Revontulenkuja 1, 02100 Espoo
The agenda of the next meetup has been published in the OWASP wiki (https://www.owasp.org/index.php/Helsinki#Chapter_Meetings) and registration is now open in Eventbrite (https://www.eventbrite.com/e/owasp-helsinki-chapter-meeting-28-tickets-19188815263).
Location: LähiTapiola, Revontulenkuja 1, 02100 Espoo
17:30 Welcome coffee
18:00 Opening words / Petteri Arola, OWASP Helsinki
18:05 How we feel about Bug Bounty, Leo Niemelä, CISO, LähiTapiola Group (in Finnish)
19:15 Security and "Modern" software Deployment, Rory McCune, Managing Consultant, NCC Group
20:30 Discussion continues in a local cafe / bar
Abstract of Rory's presentation:
Software deployment has moved a long way from the “walk to a shop and buy a physical disk” model that was prevalent in the 90’s. These days entire systems are deployed in the blink of an eye directly from a bewildering array of sources.
At the same time the threats posed by those who might target software developers and deployment ecosystems is increasing as the attacker community grows in size and looks for innovative ways to bypass security measures.
This talk is intended to look at the risk model inherent in the development and deployment models used in modern application development frameworks such as Node.JS and Ruby On Rails, and modern software deployment mechanisms such as Docker and examine specific potential security risks, along with discussion of how they could addressed
The event is free of charge and open to anyone. Please invite your friends too!