OWASP San Antonio

Welcome

Welcome to OWASP San Antonio Chapter, a regional city chapter within OWASP. Our Chapter serves San Antonio region as a platform to discuss and share topics all around information and application security.

Anyone with an interested and enthusiastic about application security is welcome. All meetings are free and open. You do not have to be an OWASP member.

Referrals to this website or to individual meetings to colleagues or acquaintances are welcome.

What’s going to happen?

To be announced via our OWASP San Antonio Chapter Meetup Group. We usually have talks related to information and application security.

Further Notes

Please join our OWASP San Antonio Chapter Meetup Group for timely updates on our OWASP Chapter San Antonio Meetup.

Upcoming Events

🎉OWASP San Antonio Supply Chain Security Summit (and Happy Hour after)🎉

Presentations and Security Panel: Supply Chain Security and AI-Enabled Threats

Call for Sponsorships and Papers:
We are now accepting presentation abstracts and sponsorship inquiries. Please send submissions to [email protected].

Selections for sponsors and presentations will be finalized soon, so please submit early for full consideration.

> When: Friday, Jun 12 · 11:00 AM to 3:00 PM CDT

> Presentation Session: 11:00am - 3:00pm

> Happy Hour: 3:00pm - 4:30pm

> Where: Hybrid Event

  • On-site: Scuzzi’s Italian Restaurant – 4035 N Loop 1604 W #102, San Antonio, TX 78257
  • Virtual: Zoom details below

Event Overview

Join us for a deep dive into one of the most critical and rapidly evolving fronts in cybersecurity: supply chain security. From compromised vendors and poisoned dependencies to AI-enabled attack campaigns, today’s threat landscape is no longer isolated — it is interconnected, automated, and operating at unprecedented scale.

This summit brings together real-world threat intelligence, incident-driven insights, and practitioner-led discussions to examine how modern supply chain attacks actually unfold and what it takes to defend against them. We will explore how adversaries are leveraging AI to accelerate reconnaissance, impersonate trusted entities, and exploit gaps across software, hardware, and third-party ecosystems.

Whether you’re responsible for application security, third-party risk, detection engineering, or incident response, this session will provide actionable strategies to better understand, detect, and reduce supply chain exposure in an era of continuous, intelligent attack.

Mapping the Kill Chain: How Supply Chain Attacks Actually Unfold

Speaker: TBD

This presentation breaks down real-world supply chain attack sequences from initial compromise to lateral movement and data exfiltration. We will analyze attacker methodologies across vendor ecosystems, software dependencies, and hardware channels, highlighting where traditional defenses fail.

Topics include:

  • Common supply chain attack paths and kill chain stages
  • Threat actor tactics, techniques, and procedures (TTPs)
  • Detection gaps and incident response challenges
  • Lessons learned from recent high-impact breaches

AI-Enabled Attacks: New Vectors, Amplified Scale

Speaker: TBD

Adversaries are increasingly weaponizing AI to scale and automate their operations. This session explores how large language models and AI tooling are used to forge identities, exploit dependency ecosystems, and accelerate vulnerability discovery.

Topics include:

  • How AI is used in modern attack campaigns
  • Real-world examples of AI-assisted threats
  • Risks such as model poisoning and data manipulation
  • Defensive considerations for AI-driven attack surfaces

Threat-Informed Defense: Reducing Exposure Across the Supplier Ecosystem

Speaker: TBD

Defending against supply chain threats requires more than visibility, it requires operationalizing threat intelligence. This talk focuses on practical strategies to monitor, verify, and contain risk across third-party relationships.

Topics include:

  • SBOM implementation and enforcement
  • Continuous supplier monitoring strategies
  • Trust verification and zero trust principles for vendors
  • Response strategies when a supplier is compromised

Security Panel Discussion: The Supply Chain Threat We’re Not Ready For

This panel brings together practitioners to discuss the most under-addressed risks in today’s supply chain landscape. From open source dependencies to AI model supply chains, panelists will explore where organizations remain vulnerable and what needs to change.

Discussion themes:

  • Gaps in current supply chain security practices
  • Accountability between vendors and customers
  • Regulatory and governance challenges
  • Emerging risks across AI and critical infrastructure dependencies

Facilitator: Joseph Gregorio, President OWASP San Antonio, VP Application Security Frost Bank

Additional Meeting Details

Lunch: $20 paid in person or via our Square account.

Square payment link:
https://square.link/u/kiJwhMJj

Location:
Scuzzi’s Italian Restaurant
4035 N Loop 1604 W #102
San Antonio, TX 78257

HAPPY HOUR & NETWORKING after session!!!

Happy Hour Sponsors:
To Be Announced

Virtual Meeting Details

Join Zoom Meeting
https://us06web.zoom.us/j/88075094983?pwd=HgD51ImqU3vbgKfJVpUhAc5mvqL5Ow.1

Meeting ID: 880 7509 4983

Passcode: 840262

We encourage everyone to attend in person. We will have door prizes and excellent food for all to enjoy, along with a great opportunity to connect with fellow security professionals.

Please feel free to pass this information on to your peers and team members. 😊

Future Presentation Topics To Vote On

  • Post-Quantum Computing
  • ASPM
  • Pentest
  • Ransomware
  • DevSecOps - Security as Code
  • Security Controls for AI
Watch Star