OWASP Salt Lake

Local News

Meeting Location

Everyone is welcome to join us at our chapter meetings.

Category:OWASP Chapter


Example

Put whatever you like here: news, screenshots, features, supporters, or remove this file and don’t use tabs at all.


Past Events

See all recent events in MeetUp.

February 22, 2022 - Mobile App Pen testing

Thursday, January 12

  • Developer Training
  • Round Table Discussion

November 22nd and talked about:

  • OWASP’s new Top 10 2021
  • OWASP Top 10 is almost entirely categories now with SSRF the last Top 10 that sounds like a single vulnerability; most are collections of dozens of CWEs
  • XSS is now part of the broad injection category, but in some ways, a lot of these could be linked into even broader categories in the same way; there’s a lot of overlap as illustrated by a venn diagram that was shared, but it was for the 2017 Top 10
  • Lots of company’s use OWASP Top 10 for training
  • Top 10 can also be used for threat modeling/checklists or as a way to check tool/process coverage (e.g., does tool X find OWASP Top 10 A??)

September 29, 2021

  • Career progression in AppSec (from entry level up to technical tracks and management),
  • How participating in conferences and events (e.g., CTF) can help entry level candidates,
  • Impostor syndrom is common in this industry and we all often have to look things up or refresh our memory or learn something new,
  • How technical leaders provide value by “scaling their services” (helping others be more effective).