Sydney

From OWASP

OWASP Sydney Local Chapter

Welcome to the local Sydney chapter homepage. The chapter leader is Chris Gatford

funds to OWASP earmarked for Sydney.

Participation

Local OWASP Chapter meetings are FREE and OPEN to anyone interested in learning more about application security. We encourage individuals to provide knowledge transfer via hands-on training and presentations of specific OWASP projects and research topics and sharing SDLC knowledge. We the encourage vendor-agnostic presentations to utilize the OWASP Powerpoint template when applicable and individual volunteerism to enable perpetual growth. As a 501(3)c non-profit association donations of meeting space or refreshments sponsorship is encouraged, simply contact the local chapter leaders listed on this page to discuss. Prior to participating with OWASP please review the Chapter Rules.

Hi and welcome to the OWASP Sydney Chapter Page!

Currently we are looking for a venue and speakers to present at our informal sessions to the small group of 20 - 40 people.

Meeting

NEXT MEETING; Friday July 4th 2008, 6:00 pm - 8:00 pm

Please join us for a FREE networking and learning session:

Location

When: Friday, July 4th 2008, 6:00 pm - 8:00 pm Location: KPMG Auditorium (Located on the Ground floor at the rear) 10 Shelley Street (main entrance located on Sussex Street) Sydney NSW 2000

Agenda

6:00 - 6:20 Peer-to-Peer Networking with Tea & Coffee

6:20 - 6:30 Sydney Chapter News

6:30 - 7:30 Presentation

OWASP Sydney is very kindly being supported by KPMG in providing the venue and refreshments.

RSVP: [Chris@penetrationtester.com]

Presentation

'How the US Air Force is tackling Application Security

This presentation describes an application security strategy for large enterprise systems—what to look out for, and what you must do to ensure the successful rollout of the tools and services necessary to counter the dark side of cyberspace.

Over the past decade, the Department of Defense in general, and the US Air Force in particular, has transformed itself to better deal with 21st century warfare. The Air Force in fact has modified its stated mission to include cyberspace as one of the domains in which it will “fly and fight.” This type of shift in strategic thinking is critical for any organization to properly acknowledge and manage real-world threats against one of its most valuable assets: data.

Background: The Air Force recently funded its first Application Software Assurance Center of Excellence (ASACoE). Committed to becoming a thought and practice leader within DoD, the ASACoE proposes to manage software assurance awareness, education, policy, and governance Air Force wide. The expected outcome is a reduced threat-risk profile for each Air Force enterprise application subject to ASACoE oversight.

Speaker BIO: Major Bruce C. Jenkins, USAF (Ret.) is a Security Practice Director at Fortify Software, Inc., where his responsibilities include refining customer security requirements, managing Fortify product deployments and delivering security services.

Prior to joining Fortify, he spent 26 of his 28 years in the service leading people, managing projects, and dealing with technological and organizational change. His military experiences range from managing a small team of aircraft avionics technicians to commanding a communications unit supporting over 3,000 U.S. and international forces in Southwest Asia. Most recently, as Chief of Systems Security, 554th Electronic Systems Wing, he helped establish a nearly $13M budget for creating the Air Force’s first ever Center of Excellence for applications security.Bruce holds a BS in computer science from the University of Maryland and MS in operations research from the Air Force Institute of Technology. He is a Certified Ethical Hacker with countless hours of Internet surf time, where he has learned that paranoia is a perfectly legitimate state of mind.