Our Committees

Chapter Leadership

• Kendra Ash - Chapter President
• Brian Myers - AppSecPNW Chair
• Benny Zhao - Treasurer
• Terry Tower - Mentorship Committee Chair
• Chelsea Willis - Chapter Meeting Committee Chair
• Samuel Lemly - Study Night Committee Co-Chair
• Allison Naaktgeboren - Study Night Committee Co-Chair
• Derek Hill
• David Quisenberry

Chapter Meetings

Purpose

Our Chapter Meeting committee is responsible for cultivating venues and speakers for our monthly chapter meeting.

Members

• Chelsea Willis - Chair

Opportunities

If you are interested in speaking at a chapter meeting, having your company host one of our meetings, or helping out with this committee please email [email protected].

AppSecPNW Conference

Purpose

Our AppSecPNW Conference committee is responsible for the planning of the AppSecPNW Conference.

Members

• Brian Myers - Chair

Opportunities

If you are interested in speaking at the conference, know a company who wants to sponsor, or helping out with this committee please email [email protected].

Membership and Community Outreach

Purpose

Membership and Community Outreach promotes our events, learns how we can be a better chapter for our membership and local companies, universities/colleges, and like-minded organizations.

Opportunities

If you are interested in reaching out to our members and community please email [email protected].

Mentorship

Purpose

The Mentorship committee helps match mentor and mentee pairs, recruit people to utilize our mentorship program, develop resources for learning, and check in with mentorship pairs.

Members

• Terry Tower - Chair

Opportunities

If you are interested in being a mentor or mentee, developing resources, or serving on this committee email [email protected].

Study Night

Purpose

The Study Night committee coordinates speakers/trainers/activities for our monthly study night.

Members

• Allison Naaktgeboren - Co-Chair
• Samuel Lemly - Co-Chair

Opportunities

If you are interested in practicing a talk, leading a hands on small group training, or serving on this committee email [email protected].

Mentorship

What It Is

We’re in the business of helping people grow. Whether you are a beginner, and expert, or somewhere in between, we want to help you develop as a professional. Our mentorship program runs for 6 months. We work to pair you with someone who has experience or is interest in the same area you are looking to mentor or be mentored. It’s about relationships, hands on keyboards, questions, advice. A lot of the program is what you make out of the relationship we seed you with.

How to Get Involved

If you are interested in joining our next mentorship class (starting Jan 2020), please contact one of our leaders in our chapter via email.

Resources to Help

Here is our resource guide for our mentorship program. It is very much a work in progress (and we would love your help if you want to throw some people hours at it).

Presentations

• 10 Things I Want to Show You about Wireshark, Kevan Vanhoff - April 2020

• So You Want to Teach Security? Bully for You!, John L. Whiteman - Dec 2019

• OAuth2-OIDC Single Page Apps, Jake Feasel - July 2019

• OWASP Top 10 for Javascript, Lewis Ardern - Apr 2019

• Breaching Cyber Security Industry, Ryan Krause - Mar 2019

• Building Security, Kendra Ash - Feb 2019

• Docker Exploits, Josh Farwell - Jan 2019

Podcasts

All of our podcasts can be found here:

Contact us if you know someone who would be a great podcast guests:

• Caroline Wong - What a Top Chief Strategy Officer Has to Say About Security These Days

• Jim Manico - “Kūlia I Ka Nu’u” to Be Your Best in Security

• Bruce Schneier - We Live in a Security and Privacy World That Science Fiction Didn’t Predict

• STÖK - What It Takes to Be a Good Hacker

• Terry Dunlap - IoT Security Starts with Getting Rid of Your IoT Devices

• Dr. Linus Karlsson - The Art of Managing Open So

• Terry Tower - Drones Be Hacked

• Andrew van der Stock - OWASP Executive Director - Our Software is the Firewall

• Simon Bennetts and Rick Mitchell - The Great Proxy Wars - ZAP vs. Burp Suite

• Eva Galperin - Director of Cybersecurity at the Electronic Frontier Foundation (EFF) - Go Look Where No One Else is Looking

• Glenn Bravy and Merritt Wilson - Secure Code Warrior - Are Some Languages More Dangerous Than Others?

• Jake King - Linux Cloud and Endpoint Security - Do It Wisely. Make it Easy

• Eric Higgins - Security From Zero: Practical Security for Busy People

• Mike Goodwin and Jon Gadsden - Threat Dragon is for Threat Modeling. Come Help Build It!

• Ashish Patel - Best Practices for Proactive Cloud Security

• Theresa Masse - Department of Homeland Security - Tips,Tricks and Free AppSec Services from the DHS - Stay Protected from the New Bad COVID-19 Actors

• John Andersen - The Easiest Way to Use Machine Learning for AppSec (DFFML)

• Tanya Janca - SheHacksPurple - Some of the Best AppSec Advice You’ll Ever Hear Here!

• Laura Chappell - Inspiring the Next Generation of Security People to Do Wireshark Packet Analysis on the Interplanetary Internet

• Kaliya Young - How We See Identity for Authentication Needs to Change

• U.S. Senator Ron Wyden (OR) - Election Security, Mind Your Own Business Act, Encryption Weakening, NSA Surveillance, FISA, SIM Swapping and STEM Initiatives

• Ian Melven - Playing the Long Game in Infosec

• Mark Curphey - Founder of OWASP - Security. Don’t Be Shy. Just Ask!

• Chad Holmes - CMD+CTRL Web Application Cyber Range

• Aaron and Ray - Application Security. It’s Really About the Code!

• Ryan Krause - Some Good Advice For Those Who Want to Become Pen Testers

• Patterson Cake - Overcoming Your Greatest InfoSec Adversary: You!

• Adam Shostack - Threat Modeling

• David Quisenberry & Ben Pirkl - OWASP Top 10 / Juice Shop Hack Session

• Alex Ivkin - Container Security

• Justin Angra - Intro to Chrome Exploitation

Videos

All of our videos can be found on our OWASP PDX YouTube channel here:

• Brian Myers - XXE for Dummies (or How to Make an XML Parser Send You Files) (OWASP Portland, Oregon)

• Wenjing Wu - Game to Dethrone: A Least Privilege CTF (OWASP Portland, Oregon)

• Dr. Wu-chang Feng / Nicholas Springer - Thunder CTF: Learning Cloud Security on a Dime (OWASP PDX)

• Roop Kaur - Automate OWASP ZAP (OWASP Portland, Oregon)

• Sam Lemly - Secure Code Warrior Tournament Overview (OWASP Portland, Oregon)

• Clint Gibler - Detect Complex Code Patterns Using Semantic Grep (OWASP Portland, Oregon)

• Brian Ventura - Crypto 101 (OWASP Portland, Oregon)

• Kevan Vanhoff - 10 Things I Want to Show You about Wireshark (OWASP Portland, Oregon)