any feedback or would like to speak to us, we take these matters very seriously. You can find out more about our policies here.

Upcoming Events


Past Events


2021-02 Cyber Security Policing (Meetup #11)

Location: Online
Time: 19:00 - 20:00
Mantas Sasnauskas (Senior Information Security Researcher @ CyberNews)

— Mantas will be explaining how a recent Facebook phishing campaign was uncovered. (PDF)(VIDEO)

Chris Conroy (Cyber Protect Officer @ Dorset Police)

— Chris will be talking us through Cyber Pursue, Protect and Prevent (investigative, safeguarding and intervention strategies) as well as the type, scale and cost of crimes reported locally (Dorset) and nationally. (PDF)(VIDEO)


2020-11 OWASP Dorset CTF (Meetup #10)

Location: Online
Time: 18:00 - 21:00

— OWASP Dorset will be hosting an Online Capture the Flag event with Security Innovation.


2020-10 SemGrep (Meetup #9)

Location: Online Only
Time: 18:30 - 20:00

Talks

Bence Nagy (Software Engineer)

— Detect complex code patterns using semantic grep (PDF) (VIDEO)


2020-07 Security of Containers (Meetup #8)

Location: Online Only
Time: 18:30 - 20:00

Talks

Shruti Kulkarni (Enterprise Security Architect)

— Security of Containers (PDF) (VIDEO)


2020-04 Open Source Intelligence (Meetup #7)

Location: Online Only
Time: 18:30 - 20:00

Talks

Mark Davison (OWASP Dorset Chapter Leader) (VIDEO)

— Larabee the Reveal: Mark will reveal how to pop Larabee the only box which wasn’t beaten at the CTF

Miltiadis Kandias (Red Team Analyst)

— Red Teaming - OSINT - Phishing (PDF)


2020-01 Meetup Collider (Meetup #6)

Location: 1 Chaseside, Bournemouth BH7 7DA
Time: 18:00 - 21:00

Talks

Daniel Warden (OWASP Dorset Chapter Leader)

— Will walk us through OWASP Zed Attack Proxy (ZAP) (PDF)

Mike Warner (Software Engineer @ JPMC)

— Wireless De-auth attacks and handshake captures (PDF)

Anthony Grimes (Software Engineer @ JPMC)

— WebAuthn: A new standard in securing ourselves online (PDF)

Sophia McCall (Cyber Hunter)

— Hunted? Hunter! (An insight into my time on Hunted (Channel 4) as a cyber hunter, detailing the techniques we used to find the fugitives on the show)


2019-10 OWASP Dorset CTF (Meetup #5)

Location: 1 Chaseside, Bournemouth BH7 7DA
Time: 18:00 - 21:00

OWASP Dorset will be hosting a Capture the Flag event. It is scenario based and we would like to see people pairing up to tackle the challenges and share knowledge, we welcome all skill levels and have experienced volunteers on hand to provide advice guidance and clues! The event will open with a crash course on CTF strategy. We are very fortunate to be granted access to Bournemouth University’s cyber lab and equipment so all tools will be provided. Hope to see you there!


2019-09 Meetup Collider (Meetup #4)

TALKS:

Daniel Warden (OWASP Dorset Chapter Leader)

— An Introduction to OWASP - An introduction to OWASP what it does and how to make use of some of it’s resources from Daniel Warden & Mark Davison

Mark Davison (OWASP Dorset Chapter Leader)

— Making use of OWASP resources: Cheat sheets

James Riley (Specialist Penetration Tester Recruiter for ARM)

— Routes to becoming a Penetration Tester - A talk about the ways people come to penetration testing and how what you expect may not always be true. (PDF)

Mike Warner (Software Engineer @ JPMC) AppSec 101

–– A break down of the theory behind web application vulnerabilities and provides a handful of payload examples to exploit the most common weaknesses: SQL Injection, Cross site scripting (XSS), Path Traversal, and Command “OS” injection from Mike Warner


2019-06 Try Harder (Meetup #3)

Location: Barclays Eagle Lab - County Gates House, 300 Poole Road, Bournemouth, BH12 1AZ
Time: 1830-2100

TALKS:

Mark Davison (OSCP Certified Cyber Security Consultant @ Ronin IT Consulting Ltd)

— A whistle stop guide to preparing yourself for the OSCP (Offensive Security Certified Professional) certification from a recent graduate. (PDF)

Mantas Sasnauskas (Research Assistant and Student @ Bournemouth University)

— Mining data dumps and leaks for treasure - passwords, complexity and statistical data gathered from research conducted at Bournemouth University.

FEEDBACK

— A session to discuss what you would like OWASP Dorset to be doing, the type of content and style of events. Led by the OWASP Dorset Chapter Leads, we are keen to hear your thoughts.


2019-04 Cyber Kill Chains (Meetup #2)

Location: Executive Business Centre, Bournemouth University, 89 Holdenhurst Road, Bournemouth, BH8 8EB
Time: Doors Open at 6:30pm for registration, pizza, drinks and networking. The talks start at 7:15pm (we start on time), close meeting by 9.00pm

TALKS:

David P (Cyber Threat Intelligence Analyst Trained in the Royal Corps of Signals, David went onto Microsoft and then ICL (Fujitsu) as a network administrator, he later moved into Threat Intelligence.)

— Cyber Kill Chains: Understanding how intelligence works can give you the edge when your website, data or email service is being hacked. With a real life case study, we’ll be exploring three analysis tools - Cyber Kill Chains, Diamond Models and the Intelligence cycle. David will show how you can use these tools to understand what your adversary is actually doing, how close to ‘the Crown Jewels’ they’ve got, how to find their identity, their attributes and most importantly of all, what you can do to stop them. (PDF)


2019-01 Hello World (Meetup #1)

Location: 3 Sided Cube, Telephone House, 18 Christchurch Road, Bournemouth, Dorset, England, BH1 3NE
Time: Doors Open at 6:30pm for registration, pizza, drinks and networking. The talks start at 7:00pm (we start on time), close meeting by 9.00pm

TALKS:

Daniel Warden (OWASP Dorset Chapter Leader)

— OWASP Dorset Introduction, Welcome and News — OWASP Projects - Open Source Security at its finest(PDF) Overview of OWASP Projects Top 3 Flagship, Lab and Incubator | Focusing on how to fire up your stance on security with minimal investment.

Dr. Alexios Mylonas (Program Leader for the BSc (Hons) Forensic Computing and Security @ Bournemouth University. Lecturer in Computing.)

— I Know What You Did Last Summer: New persistent tracking mechanisms used in the wild Web Storage, Indexed Database API and Web SQL Database allow web browsers to store information in the client in a much more advanced way compared to other techniques, such as HTTP Cookies. They were originally introduced with the goal of enhancing the capabilities of websites, however, they are often exploited as a way of tracking users across multiple sessions and websites. The presentation will be divided into two parts. First, it will quantify the usage of these three primitives in the context of user tracking. This is done by performing a large-scale analysis on the usage of these techniques in the wild. The second part reviews the effectiveness of the removal of client-side storage data in modern browsers.(PDF])


Your support helps OWASP Dorset to put on events and atract speakers from around the world as well as helping us to engage the community and improve everyone’s Cyber Security Awareness.

Individuals

Becoming a supporter of OWASP Dorset is a great way to meet people, discover careers and support your community.

You can support OWASP Dorset in a variety of ways:

Attend our meetups and other events - the more people who attend our chapter events the more sponsorship we can atract and the better funded our chapter will be to keep bringing you great events.

Become a speaker - giving a talk at our meetups is a great way to get involved and share your knowledge, everyone has something new to teach us and we love to have a diversity of content. We also offer support and guidance on giving a talk if you fancy taking the plunge for the first time and aren’t sure what you’d like to talk about. We know you are working on some incredible things, we’d love to be able to share your knowledge and build a stronger, safer community.

Donate membership- You can support OWASP Dorset to put on events by becoming an OWASP member and donating your membership fee to us (we will receive up to 90%).

Donate - You can also donate directly to the Chapter

Businesses

Becoming a supporter of OWASP Dorset is a great way to gain brand recognition, demonstrate to customers and staff that you are serious about security, attract talent and boost your local community.

There are many ways you can help:

Donate space - Donate some of your work space, breakout areas or other space to an OWASP Dorset event. We will add your logo to the Event Sponsor section of our main webpage and thank you at the event, you are also welcome to operate a small booth at the event (subject to conditions)

Event Sponsor - Our event sponsors provide a specific one off donation to an individual event which will be used to supply that event with refreshments with any remaining funds going towards covering travel costs of speakers where appropriate and similar expenses. We will add your logo to the Event Sponsor section of our main webpage and thank you at the event, you are also welcome to operate a small booth at the event (subject to conditions)

Chapter Sponsorship - You can sponsor the Dorset Chapter and it’s activities in general by becoming a Chapter Sponsor either with a one off donation or regularly for a year or more. Your donation will help us to fund events, specifically; “Event Services, Catering, and Space for Chapter Meetings”. And in exceptional, Guest Speaker, cases travel expenses dependent on approval from the OWASP Executive Director. As a chapter sponsor we will place your logo on our main chapter page under the Chapter Sponsor heading and thank your company at our events. You will also be able to send representatives to attend the events operate a booth at events (subject to conditions).

Speaker – Encourage your staff to give a talk at one of our meetups, it’s amazing what businesses in Dorset are doing and how they are helping to protect against cyber threats, there is a huge amount of work being done in Dorset and sharing your knowledge helps to make us all stronger.

*Please be assured that the leaders of OWASP Dorset are volunteers who are not paid for their time or personal expenses. Speakers are also volunteers who are only reimbursed for expenses directly related to the event they are participating in, if they request it, but in most cases our speakers generously cover their own costs. You can read OWASP’s expense policy here and review OWASP’s finances here. As a chapter we can receive up to 90% of your donation with 10% going directly to OWASP Global.


Presenter Resources

OWASP Presenter Agreement

All presenters should review and agree to the OWASP Speaker Agreement

OWASP Powerpoint Templates