OWASP Dorset

Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter Leader Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Chapter Sponsors

We welcome OWASP Corporate Members who would like to align themselves with the Dorset chapter, therefore contributing funds to our chapter and allowing us to host more events. Sponsor OWASP Dorset Chapter.

Event Sponsors

We also welcome donations from organisations for individual OWASP events, donations can be from providing event space to hosting a meetup or financial donation which is put towards providing refreshments at the event and providing a buffer fund to help the chapter support the community and allow us to bring in speakers from further afield.

3-Sided-Cube WardenGroup Bournemouth University
Hays Digital Barclays

Speaking at OWASP Dorset Chapter Events

Call For Speakers is always open - if you would like to present a talk on any aspect of cyber security at a future OWASP Dorset Chapter event - please review and ensure you agree with the OWASP Speaker Agreement and send the proposed talk title, abstract and speaker bio to any of our Chapter Leaders. We also welcome people new to public speaking and can offer advice and coaching. We are a friendly and supportive community, come give your first talk with us!

Code of Conduct

We hope you enjoy our events, we care deeply about inclusivity and diversity so that OWASP is a comfortable and welcoming community for everyone. Please reach out to one of our chapter leader if you have any feedback or would like to speak to us, we take these matters very seriously. You can find out more about our policies here.

Events

See Meetup for all our Past and Future events.


Past Events


2020-04 Lockdown (Meetup #7)

Location: Online Only
Time: 18:30 -20:00

Talks

Mark Davison (OWASP Dorset Chapter Leader) (VIDEO)

— Larabee the Reveal: Mark will reveal how to pop Larabee the only box which wasn’t beaten at the CTF

Milton Kandias (Red Team analyst )

— Red Teaming - OSINT - Phishing (PDF)


2020-01 Meetup Collider (Meetup #6)

Location: 1 Chaseside, Bournemouth BH7 7DA
Time: 18:00 - 21:00

Talks

Daniel Warden (OWASP Dorset Chapter Leader)

— Will walk us through OWASP Zed Attack Proxy (ZAP) (PDF)

Mike Warner (Software Enginerr @ JPMC)

— Wireless De-auth attacks and handshake captures (PDF)

Anthony Grimes (Software Engineer @ JPMC)

— WebAuthn: A new standard in securing ourselves online (PDF)

Sophia McCall (Cyber Hunter)

— Hunted? Hunter! (An insight into my time on Hunted (Channel 4) as a cyber hunter, detailing the techniques we used to find the fugitives on the show)


2019-10 OWASP Dorset CTF (Meetup #5)

Location: 1 Chaseside, Bournemouth BH7 7DA
Time: 18:00 - 21:00

OWASP Dorset will be hosting a Capture the Flag event. It is scenario based and we would like to see people pairing up to tackle the challenges and share knowledge, we welcome all skill levels and have experienced volunteers on hand to provide advice guidance and clues! The event will open with a crash course on CTF strategy. We are very fortunate to be granted access to Bournemouth University’s cyber lab and equipment so all tools will be provided. Hope to see you there!


2019-09 Meetup Collider (Meetup #4)

TALKS:

Daniel Warden (OWASP Dorset Chapter leader)

— An Introduction to OWASP - An introduction to OWASP what it does and how to make use of some of it’s resources from Daniel Warden & Mark Davison

Mark Davison (OWASP Dorset Chapter leader)

— Making use of OWASP resources: Cheat sheets

James Riley (Specialist penetration tester recruiter for ARM)

— Routes to becoming a Penetration Tester - A talk about the ways people come to penetration testing and how what you expect may not always be true. (PDF)

Mike Warner (Software Enginerr @ JPMC) AppSec 101

–– A break down of the theory behind web application vulnerabilities and provides a handful of payload examples to exploit the most common weaknesses: SQL Injection, Cross site scripting (XSS), Path Traversal, and Command “OS” injection from Mike Warner


2019-06 Meetup #3

Location: Barclays Eagle Lab - County Gates House, 300 Poole Road, Bournemouth, BH12 1AZ
Time: 1830-2100

TALKS:

Mark Davison (OSCP Certified Cyber Security Consultant @ Ronin IT Consulting Ltd)

— A whistle stop guide to preparing yourself for the OSCP (Offensive Security Certified Professional) certification from a recent graduate. (PDF)

Mantas Sasnauskas (Research Assistant and Student @ Bournemouth University)

— Mining data dumps and leaks for treasure - passwords, complexity and statistical data gathered from research conducted at Bournemouth University.

FEEDBACK

— A session to discuss what you would like OWASP Dorset to be doing, the type of content and style of events. Led by the OWASP Dorset Chapter Leads, we are keen to hear your thoughts.


2019-04 Meetup #2

Location: Executive Business Centre, Bournemouth University, 89 Holdenhurst Road, Bournemouth, BH8 8EB
Time: Doors Open at 6:30pm for registration, pizza, drinks and networking. The talks start at 7:15pm (we start on time), close meeting by 9.00pm

TALKS:

David P (Cyber Threat Intelligence Analyst Trained in the Royal Corps of Signals, David went onto Microsoft and then ICL (Fujitsu) as a network administrator, he later moved into Threat Intelligence.)

— Cyber Kill Chains: Understanding how intelligence works can give you the edge when your website, data or email service is being hacked. With a real life case study, we’ll be exploring three analysis tools - Cyber Kill Chains, Diamond Models and the Intelligence cycle. David will show how you can use these tools to understand what your adversary is actually doing, how close to ‘the Crown Jewels’ they’ve got, how to find their identity, their attributes and most importantly of all, what you can do to stop them. (PDF)


2019-01 Meetup #1

Location: 3 Sided Cube, Telephone House, 18 Christchurch Road, Bournemouth, Dorset, England, BH1 3NE
Time: Doors Open at 6:30pm for registration, pizza, drinks and networking. The talks start at 7:00pm (we start on time), close meeting by 9.00pm

TALKS:

Daniel Warden (OWASP Dorset Chapter Leader)

— OWASP Dorset Introduction, Welcome and News — OWASP Projects - Open Source Security at its finest(PDF) Overview of OWASP Projects Top 3 Flagship, Lab and Incubator | Focusing on how to fire up your stance on security with minimal investment.

Dr. Alexios Mylonas (Program leader for the BSc (Hons) Forensic Computing and Security @ Bournemouth University. Lecturer in Computing.)

— I Know What You Did Last Summer: New persistent tracking mechanisms used in the wild Web Storage, Indexed Database API and Web SQL Database allow web browsers to store information in the client in a much more advanced way compared to other techniques, such as HTTP Cookies. They were originally introduced with the goal of enhancing the capabilities of websites, however, they are often exploited as a way of tracking users across multiple sessions and websites. The presentation will be divided into two parts. First, it will quantify the usage of these three primitives in the context of user tracking. This is done by performing a large-scale analysis on the usage of these techniques in the wild. The second part reviews the effectiveness of the removal of client-side storage data in modern browsers.(PDF])