OWASP Helsinki
Welcome to the OWASP Helsinki Chapter
The plan is to meet at least three to four times a year, each lasting 1,5-3 hours (more active “hands” means more meetings). This chapter is based in the capital area and therefore the meetings will be in or around Helsinki. During COVID-19 Pandemic the events will be virtual.
If you wish to present at one of the meetings or have any other inquiries, please contact the chapter leaders and shortly describe the talk. (the contact details can be found in the bottom of the page). We encourage everyone to suggest ideas for presentation topics. The talks can be either a full talk (45-60min) or a lightning talk (~15min).
Participation
The Open Worldwide Application Security Project (OWASP) is a nonprofit foundation that works to improve the security of software. All of our projects, tools, documents, forums, and chapters are free and open to anyone interested in improving application security.
Chapters are led by local leaders in accordance with the Chapter Policy. Financial contributions should only be made online using the authorized online donation button. To be a SPEAKER at an OWASP chapter simply review the speaker agreement and then contact the local chapter leader with details of what OWASP Project, independent research, or related software security topic you would like to present.
Everyone is welcome and encouraged to participate in our Projects, Local Chapters, Events, Online Groups, and Community Slack Channel. We especially encourage diversity in all our initiatives. OWASP is a fantastic place to learn about application security, to network, and even to build your reputation as an expert. We also encourage you to be become a member or consider a donation to support our ongoing work.
Local News
- Meeting Location
- Everyone is welcome to join us at our chapter meetings.
Past Events
You may find more information about our past events at Meetup: https://www.meetup.com/OWASP-Helsinki-Chapter/events/past/
Chapter Meetings
OWASP Helsinki chapter meeting #42: Nov 30th 2021
Time: 18:00 - 19:20
Agenda
18:00 Opening words and news from OWASP - Pekka Sillanpää, Chapter leader, OWASP Helsinki chapter
18:20 Threat Modeling in 2021 - Adam Shostack, President, Shostack + Associates
OWASP Helsinki chapter meeting #41: May 11th 2021
Time: 18:00-20:30
Agenda
18:00 Opening words and news from OWASP, Pekka Sillanpää, Chapter leader, OWASP Helsinki chapter
18:05 A three part talk/demo about Zed Attack Proxy, Simon Bennett, ZAP Project leader
Part 1. Intro to ZAP for people who dont know it
Part 2. How to handle modern web apps
Part 3. Intro to the Automation Framework
20:00 QA and final words
OWASP Helsinki chapter meeting #40: March 16th 2021
Time: 18:00-20:30
Agenda
18:00 Opening words and news from OWASP, Pekka Sillanpää, Chapter leader, OWASP Helsinki chapter
18:15 Introduction to Juice Shop, Björn Kimminich, Chapter leader, OWASP German chapter
19:15 Trust considered harmful: Breaking dangerous trust relationships in modern web applications, Teo Selenius, Senior Security Specialist, Nixu Oyj
20:00 Questions and answers
OWASP Helsinki chapter meeting #39: Oct 22nd 2019
Time: 17:30-21:00
Agenda
17:30 Welcome coffee
18:00 Opening words, Chapter leader - OWASP Helsinki
18:05 Words from the sponsor, Juho Ranta, CTO, Second Nature Security (2NS)
18:15 OWASP SAMM2 - your dynamic software security journey, Sebastien Deleersnyder, OWASP SAMM project leader, Managing partner Application Security, Toreon
19:15 Break
19:30 Scaling up threat modeling, Mikko Saario, Security Architect, KONE Corporation
20:15 Trusted Computing - beyond the TPM, Ian Oliver, Senior Security Researcher, Nokia Bell Labs
21:00-> Discussions continue with Snacks, Refreshments and Sauna sponsored by 2NS.
Please register by 21st of Sep here (Note that the seats are limited)
OWASP Helsinki chapter meeting #38: Sep 3rd 2019
Location: Second Nature Security (2NS), Keilaranta 1 (auditorium Ankkuri), 02150 Espoo
Time: 17:30-21:00
Agenda
17:30 Welcome coffee
18:00 Opening words, Lasse Korvala, Chapter co-leader - OWASP Helsinki
18:05 Words from the sponsor, Juho Ranta, CTO - Second Nature Security (2NS)
18:15 What’s new in the ASVS 4.0, Josh Grossman, OWASP ASVS Project
co-leader, Head of Security Services, AppSec Labs.
![
19:15 Break
19:30 How to determine the security of a mobile authentication app,
Petteri Ihalainen, Senior Specialist, Traficom
![
20:15 If you like it then you shoulda put a TPM on it 🎵, Gabriela
Limonta, Security Researcher, Nokia
![
21:00 Snacks/BBQ, Refreshments, Sauna & Jacuzzi
Please register by 1st of Sep here (Note that the seats are limited).
OWASP Helsinki chapter meeting #37: May 21st 2019
Location: KONE, Keilasatama 5, 02150 Espoo
Time: 17:30-21:00
Agenda
17:30 Welcome coffee
18:00 Opening words, Pekka Sillanpää, Chapter co-leader - OWASP Helsinki
18:05 Words from the sponsor, KONE
18:10 Blockchains; How secure are they in practice in an IoT disrupted world and making the things secure, Onur Zengin, Senior Software Security Architect, KONE
18:50 Break: Snacks & Refreshments
19:20 Traficom’s security label for IoT consumer devices - goals and challenges (tietoturvamerkki), Juhani Eronen and Saana Seppänen, Traficom
19:50 Deploying a bug bounty / test automation environment for thousands of IoT devices with Kubernetes, Pekka Sillanpää, CTO and Teemu Huhtala, Senior SW engineer, Tosibox
20:30 Networking with peers
21:00 Discussions continue in Sauna/Jacuzzi on the top of Keilaranta 1 (neighbour building) sponsored by 2NS
Please register by 13th of May here (Note that the seats are limited).
OWASP Helsinki chapter meeting #36: Feb 12th 2019
Location: Veikkaus, Aku Korhosen tie 2, 00440 Helsinki
Time: 17:30-21:00
Agenda
17:30 Welcome coffee
18:00 Opening words, Pekka Sillanpää, Chapter co-leader - OWASP Helsinki
18:05 Words from the sponsor, Veikkaus
18:10 What Every Developer and Tester Should Know About Software Security, Anne Oikarinen, Senior Security Consultant, Nixu 1
18:50 Break
19:00 Security in Agile Development, Joakim Tauren, Application
Security Architect, Visma
19:45 OWASP Cornucopia - a live card game session, Veikkaus +
volunteers
20:15 Snacks & Refreshments
Please register by 10th of Feb https://www.eventbrite.com/e/owasp-helsinki-chapter-meeting-36-tickets-55288270706 (Note that the seats are limited).
OWASP Helsinki chapter meeting #35: Nov 6th 2018
Location: Second Nature Security (2NS), Keilaranta1 (auditorium Ankkuri), 02150 Espoo
Time: 17:30-21:00
Agenda
17:30 Welcome coffee
18:00 Opening words, Pekka Sillanpää, Chapter co-leader - OWASP Helsinki
18:05 Words from the sponsor, Juho Ranta, CTO - Second Nature Security (2NS)
18:15 Hunting for bounties in a web browser, Juho Nurminen, White Hat
Hacker, InfoSec Specialist - 2NS
![
18:45 Break
19:00 How to become a bug bounty hunter, Iiro Uusitalo, Cloud and Security Specialist - Solita
19:30 Running a successful bug bounty program, Thomas Malmberg,
Partner & Owner - Hackrfi ![
19:50 Short break
20:00 Panel & Discussion about bug bounty with Juho, Iiro and Thomas
20:30 Snacks & Refreshments
Please register by 4th of Nov https://www.eventbrite.com/e/owasp-helsinki-chapter-meeting-35-tickets-51465932991 (Note that the seats are limited).
OWASP Helsinki chapter meeting #34: Jun 12th 2018
Location: Eficode, Pohjoinen Rautatiekatu 25, 00100 Helsinki
Time: 17:30-21:30
Agenda
17:30 Welcome coffee
18:00 Opening words / Pekka Sillanpää, OWASP Helsinki
18:05 Words from the sponsor / Pekka Siltala-Li / Eficode
18:15 Perfectly secure API, Matti Suominen, Lead Security Consultant - Nixu
19:00 Break
19:15 Best friends: API security & API management, Antti Virtanen, Software Architect, Solita
20:00-21:30 Sauna, Snacks & Beverages
Please register by 10th of Jun https://www.eventbrite.com/e/owasp-helsinki-chapter-meeting-34-tickets-46690898735 (Note that the seats are limited).
OWASP Helsinki chapter meeting #33: Nov 14th 2017
Location: F-Secure, Tammasaarenkatu 7, 00180 Helsinki
Time: 17:30-21:00
Agenda
17:30 Welcome coffee
18:00 Opening words / Pekka Sillanpää, OWASP Helsinki
18:05 Words from the sponsor
18:10 Coping with GDPR requirements in development, Kira Ahveninen-Kuha, Lead, Data Protection and Cybersecurity Law, Nixu
19:00 Break
19:15 Integrating Privacy Work in Threat Modeling and Design Review, Antti Vähä-Sipilä, Principal Security Consultant, F-Secure
20:00 Panel & Discussion – Kira and Antti debate about privacy and GDPR with the audience
20:30 OWASP Helsinki DevSecOps Hackathon: Lessons learned, Pekka Sillanpää, OWASP Helsinki
21:00-22:00 Snacks & Refreshments
Please register by 12th of Nov here (Note that the seats are limited).
OWASP Helsinki chapter meeting #32: Sep 27th
If you are working in a DevOps team and want to get concrete ideas on how to integrate security into your CI/CD pipeline, this hackathon is a fun opportunity to learn by doing together with others.
More information here: OWASP Helsinki DevSecOps Hackathon
In summary, we familiarize and investigate (and of cource hack with) some nice open source tools, including:
- OWASP Dependency-Check (OWASP Dependency Check)
- ZAP Proxy (OWASP Zed Attack Proxy Project)
- OWASP DefectDojo (OWASP DefectDojo Project)
- DevSec hardening framework (https://github.com/dev-sec)
- Clair (https://github.com/coreos/clair)
The output of this hackathon is an OWASP wiki page describing what was achieved in the hackathon, possible commits to the tools’ repositories and future plans. If there is enough interest, we might organize “part 2” for this event in Autumn.
To participate in this event, it is recommended to have at least basic programming/scripting skills (python, ruby, bash, etc) and understanding of configuration management tools (puppet, salt, ansible, etc.). If you are interested to join or have questions, please send email to [email protected] by Jul 7th 2017 and a short description of your background. Tracks of the hackathon environment are tuned based on the skills and background of the participants.
The maximum of 15 seats are available for this event. The event is fully free of charge.
Location: Nixu, Keilaranta 15, 02150 Espoo
12:00 Hackathon starts
17:00-23:00 Hackathon continues after the work day as long as needed. Pizza and beverages available.
OWASP Helsinki chapter meeting #31: Jun 13th 2017
Location: Solita, Alvar Aallon katu 5, 00100 Helsinki
Time: 17:30-20:30
Agenda
17:30 Welcome coffee
18:00 Opening words / Pekka Sillanpää, OWASP Helsinki
**18:05 DevSec - Developers are the key to security, Antti Virtanen,
Software Architect, Solita
18:45 Break
19:00 Mobile Platform Security: OS (kernel) Hardening and Trusted
Execution Environment / Onur Zengin / Trustonic
![
20:00 OWASP Mobile Top Ten Risks 2014 - The New M10: ‘Lack of Binary
Protection’ Category / Bo Asklund and Rikard Kullenberg / Arxan
![
21:00 Networking and continue discussions in TBD location nearby
Please register at Eventbrite
OWASP Helsinki chapter meeting #24: March 25st 2014
Location: F-Secure, Tammasaarenkatu 7, 00180 Helsinki. Parking space is limited, public transport is strongly recommended. Ruoholahti station for metro, Länsisatamankatu stop for tram 8, Länsiväylä stop for buses from Espoo.
Time: 17:00-19:30
Agenda
17:00 Coffee and registration
17:20 Welcome /Petteri Arola, OWASP
17:30 Enhancing security through tight collaboration and automation /Kalle Hallivuori Presentation material: http://kato.iki.fi/owasp-pci-devops/
18:00 Continuous Security Testing in a Devops World /Stephen de Vries Download the presentation from our file page: image:OWASP-Continuous_Security_Testing.pdf
19:00 Demo of Burp Suite & HTTP API fuzzing automation with Python & Behave /Antti Vähä-Sipilä
19:30 Time to go to Pub (Amsterdam) and continue discussion there
Please register at Eventbrite
OWASP Helsinki chapter meeting #23: January 21st 2014
Location: HTC Keilaniemi, Keilaranta 13, 02150 Espoo
Time: 17:30-21:00
Agenda
17:30 Coffee and registration
18:00 Welcome /Petteri Arola, OWASP
18:05 Word from our sponsor /Nixu
18:20 The inner HTML Apocalypse - How MXSS attacks change everything we believed to know so far /Mario Heiderich
19:15 JSMVCOMFG - To sternly look at JavaScript MVC and Templating Frameworks /Mario Heiderich”’
20:15 QA
20.30 - 21.30 Discussion continues over snacks and refreshments
Please register at Eventbrite
OWASP Helsinki chapter meeting #22: November 19th 2013
Location: Aalto University, Hall S1, Otakaari 5, 02150 Espoo
Time: 18:00-21:00
Agenda
18:00 Registration
18:10 Welcome /Petteri Arola, OWASP
18:20 Word from our sponsor
18:30 Backgrounds of Eve in Digiland comic and cyber research in Aalto University /Timo Kiravuo, Aalto University
19:15 Break”’
19:30 Cyber crime response from CERT perspective and backgrounds of Finnish web site attacks /Jussi Eronen, CERT-FI
20:00 Methods in Finnish cyber crime police investigation and case example /Timo Piiroinen, National Bureau of Investigation (NBI)
20:30 Networking and discussion continues at same location
Please register at Eventbrite
OWASP EUTour2013: June 17th 2013
Location: HTC Keilaniemi, Keilaranta 15
Time: 16:00-19:00
Agenda
16:00 Registration & coffee
16:15 Welcome /Petteri Arola, OWASP
16:30 Word from our sponsor
16:45 Nokia responsible disclosure program /Omar Benbouazza-Villa, Nokia
Nokia has launched a responsible disclosure program recently. In this presentation we’ll go through experiences starting and running such a program as a part of enterprise application security program.
17:30 Social engineering /Gavin Ewan”’
Jac0byterebel is not your typical social engineering presenter. Out goes the snake oil sale of analysing the minutia of pop psychology and trying to squeeze out real answers to the questions asked during a real social engineering attack. In comes hard hitting accounts of social engineering attacks drawn from real sources but anonymised to protect the pwned.
19:00 Rounding up and discussion continues over food & drinks at same location
Please register at Regonline
OWASP Helsinki Chapter Meeting #21: April 24 2013
Location: KPMG, Yrjönkatu 23 B, 6. floor
Time: 18:00-20:00
Agenda
18:00 Opening words /OWASP
18:10 Word from our sponso /Mika Laaksonen, KPMG
18:15 OWASP project news /Petteri Arola, OWASP
Newsflash of new and rebooted OWASP projects.
18:45 Utilizing VAHTI software development guide (VAHTI-sovelluskehitysohje) /Antti Alestalo, KPMG
VAHTI software development guide was published January 2013. Antti will talk about how to best utilize this new guide. Link to the guide: http://www.vm.fi/vm/fi/04_julkaisut_ja_asiakirjat/01_julkaisut/05_valtionhallinnon_tietoturvallisuus/20130207Sovell/VAHTI_1_Sovelluskehityksen_tietoturvaohje_NETTI.pdf
19:15 Database self-defence /Mika Aronen, KPMG (in place of “HTML5 & security /SC5”
20:00 Official program ends and discussion continues over food & drinks at same location
Please register at Eventbrite
OWASP Helsinki Chapter Meeting #20: December 4 2012
Location: Nokia House, Keilalahdentie 4, Espoo
Time: 17:00-20:00
Agenda
17:00 Socializing time @ Nokia Lounge – Meet people & get to know your peer while having the opportunity to see Nokia product demos
18:00 Opening words /OWASP + HelsinkiJS
18:10 Word from our sponsor
18:20 Securing JavaScript based web apps /Erlend Oftedal
Single page web applications move much of the application logic to the client side. We now also see applications using JavaScript on the server side. How do we handle such applications from a security perspective? What problems are introduced and how do we handle them?
19:05 RESTful Security
Many applications rely on web services and ws-security for integration. But for more lightweight services with simpler protocols, REST is quickly gaining popularity. How do we secure REST services? What problems do we need to be aware of?
20:00 Official program ends and free debate continues at nearby location
CLOSED: Please register at Eventbrite
Please use the NORTH entrance when entering the Nokia campus
OWASP Helsinki Chapter Meeting #19: October 16 2012
Location: Fujitsu, Valimotie 16, Helsinki
Time: 18:00-20:00
Agenda
18:00 Opening words /Petteri Arola, chapter leader
18:10 Word from our sponsor /Fujitsu
18:25 Hybrid mobile application security and HTML5 with a focus on getUserMedia /Mikko Saario, Nokia
Both the mobile scene via “hybrid” apps and the so-called traditional web are evolving into the same direction – are the threats doing the same? Using mainly Windows Phone 7 (and some Qt) examples and demos, Mikko will take a look at the security aspects in mobile hybrid apps. The HTML5 demo will concentrate on some newly mainstreamed technologies such as getUserMedia.
19:10 Introduction to Oauth 2.0 + demo /Teemu Kääriäinen, Nixu
Teemu gives an introduction about Oauth 2.0 and takes a closer look at security aspects, implementation guidelines and compares Twitter, Facebook and Google implementations.
20:00 Official program ends and free debate continues at nearby location
Please register in Eventbrite http://www.eventbrite.com/event/4462882602
OWASP Helsinki Chapter Meeting #18: June 26 2012
Location: Kela, Nordenskjölkinkatu 12, Helsinki
Time: 17:30-20:00
Agenda
17:30 Opening words /Petteri Arola, chapter leader
17:45 Word from our sponsor /Kela
18:00 Helsinki Ruby Brigade intro
18:15 Ruby on Rails security - why could it fail
19:00 Panel discussion
19:45 Wrap-up
20:00 Discussion continues in a nearby pub Hadanka
Please register with petteri.arola(at)owasp.org
OWASP Helsinki Chapter Meeting #17: March 21 2012
Location: Marttakeskus, Malminrinne 1 B, 7. krs, Helsinki
Time: 17:30-19:30
Agenda
17:30 Coffee
17:40 Opening words /Petteri Arola, chapter leader
17:50 Web Application Access Control Design Excellence / Jim Manico, OWASP
Download the presentation from our file page: image:Developer_Top_Ten_Core_Controls_v4.1.pdf
19:30 Meeting ends and discussion continues over buffet and refreshments and there’s a possibility to bath in sauna too
23:00 Event ends
Please register with enroll(at)nixu.com
Tietoturvapäivä Turku: February 7 2012
’ Sovellusturvallisuus / Petteri Arola, OWASP’
Download the presentation from our file page: image:OWASP_esitys_tietoturvapäivä_Turku_20120207.pdf
OWASP Helsinki Chapter Meeting #16: October 18 2011
Location: Hall TU2, Tuas house, Otaniementie 17, 02150, Espoo
Time: 17:00-19:30
Agenda
17:00 Coffee and lock picking
17:30 OWASP - What is it?
17:45 Introduction to OWASP projects - OWASP Top Ten, ASVS - Testing guide - How OWASP relates to academic world
Download presentation from our file-page:
18:45 Break
19:00 Hacking demonstrations
19:30 - Discussion continues in a nearby public house
Please register with petteri.arola(at)owasp.org
OWASP Introduction to Turku AMK students: September 12th 2011
Introduction to Application security and OWASP / Petteri Arola, OWASP
OWASP top 10 and hacking demos / Pekka Sillanpää, OWASP
OWASP Helsinki Chapter Meeting #15: June 15 2011
Location: Itämerenkatu 11 - 13, Helsinki
Time: 17:30-19:30
’'’Agenda ‘’’
17:30 Welcome, Petteri Arola, Chapter Leader
17:35 Word from our sponsor Nokia
17:45 HTML5 Security, Ville Säävuori, Syneus
18:30 Break
18:40 Mobile Application Security, Ari Kesäniemi and Juhani Mäkelä,
Nixu
19.30 - Discussion continues in a nearby public house or terrace if it’s sunny
Please register with mikko.saario(at)nokia.com
OWASP Helsinki Chapter Meeting #14: February 22 2011
Location: Nixu Oy, Keilaranta 15, Espoo
Time: 17:30-19:30
Agenda 17:30 Welcome Petteri Arola, OWASP Helsinki Chapter Leader
17:35 Word from our sponsor Nixu Oy
17:45 OpenSAMM, Pravir Chandra /Fortify
18:30 Break
18:40 Threat modeling, Pravir Chandra /Fortify
19.30 - Sauna and refreshments from our sponsor
Please register with enroll(at)nixu.com
Download OpenSAMM presentation from opensamm.org 2
OWASP Helsinki Chapter Meeting #13: June 8 2010
Location: KPMG, Forum, Yrjönkatu 23 B 6th floor, Helsinki
Time: 17:00-19:30
Agenda 17:00 Welcome Petteri Arola, OWASP Helsinki Chapter Leader
’'’17:05 Word from our sponsor KPMG ‘’’
17:15 Agile secure software development, Antti Vähä-Sipilä / Nokia Oyj http://www.owasp.org/images/c/c6/OWASP_AppSec_Research_2010_Agile_Prod_Sec_Mgmt_by_Vaha-Sipila.pdf
18:00 ASVS (OWASP Application Security Verification Standard), Pekka Sillanpää / Nixu Oy
18:45 ESAPI (OWASP Enterprise Security API) demo, Anssi Porttikivi / KPMG
Download presentation from our file-page:
19.30 - Discussion continues at some nearby establishment
Please register with anssi.porttikivi(at)kpmg.fi
OWASP Goes! Locksport: April 20 2010
Location: Nsense Oy, Ahventie 4, Espoo
Time: 17:30-20:30
Agenda
17:30 Welcome Petteri Arola, OWASP Helsinki Chapter Leader
17:35 Word from our sponsor Nsense Oy
17:45 Introduction to Locksport (presentation in Finnish)
19:00 - Sauna and refreshments from our sponsor
’'’Please register with ilmoittautumiset##nsense.fi ‘’’
OWASP Helsinki Chapter Meeting #12: March 30 2010
Location: Helsingin Energia, Sähkötalo, Runeberginkatu 1, Helsinki
Time: 18:00-20:00
Agenda 18:00 Welcome Petteri Arola, OWASP Helsinki Chapter Leader
Download presentation from our file-page:
’'’18:05 Word from our sponsor Helsingin Energia ‘’’
18:15 3 different views on information security and social media applications
- information security in social media API’s, Antti Nuopponen/Nixu Oy
Download presentation from our file-page:
- Facebook apps, Markus Törnqvist/Fad Consulting
Download presentation from our file-page:
- Payment API’s, Tuomas Toivonen/Scred
Download presentation from our
file-page:
20.00 - Discussion continues at nearby establishment Bruuveri
Please register with antti##owasp.org
OWASP Helsinki Chapter Meeting #11: November 17 2009
Location: Nsense Oy, Ahventie 4, Espoo
Time: 18:00-20:30
Schedule 18:00 Welcome Antti Laulajainen, OWASP Helsinki Chapter Leader
18:05 Word from our sponsor Nsense Oy
18:15 Manual vs. Automated Code Analysis, Ari Kesäniemi, Senior Consultant, Nixu
Download presentation from our file-page:
19.00- Sauna and refreshments from our sponsor
Please register with ilmoittautumiset##nsense.fi
OWASP Helsinki Chapter Meeting #10: October 20 2009
Location: Tieto Oy, Ratamestarinkatu 7B, Helsinki
Time: 18:00-19:40
Schedule 18:00 Welcome Antti Laulajainen, OWASP Helsinki Chapter Leader
18:00 Word from our sponsor Tieto Oy
18:10 Distributed Services Security, Anton Panhelainen, Tieto Oy
Download presentation from our file-page:
18:40 Public Web Services Interface and Security, Pyry Heikkinen, Finnish Customs
19:40 Closure and move to Vltava
20:00 or so
- Enjoy Helsinki Vltava watering hole at own risk & cost near Helsinki Railway station
Please register with Pauli Kauppila pauli.kauppila##tieto.com or Mobile +358 400 870 324
OWASP Helsinki Chapter Meeting #9: May 12 2009
Location: Louhi Networks Oy, Itälahdenkatu 22 A, Helsinki
Time: 17:30-19:00
Schedule 17:30 OWASP latest activities Antti Laulajainen, OWASP Helsinki Chapter Leader
17:45 Word from our sponsor Louhi Networks
18:00 Panel discussion about application scanners
- Panel members includes representatives for Nixu Oy, KPMG Oy and Louhi Networks Oy
19:00 or so
- Enjoy local establishments at own risk & cost at Bar 52 near meeting location
Please register with Henri Lindberg henri.lindberg##louhi.fi
OWASP OWASP Goes! Viestimuseo: March 29 2009
’'’Location: Varuskunta, Takakasarmi, Viestimuseontie rak. 64, 11311 Riihimäki ‘’’
Time: 13:00-15:00
Viestimuseossa Riihimäellä, http://www.viestikiltojenliitto.fi/viestimuseo/ on maaliskuun loppuun WWII radiotiedustelua esittelevä erikoisnäyttely, josta voi löytyä ammennettavaa myös tämän päivän tietoturvatekniikoiden parissa työskenteleville. Koska OWASP:in tiimoilta löytyi kiinnostusta lähteä tutustumaan ko. näyttelyyn, museolle on varattu opastettu kierros maaliskuun viimeiselle sunnuntaille su 29.3.2009 klo 13:00 eli kokoontuminen museolla ko. aikaan.
Museo ja näyttely ovat auki myös muina aikoina, joten jos tämä aika ei käy, paikalla voi toki käydä muulloinkin.
Tarkemmat ajo-ohjeet ja yhteystiedot löytyvät museon kotisivuilta, http://www.viestikiltojenliitto.fi/viestimuseo/yhteystiedot.html
Museo sijaitsee Viestirykmentin vieressä, mutta varsinaisen varuskunta-alueen ulkopuolella, joten museokäynti ei vaadi kulkulupia alueelle.
Paikalle innostuvat hoitavat oman logistiikkaratkaisunsa & sisäänpääsymaksunsa.
Lisätietoja tarvittaessa timo.merilainen (ät) iki.fi
OWASP Helsinki Chapter Meeting #8: March 12 2009
Location: Samlink, Linnoitustie 9, Espoo (Leppävaara)
Time: 17:00-19:00
Schedule 17:00 OWASP latest activities Antti Laulajainen, OWASP Helsinki Chapter Leader
17:15 Introduction to Samlink, Jari Pirhonen, security director, Samlink
17:30 Methodology owner’s point of view: Information security as part of software development methodology, Topi Mattila, methodology manager, Samlink
18:15 Presentation from Finnish Tax Administration”, Petri Puhakainen, security director, Finnish Tax Administration
19:00 or so
- Enjoy local establishments at own risk & cost at Sello
Please register with Jari Pirhonen jari.pirhonen##samlink.fi
OWASP Introduction to startup firms: Thursday January 15th 2009
Location: Ravintola Korjaamo, Töölönkatu 51, 00250 Helsinki
Time: 18:00-20:00
Schedule 18:00 Introduction to OWASP by Henri Lindberg, OWASP Helsinki Active Visitor
- What OWASP is
- Examples of useful Tools and Documents
- OWASP in Finland
Presentation:
(Antti Laulajainen, OWASP Helsinki Chapter Leader was originally supposed to introduce OWASP)
18:15 Implementing application security in a Finnish startup by Henri Lindberg, Scred
- Henri Lindberg from Scred shares experiences and lessons learned
- How to make your web application more secure with minimal budget
Presentation:
18:30 or so
- Enjoy local establishments at own risk & cost
OWASP Helsinki Meeting #7: Tuesday November 11th 2008
Location: Nokia Ruoholahti, Itämerenkatu 11-13, 00180 Helsinki
Time: 17:00-18:30
Schedule 17:00 Welcome by Antti Laulajainen, OWASP Chapter Leader
- Current state and progress of OWASP Top 10 Finnish translation
17:20 Antti Vähä-Sipilä, Nokia: SAFECode
- Introduction and overview of SAFECode (The Software Assurance Forum for Excellence in Code)
- SAFECode publications
17:40 Juhani Eronen, CERT-FI: Lifecycle of a security vulnerability
- Microsoft MS08-067 (Vulnerability in Server Service Could Allow Remote Code Execution), its history (MS06-040) and exploitation.
Discussion
18:30 or so
- Enjoy local establishments at own risk & cost [cerveza, aqua con gas, etc]
PLEASE REGISTER WITH: mikko . saario at nokia . com (we have reserved snacks for 25 people)
OWASP Helsinki Web Hacking Workshop, Tuesday September 10th 2008
Location: Teleware / KPMG, Laajalahdentie 23, 6. floor, reception at the ground floor, 00330 Helsinki
Time: 18.00 - 20.00
Schedule
’'’18.00 Welcome and recent activities. Antti Laulajainen ‘’’
18.05 Web Hacking Workshop, Anssi Porttikivi, Senior ICT Advisor KPMG/Teleware
- KPMG Oy IT Security Advisory marketing presentation 15 min
- Web hacking exercises and demonstrations in a laboratory class (using WebGoat and WebScarab tools)
Snacks available. Send your reservations to Anssi’s mail address, [email protected]. Room for 20 participants.
Note! Be in time, because the reception closes at 18.
OWASP Goes! CERT-FI, Thursday, June 12th 2008
Location: Viestintävirasto, Itämerenkatu 3 A, 00180 Helsinki and One Pint Pub Santakatu 2, 00180 Helsinki
Time: 16.00 - 20.00
Schedule
’'’16.00 Welcome and recent activities. Antti Laulajainen ‘’’
16.10 Introduction of CERT-FI. Juhani Eronen, Information Security Adviser, CERT-FI
16.30 Vulnerability coordination. Juhani Eronen
- CERT-FI as a vulnerability coordinator
- Coordination examples
18.00 Possibility to continue the evening at the One Pint Pub
- If someone fancies a (self-financed) beer
Viestintävirasto asks those who wish to participate to the meeting to register in advance. For registrations please contact CERT-FI Unit Secretary Virpi Hienonen (virpi.hienonen(at)ficora.fi). The deadline is June 6, 2008.
OWASP Helsinki Chapter meeting/Get Together #6 Tuesday, May 13th 2008
Thank you for attending.
You can download the presentation herehttps://www.owasp.org/images/7/70/OWASP_HelsinkiChapter_130508.pdf
Coverage of the event in local news (Finnish only) http://mikropc.net/uutiset/index.jsp?categoryId=atk&day=20080514#w2008051411524012715
Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki and Ravintola Kaisla, Vilhonkatu 4, 00100 Helsinki
Time: 16.00 - 20.00
Welcome to spring meeting 2008.
Schedule
16.00 - 16.10 OWASP update. Antti Laulajainen
16.10-17.00 Notes From The field, OWASP tools and usage experiences, Jarkko Holappa & Antti Laulajainen
17.30 - 20.00 Drinks at Ravintola Kaisla (Bring Your Own Wallet)
Hope to see as many of you as possible!
OWASP Helsinki Chapter meeting #5 Tuesday, March 11th 2008
Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki.
Time: 18.30 - 20.30
Welcome to first meeting of 2008. OWASP Helsinki resumes activities after winter break.
We are pleased to have as a speaker Technology Manager of Nokia Product Security, Alexandr Seleznyov. His topic will be current state of application security.
Schedule
18.30 - 18.40 OWASP update. Antti Laulajainen
18.40 - 20.30 Current State of Application Security. Alexandr Seleznyov
Hope to see as many of you as possible!
OWASP Helsinki & RWSUG Seminar Tuesday, January 29th 2008
Location: IBM, Laajalahdentie 23, 00330 Helsinki. Time: 11.15 - 19.00
OWASP Helsinki and Rational and Websphere User Group Finland RWSUG are aiming to co-operate to raise application security awareness. OWASP Helsinki will have a presentation in RWSUG agility seminar. More information from http://www.rwsug.fi/default.asp?path=1,39,385
You can download the presentation here https://www.owasp.org/images/c/cd/RWSUG5_Agile_Security_Management.pdf
See program below. Most of it is Finnish only
- 11.15 Ilmoittautuminen alkaa
- 11.15-12.00 Buffet-lounas
- 12.00-12.10 Tilaisuuden avaus Jussi Jutila, Puheenjohtaja, RWSUG ry
KEYNOTE
- 12.10-13.30 Scaling Agile Software Development: Strategies for Applying Agile in Complex Situations Scott W. Ambler, Practice Leader Agile Development, IBM Canada
- 13.30-13.45 Kahvitauko
- 13.45-15.30 SOA liiketoiminnan näkökulmasta ja SOA toteutuksen näkökulmasta kansainvälisessa hankkeessa Kari Laine, IT Architect, IF ja Jarmo Laine, Senior Software Architect,Primasoft
- 15.30-15.45 Tauko
- 15.45-16.30 Ketterä tietoturvan hallinta ohjelmistotuotannossa Reijo Savola, VTT
- 16.30-17.15 Jazz Update IBM
- 17.15-19.00 Iltapalaa ja verkostoitumista IBM Forumissa
OWASP Helsinki Introduction to ISACA Finland Thursday January 24th 2008
OWASP Helsinki participated in ISACA Finland meeting to raise application security awareness among system auditors and inspectors. A presentation was held that introduced basic web techniques, some security issues, OWASP in general, OWASP projects and OWASP Helsinki chapter. You can download the presentation here: https://www.owasp.org/images/e/e4/OWASP_ISACA_20080124.pdf (Finnish Only)
OWASP Helsinki meeting #4 Fall 2007 with Mark Curphey, Tuesday, October 2 2007
Location: Ixonos, Hitsaajankatu 20, 00810 Helsinki.
Thank you for all participants and Mark from great presentation.
Coverage of the meeting in the local news (in Finnish): http://mikropc.net/uutiset/index.jsp?categoryId=atk&day=20071003#w2007100315112711629
We are delighted to have Mark Curphey - the OWASP founder and new head of Microsoft’s ACE (Application Consulting & Engineering) team in Europe
- to visit Finland and discuss web app security with us. Hopefully as many as of you possible can participate!
18:30 Welcome and recent Helsinki chapter activities. Antti Laulajainen
18:40 Naked Software Security. Mark Curphey
- Commentary on how to build secure software
- Thoughts on the industry
WELCOME!
OWASP Helsinki meeting #3 Summer 2007: “SOA, Web Services & XML Security”, Tuesday, June 5th 2007
Date: June 5th
Location: Smilehouse, Itälahdenkatu 22A (Stonesoft building), Lauttasaari.
Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/tietoturva_docview.jsp?f_id=1186167
19:00 Welcome & quick recap of recent OWASP activity and the Spring conference. Mikko Saario.
19:15 Gunnar Peterson, CTO Arctec Group and project lead for the OWASP “XML Security Gateway Evaluation Criteria”.
Gunnar will be visiting Finland to provide training via Tietoturva ry on this subject. Topics to be covered:
- XML Security Gateways
- Message level threats and security countermeasures in Web services
- OWASP XML Security Gateway Evaluation Criteria Project
20:15 “Real-life usage of OWASP tools”. Alexandr Seleznyov, Nokia Product Security.
(There is a chance Alex cannot make it. In that case we will discuss SOA stuff in more detail or just head off to bar earlier.)
20:45 Enter Bar 52… –> Enjoy (sponsored) beverages.
OWASP Helsinki meeting #2 Winter 2007, Web Application Firewalls, Thursday, February 22 2007
Thank you for the 29 participants, the speakers and the host - Nixu - for making this event happen!
Location: Nixu, Mäkelänkatu 91, 00601 Helsinki.
What are Web Application Firewalls (WAF), how do they work, what do they do and what don’t they do. Discussion and sharing of experiences of various technologies and products.
18.30 Welcome. Mikko Saario, Chapter Leader.
Today’s topic and agenda in short.
18.35 “Web Application Firewalls Technical Analysis”. Joakim Sandström, CTO nSense.
http://www.owasp.org/images/6/6a/Owasp_waf_joakim.pdf
- Technology
- Blacklisting & Whitelisting
- mod_security features
- Do’s and Don’ts
19.30 “The Core Rule Sets”. Ofer Shezaf, CTO Breach Security.
http://www.owasp.org/images/f/f4/The_Core_Rule_Set_-_Ofer.pdf
- WAF deployment and protection strategies
- Detection of generic web layer attacks
- Virtual patching
OWASP Helsinki meeting #1, Tuesday, Dec 12 2006 at Ernst & Young
The Helsinki chapter had the first meeting at Ernst & Young office in Elielinaukio 5 B. The agenda and the presentations for the meeting are below. We had a good turnout: 22 people were present i.e. all seats were taken - we were very happy to see all these people to be interested in application security issues.
Coverage of the meeting in the local news (in Finnish): http://www.tietoviikko.fi/doc.do?f_id=1083463
18:30 Welcome. What is OWASP and why OWASP Helsinki?
Mikko Saario made a short presentation about OWASP and the objective for the local Helsinki chapter.
19:00 Analyzing Threats (Olli Wiren; olli [at] juurihoito.org)
Olli Wiren discussed application related threats and corresponding security issues.
http://www.owasp.org/images/7/7c/Owasp-olli.pdf
19:45 Open discussion regarding OWASP Helsinki; what is expected or wished; how to go ahead and so forth.
There was a lively discussion regarding what type of activities should be arranged in the future. More details will follow…