It was the first meeting of the OWASP Bangalore Chapter that I was attending. The meeting was scheduled at 9am at the India Coffee House on Church Street in Bangalore. Although, the location was not the most suitable, especially keeping in mind that that presentations on App Sec and other Info Sec related issues would be part of the meeting. Nevertheless, it was nice seeing some energy from this chapter.
Rajiv Vishwa's was the only presentation on using Firefox as the ultimate App Sec assessment tool. Rajiv demonstrated the use of several Mozilla Addons like Tamper Data, XSS-Me, SQL Inject-me demoed over Webgoat to a small group of dedicated OWASPers in Bangalore. It was an interesting presentation, which highlighted the fact, that there are several tools for performing AppSec assessments and a pen-tester would never really have to leave the comfort of the browser to perform security testing for applications. Mozilla provides several other addons like Firebug, FoxyProxy, etc, which allow the easy assessment of web applications. Although Rajiv had to leave early, I took over and we discussed talked more AppSec. I stressed on the use of exploit frameworks like Metasploit for Pentests and also discussed how Application development needs to be given the impetus, it so badly deserves from the security standpoint. We signed off on a positive note.
The Bangalore Chapter has some great energy going but needs a lot more to live up to the reputation of being the OWASP Chapter in the Silicon Valley of India. It would be great to see more Bangaloreans interested in AppSec and InfoSec attend the Chapter meets and play an active role in the development of this community. I will try and get in touch with the ISACA Chapter in Bangalore for some joint meetings and meeting space. Hopefully, things should go well on that front. I would request anyone part of the OWASP Bangalore Mailing list to actively participate and probably initiate some action on the location issue for the chapter. There is a nice quote which I would like to share with all of you, "I ask not for lighter burden, but for stronger shoulders".
Thanks
No comments:
Post a Comment