OWASP Nigeria

Local News

Meeting Location: Co-creation hub, 6th Floor, 294 Herbert Macaulay Rd, Lagos, Nigeria

Everyone is welcome to join us at our chapter meetings.

Chapter Meetings - 2018

June 2018 Event: OWASP Video Call - 10 Mistakes Security Engineers Make

'''Chapter Meeting - June 30, 2018 '''


' Saturday June 30, 2018
' Talks Start: 4:00PM
End: 5:00PM
(Nigerian time, GMT+1)


10 Mistakes Security Engineers Take
How can security engineers succeed and scale effectively?

To answer that question, we peeled back the different layers of the product security engineering role. We explored how the security engineer approaches projects, interacts with teams, trains developers, communicates with management, assesses business risk and tackles other problems. We theorized that it should be possible to identify simple, straightforward guidelines that product security experts can employ to work effectively and efficiently with product teams and organizations as they strive to build secure systems.

Post analysis, we arrived at a set guidelines which we’re calling the Don’ts (and Dos) of the trade.

June 28 2018 Event: Cyber Security Awareness: Protecting Accounts Against Hackers

'''Chapter Meeting - June 30, 2018 '''


' Thursday June 28, 2018
' Talks Start: 10:00AM
End: 2:00PM
(Nigerian time, GMT+1)


Cyber Security Awareness: Protecting Accounts Against Hackers
In this talk, Shehu Awwal, an experienced Cybersecurity, researcher will discuss Information and Data Security. He will demonstrate How Script Kiddies, Hackers, and Social-Engineers use different ways to get Information. He will provide in-depth analysis of attacker techniques like Spear Phishing, Phishing, Email Spoofing.

Shehu will also explain how Internet users in Nigeria can avoid scams perpetrated through Email, Text etc., Using OWASP references and prevention guides. Finally, the SEToolkit will be used to demonstrate how Network Attacks occur and how they can be prevented.

Chapter Meetings - 2017

December 2017 Event: OWASP Top 10 2017 Video Call - The Most Critical Web Application Security Risks Today

Chapter Meeting - December 15, 2017


' Friday December 15, 2017

' Talks Start: 4:00PM
End: 5:00PM


OWASP Top 10 2017 Video Call - The Most Critical Web Application Security Risks Today
Insecure software places critical infrastructure at risk inseveral sectors such as finance, healthcare, e-commerce, government, and thelist goes on. That places all users of such systems at risks like data theft,account impersonation, fraud etc.

The OWASP top ten is a de facto application securitystandard that outlines the ten most critical web application security risks.

The pace of change in technology has accelerated over thepast four years, and as such the OWASP top 10 has been completely refactored tocater to the latest web development technologies.

Please join us as we explore the top web applicationsecurity risks relevant to today's application developer, software engineer, orsystem administrator.

August 2017 Event: OWASP Top 10 Workshop Series - Understanding SQL Injection and XSS

Chapter Meeting - August 12, 2017


' Saturday August 12, 2017

' Doors: 12:00PM
Talks Start: 12:15PM
End: 2:30PM


Sponsors: cchub.png

OWASP Top 10 Workshop Series - Understanding SQL Injection and XSS
Please join us for the first workshop of our OWASP Top 10 series. In this exciting series, we will explore the top web application security vulnerabilities, and how to prevent them.

The OWASP Top 10 is a list of the most pertinent security issues that affect web applications today.

In this workshop, we will cover:

  1. OWASP Top 10 A1 (Injection): Injection flaws, such as SQL, OS, and LDAP injection occur when untrusted data is sent to an interpreter as part of a command or query. The attacker’s hostile data can trick the interpreter into executing unintended commands or accessing data without proper authorization.
  2. OWASP Top 10 A3 (Cross-Site Scripting, XSS): XSS flaws occur whenever an application takes untrusted data and sends it to a web browser without proper validation or escaping. XSS allows attackers to execute scripts in the victim’s browser which can hijack user sessions, deface web sites, or redirect the user to malicious sites.

Please try to arrive 15 - 30 minutes early.

Chapter Meetings - 2016

OWASP Lagos February Event

Chapter Meeting - February 13, 2016


' Saturday February 13 2016

' Doors: 12:00PM
Talks Start: 12:15PM


Sponsors: cchub.png    _inits.png

The inaugural OWASP Lagos, Nigeria meeting is taking place on Saturday February 16 at CC-HUB from 12:00PM - 5:00PM.

Hope to see you there.

There are three talks lined up including an Intro of OWASP and the chapter leaders:

Intro: Chapter leads - our background, how we got into security, stuff we're exploring or hope to learn and what we hope to achieve in starting OWASP Lagos. About OWASP: A look at OWASP, her objectives, some flagship projects (tools, guidelines, cheat sheets)

Talk 1: Introduction to OWASP ZAP

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. This talk will describe the tool and how to use it for validating web application security.

Talk 2: Exploiting a Vulnerable website to steal user credentials and gain root

This talk will describe how user authentication credentials can hijacked on a vulnerable website, using a practical demo. It will also demonstrate the compromise of a webserver hosting a vulnerble web application.

Talk 3: The OWASP Web Security Shepherd

The OWASP Security Shepherd project is a web and mobile application security training platform. Security Shepherd has been designed to foster and improve security awareness among a varied skill-set demographic. In this session we'll introduce the security shepherd and use it to learn SQL Injection . PLEASE BRING YOUR LAPTOPS.

Category:OWASP Chapter Category:Africa


Put whatever you like here: news, screenshots, features, supporters, or remove this file and don’t use tabs at all.