OWASP Ljubljana


Welcome to OWASP Ljubljana

Welcome to OWASP Ljubljana chapter homepage. The chapter leaders are Boštjan Špehonja and Mitja Trampuž

Call For Speakers

Call For Speakers is open. If you would like to present a talk on Application Security at future OWASP Ljubljana Chapter events - please review and agree with the OWASP Speaker Agreement and send the proposed talk title, abstract, and speaker bio to the Chapter Leaders via e-mail.


The Open Worldwide Application Security Project (OWASP) is a nonprofit foundation that works to improve the security of software. All of our projects, tools, documents, forums, and chapters are free and open to anyone interested in improving application security.

Chapters are led by local leaders in accordance with the Chapters Policy. Financial contributions should only be made online using the authorized online donation button.

Everyone is welcome and encouraged to participate in our Projects, Local Chapters, Events, Online Groups, and Community Slack Channel. We especially encourage diversity in all our initiatives. OWASP is a fantastic place to learn about application security, to network, and even to build your reputation as an expert. We also encourage you to be become a member or consider a donation to support our ongoing work.

We will be running a Chapter Meetup every 2-3 months with the option to have additional events such as hands-on workshops. It will be a mix of in-person and virtual meetups. All our upcoming events are announced on Meetup.

Upcoming meetings



Meet #3. Do WAFs make sense? - 21.3.2024 16:30 (Online)

  • Speakers: Gregor Ratajc, Matej Fajdiga
  • Description: You might have heard about ‘WAFs’ (web application firewalls) from someone cold emailing you a commercial offer, or you might have heard about mod_security. Not sure what they are about and how they “secure” you? Say no more. In this presentation, we will delve into the realm of Web Application Firewalls, sparked by encounters with commercial vendors and open-source solutions like mod_security. Join us as we unravel the intricacies of WAFs, understanding what and how they ‘firewall’, and some techniques on how to bypass them, all in an effort to demystify their role in today’s security landscape
  • Link: https://www.meetup.com/owasp-ljubljana-chapter/events/299194709/

Meet #4. Silent killers of web applications - TBA (Online)

  • Speakers: Adrien Žitko
  • Description: Injection attacks are a type of security vulnerability that can have devastating consequences. These attacks occur when an attacker manages to inject malicious data into your web application’s database, leading to a range of negative outcomes, including data breaches, data tampering, and even complete system collapse. OWASP identifies injection attacks as one of the most critical security risks facing web applications today.
  • Link: TBA

Past events

Meet #1. Opening session OWASP Ljubljana - Post quantum cryptography - 9.11.2023 16:30 (Online)

  • Speakers: dr. Nastja Cepak
  • Description: Kriptografija je učinkovit način za zaščito zaupnosti in celovitosti informacij ter zaščito informacijskih sistemov pred kibernetskimi grožnjami. Kvantno računalništvo grozi, da bo razbilo večino današnje kriptografske zaščite. Čeprav že prihajajo poročila o prvih poskusih zloma uveljavljenih kriptografskih algoritmov, kvantni računalniki, ki so na voljo ta trenutek, v splošnem še niso dovolj zmogljivi, da bi jih razbili.
  • Link: https://www.meetup.com/owasp-ljubljana-chapter/events/296853307/

Meet #2. Vulnerability Hunting With Static Analysis - 11.1.2024 16:30 (Online)

  • Speakers: David Petek
  • Description: Static application security testing (SAST) tooling is commonly used in CI pipelines to catch security issues early. However, I see it used much less often to manually hunt for vulnerabilities. Let’s say you found a vulnerable pattern in a million line code base and need to verify that there are no other cases, what do you do? In this talk I will try to convince you that if your answer is grep, then you are missing out. We will talk about SAST tooling, custom rules, custom tools and more.
  • Link: https://www.meetup.com/owasp-ljubljana-chapter/events/297258995/

Would you like your organization’s name here? Please get in touch with us!