Upcoming OWASP Chapter Meetup Events (next 30 days)
August 13, 2020
Event: Hacker Days: How I created my own clone (from Blackhat)
Chapter: Bay Area
Time: 11:00 (US/Pacific)
This talk is inspired by an episode of Black Mirror. I will be demonstrating a live demo creating a bot who talks like me and can be used to impersonate me online and do social engineering. I will be showing a live demo of how to create such bots over text, voice or video and walk through various techniques which the attendees can use to create such smart social engineering attacks.
Github link:- https://github.com/titanlambda/identity-cloning
Tamaghna Basu, OSCP, GCIH, RHCE, CEH, ECSA, co-founder/CTO of neoEYED Inc. He has 15+ years of experience in cyber security domain. He is a mentor for Stanford Cyber Security Course and SANS certified mentor for the course – "Sec 504: Hacker Techniques, Exploits and Incident Handling". His main areas of research include AI/ML, Web app security and network pen-testing, exploit development, incident handling and cyber forensic. Being a software developer earlier, he worked in java, .net, ruby etc. and various domains like finance, insurance, gaming etc. He has won multiple hacking challenges and hackathons in the industry around the world from MasterCard, IBM, PwC, InMobi, NULLCON and more etc. He also presented in other security conferences like NULLCON, C0C0N, OWASP, ISACA etc. Tamaghna is one of the core members of NULL security community, he facilitates Chennai/Bangalore NULL Chapter, a frequent speaker of NULL and OWASP meets, conducted multiple hacking workshops in NULL HUMLA, Bangalore. He is an active member of security communities like honeynet, NAISG, DSCI, Clubhack etc. He also contributed to security magazines like Clubhack and ISACA journal. He has achieved various other certifications like Cyber Crime Investigation, Diploma in Cyber Law etc.
August 17, 2020
Event: OWASP Ottawa August 2020 Meetup
Time: 12:00 (Canada/Eastern)
Due to the COVID-19 (Coronavirus) pandemic our events will continue online on our YouTube channel.
Subscribe to our YouTube channel, set a reminder and you’ll get a notification as soon as we go live!
We will post information here and on all our other medias (email, twitter etc.) as we are closer to the date.
12:00 EDT PM: Technical Talks
2. OWASP DevSecOps Maturity Model
From a startup to a multinational corporation the software development industry is currently dominated by agile frameworks and product teams and as part of it DevOps strategies.
It has been observed that during implementation, security aspects can be missed. The OWASP DevSecOps Maturity Model, which is presented in the talk, shows security measures which are applied when using DevOps strategies and how these can be prioritized. With the help of DevOps strategies security can also be enhanced. Under the guidance of the forward-looking DevSecOps Maturity Model, appropriate principles and measures can defend against attacks.
In this session Timo will give an introduction and answer questions like when to use OWASP SAM and when and how to use DSOMM.
OUR SPEAKER: Timo Pagel, DevSecOps Consultant
Timo has been in the IT industry for over fifteen years. After being a system administrator and web developer in his early times, he became involved in OWASP. He now advises his clients on DevOps security, either hands on or as a trainer, with the focus on security test automation for software and infrastructure.
August 20, 2020
Event: AppSec, DevSecOps, and IoT - Oh My!
Chapter: Northern Virginia
Time: 18:30 (US/Eastern)
Abstract: It doesn't take much to realize that the world of IoT has exploded. How many now have a Ring doorbell and are using Alexa to control their homes? Sensors, indicators and trackers are everywhere and many times we are not even aware of it. But in a world where there is an ever-increasing threat landscape and more attacks then ever, where does security fit in? How do we balance convenience, speed and data integrity? And when we realize that behind every device is an application that will process that data and then communicate to another application, how do we ensure that those applications are secure? This is why Application Security and DevSecOps are so important in this space and make all the difference between success and failure.
Bio: Rob is currently a Global Application Security Sales Evangelist for HCL providing thought leadership for the application security space, particularly as it relates to DevOps and DevSecOps initiatives. Prior to this role, Rob was with IBM for 14 years with roles in Application Security Evangelism, Worldwide Sales Enablement, Tiger Teams and Field Services for the Management and Platform Segment offerings in IBM Cloud. Rob has worked with clients all over the world to help address their challenges in ways that bring a positive impact to the business bottom line. Rob has spoken at numerous events and conferences, including Evanta CISO Summits, THINK, InterConnect, DevloperConnect, IBM Top Guns and many customer events. Prior to IBM, Rob spent 13 years with 5 different companies working as a configuration management specialist with an emphasis on Rational tooling. Rob graduated from the University of Southern California with a degree in Aerospace Engineering and is an avid fan of college football. When not at work, Rob enjoys spending time with his family, serving with his church, running and cycling. You can connect with Rob via LinkedIn, Facebook and Instagram but the best way is by joining the “Robservatory” on twitter using the handle @Robservatory.
August 25, 2020
Event: AppSec Days - Summer of Security
Time: 13:00 (America/Montevideo)
OWASP Foundation estará realizando una nueva serie de eventos internacionales virtuales en el que los participantes podrán anotarse y realizar un nuevo training. Tener en cuenta que estos training son pagos, se realizarán todos a la misma vez (solo se podrá realizar uno de ellos en cada evento) y se dictan en Inglés.
August 26, 2020
Event: OWASP: CMD + CTRL Event!
Chapter: Las Vegas
Time: 18:00 (US/Pacific)
CMD+CTRL Cyber Range was a hit from our last year's event (https://www.meetup.com/OWASP-Las-Vegas-Chapter/events/263621436/) so we are doing this again!
OWASP Las Vegas and Security Innovation invite members to compete in the CMD+CTRL Cyber Range - intentionally vulnerable applications and websites that teach how to think like an attacker. Players have fun exploiting their way through hundreds of vulnerabilities while scoring points and moving up the leaderboard. Score at least 1,000 points, and you qualify for the gift raffle!
Want to start early? Prepare with courses, resources, success stories and a different
cyber range on Security Innovation’s Community Site.
Newbies - Join us to see how many vulnerabilities you can identify
Veterans - Come back to Shadow Bank and see what you missed
Register early to reserve your spot and get a sneak peek at our cheat sheets and FAQs! https://web.securityinnovation.com/owasp-las-vegas
Event: DevSecBots: Bot the Gap
Time: 20:00 (Asia/Singapore)
August 27, 2020
Event: Test your skills on the CMD+CTRL Cyber Range
Chapter: Oklahoma City
Time: 16:00 (US/Central)
Join your friends in the OWASP Oklahoma City chapter for a unique and challenging event featuring the CMD+CTRL Cyber Range on Thursday, August 27th starting at 4:00pm CT.
What is a Cyber Range?
CMD+CTRL Cyber Ranges are intentionally vulnerable applications and websites that tempt players to steal money, view their boss’s salary, buy expensive items for free, and conduct other nefarious acts. Hundreds of vulnerabilities, common to most business applications, lay waiting.
For each vulnerability you find, you’ll get points added to your score and climb the live leaderboard. Top scorers get prizes, but all players have fun!
Worried you won’t know what to do?
Don’t worry. We’ll provide cheatsheets and tips to get you quickly ramped up.
Register online at: https://web.securityinnovation.com/owasp-okc
Event: Speaker TBA - Contact us if interested
Chapter: Triangle Nc
Time: 18:30 (US/Eastern)
Event: OWASP Meetup - IAST & OSA
Chapter: Saint Louis
Time: 19:00 (US/Central)
Event: August Virtual Chapter Meeting
Chapter: Salt Lake City
Time: 12:00 (US/Mountain)
This month's meetup will be VIRTUAL, given current state of social distancing. Please join Wasatch AppSec Slack and suggest any additional topics.
Thanks to Hirevue (and Jake Schroeder) for providing the Zoom session.
Open Topics (TBD)
Open Forum, Admin Items
Jake Schroeder is inviting you to a scheduled Zoom meeting.
Topic: Wasatch AppSec Meetup
Time: Aug 27, 2020 12:00 PM Mountain Time (US and Canada)
Join Zoom Meeting
Meeting ID: 971 0262 6886
One tap mobile
+16699006833,,97102626886#,,,,,,0#,,808939# US (San Jose)
+12532158782,,97102626886#,,,,,,0#,,808939# US (Tacoma)
Dial by your location
+1 669 900 6833 US (San Jose)
+1 253 215 8782 US (Tacoma)
+1 346 248 7799 US (Houston)
+1 646 876 9923 US (New York)
+1 301 715 8592 US (Germantown)
+1 312 626 6799 US (Chicago)
Meeting ID: 971 0262 6886
Find your local number: https://hirevue.zoom.us/u/agbmrQNRl
Join by SIP
Join by H.323
188.8.131.52 (US West)
184.108.40.206 (US East)
220.127.116.11 (India Mumbai)
18.104.22.168 (India Hyderabad)
Meeting ID: 971 0262 6886