OWASP San Antonio

Welcome

Welcome to OWASP San Antonio Chapter, a regional city chapter within OWASP. Our Chapter serves San Antonio region as a platform to discuss and share topics all around information and application security.

Anyone with an interested and enthusiastic about application security is welcome. All meetings are free and open. You do not have to be an OWASP member.

Referrals to this website or to individual meetings to colleagues or acquaintances are welcome.

What’s going to happen?

To be announced via our OWASP San Antonio Chapter Meetup Group. We usually have a talks that related to information and application security.

Further Notes

Please join our OWASP San Antonio Chapter Meetup Group for timely updates on our OWASP Chapter San Antonio Meetup.

Upcoming Events

🎉OWASP San Antonio Quarterly Chapter Meeting (and Happy Hour after)🎉

Presentation : AppSec War Stories: A Fun Discussion of In-the-Trenches Warfare

When: September 19th, 2025 (Friday) Presentation Session: 11:00am- 2:00pm Happy Hour: 2:30 pm - 4:00pm

Where: Hybrid Event

Featured Presentations:

Securing Today, Safeguarding Tomorrow: A Guide to App and AI Security - Andrew Gordon, Sr. Sales Engineer, Snyk
This talk challenges the traditional, reactive approach to application security, where developers get stuck fixing issues weeks after they’re created. We’ll show how new tools and processes can empower developers to integrate security directly into their workflow, making it an efficient part of the development process.

Finally, we’ll look at the emerging security challenges presented by AI. We’ll discuss the new “war stories” we anticipate seeing, and what developers need to know to secure both today’s applications and the AI-powered systems of tomorrow.

Lessons Learned in Application Security from Log4j: A Wake-Up Call for the Industry - Chris Young, Product Manager, OpenText
To explore key takeaways from the Log4j vulnerability (Log4Shell) and how it reshaped the approach to application security, particularly in open-source and enterprise software environments.

Agentic AI for Threat Modeling - Joseph Gregorio, VP Application Security, Frost Bank This session explores how agentic AI systems can be applied to threat modeling, enabling more autonomous, adaptive, and scalable approaches to identifying and analyzing security risks. Attendees will learn how these emerging technologies can complement traditional methods and enhance overall risk management.

Security Panel: AppSec Futures – Opportunities and Challenges
Topics of discussion will cover Agentic AI, defending against AI-powered attacks (deepfakes, phishing, social engineering, etc.), securing the expanded attack surface for APIs and Microservices, emerging threats from Quantum Computing, and preventing Supply Chain attacks.

Panelists

  • Eddie Contreras - CISO - Frost Bank
  • John Dickson - CEO - ByteWhisper
  • Chris Young - Product Manager - OpenText
  • Facilitator: Joseph Gregorio - VP Application Security - Frost Bank

Featured Speakers and Panelists

  • Eddie Contreras - CISO - Frost Bank
    Edward has spent his career protecting companies and organizations from cyber risk and crime. He has guided companies through global breaches, cyber and digital transformation, and risk management. He spent 22 years in the Army as a signal Warrant Officer with deployments to combat zones and earning a bronze star in the process. His core expertise has positioned him to lead cyber teams at systemically important financial institutions while enabling business success with minimal risk exposure. He is currently the Sr. Executive Vice President and Chief Information Security Officer at Frost Bank in San Antonio, Texas.

  • John Dickson - CEO - ByteWhisper
    John Dickson is CEO of Bytewhisper Security and an internationally recognized cybersecurity leader who has advised organizations on cybersecurity risk for over 25 years. John was a Principal at Denim Group where he guided that company to a successful acquisition by Coalfire in 2021. A former U.S. Air Force intelligence and cyber officer, Dickson served in the Air Force Information Warfare Center (AFIWC) and was a member of the Air Force Computer Emergency Response Team (AFCERT) in the 1990s. John has been researching and speaking about the convergence of artificial intelligence and cybersecurity and its impact on organizations since 2018.

  • Chris Young - Product Manager - OpenText
    Chris is a Full-Stack Developer and Cybersecurity Specialist with expertise in Application Security, DevSecOps, Data Protection, Identity, and Security Operations. Over the past 14 years at OpenText, he has held strategic sales roles spanning Engineering, Professional Services, Big Data Analytics, and Enterprise Computing. Previously, he led Application Development at Citizens Bank, launching their first online and mobile banking platforms. He began his tech career at Humana, building large-scale logistical and linear regression models foundational to machine learning. Chris is a Lean Six Sigma Black Belt and a 1997 graduate of the U.S. Military Academy at West Point.

  • Andrew Gordon - Senior Sales Engineer - Snyk
    Andrew Gordon is a seasoned IT professional and application security advocate with over two decades of experience leading enterprise-scale technology transformations. Before joining Snyk as a Senior Sales Engineer, Andrew held pivotal roles across industries, including serving as Director of IT at Spectrum and leading application delivery at Reinsurance Group of America. His background spans project and product management, software development, and systems integration—particularly in CRM, ERP, and quote-to-cash (Q2C) environments. Known for building high-performing, globally distributed teams, Andrew brings a deep understanding of both business strategy and technical execution. He holds certifications including Certified Scrum Master, SAFe 4 Agilist, and ITIL Foundations.

  • Joseph Gregorio - VP Application Security - Frost Bank Joseph Gregorio is the Vice President of Application Security at Frost Bank, bringing over 30 years of experience in Information Technology. His career spans software product development, application security, third-party risk management, governance, risk and compliance, and business continuity. Joseph’s diverse background includes leadership roles across the Department of Defense, telecommunications, financial services, and banking industries. He holds multiple professional certifications, including CISSP, CSSLP, GSEC, CGEIT, and PMP. Joseph earned a Master’s in Computer Information Systems from the University of Denver and an MBA from Colorado State University.

Additional Meeting Details

  • Lunch Provided
  • Happy Hour & Demo Lab networking after session!!!

Happy Hour - Sponsors

  • Opentext
  • Synk
  • Bytewhisper
  • Wallarm

Future Presentation Topics To Vote On

  • ASPM
  • Bug Bounty Programs: Successes and Failures
  • Pentest
  • Ransomware
  • DevSecOps - Security as Code
  • Security Controls for AI

Speaking at OWASP San Antonio Chapter Events

Call For Speakers is open - if you would like to present a talk on Application Security at future OWASP San Antonio Chapter events - please review and agree with the OWASP Speaker Agreement and send the proposed talk title, abstract and speaker bio to the Chapter Leaders via e-mail.

Watch Star