OWASP Tampa
Welcome to the Tampa OWASP Chapter!
Welcome to the Tampa chapter of the Open Web Application Security Project (OWASP), a nonprofit foundation that works to improve the security of software. Our chapter is open to anyone interested in learning more about application security and cybersecurity, regardless of one’s level of expertise, background, or profession. We aim to provide a welcoming, inclusive, and educational environment for all our members.
Who We Are
OWASP is a global community that drives visibility and evolution in the safety and security of the world’s software. The Tampa OWASP chapter is part of this larger organization, focusing on local events, meetups, and initiatives that foster awareness and understanding of security best practices in the Tampa area.
Our Mission
Our mission is to:
- Educate individuals and organizations on the importance of secure software development and best practices in application security.
- Provide a forum for networking and collaboration among the cybersecurity community in Tampa.
- Encourage the contribution to and usage of open source security tools and resources.
Meetings and Events
We hold regular meetings and events including:
- Quarterly Meetups: Featuring presentations from security experts on various topics related to application security and cybersecurity trends.
All our events are free and open to anyone who wishes to attend.
Get Involved
There are many ways to get involved with the Tampa OWASP chapter:
- Attend our meetups and events: Keep an eye on our Meetup page for upcoming events.
- Speak at an event: We’re always looking for new speakers and topics. If you’re interested in presenting, please contact us.
- Volunteer: Help us organize events, manage our community outreach, or contribute to our projects.
- Sponsor: If your organization is interested in supporting our chapter, please reach out for sponsorship opportunities.
Stay Connected
- Meetup: OWASP Tampa Chapter Meetup Page
- LinkedIn: Join our LinkedIn group for professional networking.
- Facebook OWASP Tampa Chapter Facebook Page
Contact Us
For any questions or more information, please email any of our organizers.
We look forward to seeing you at an upcoming event and joining our efforts to improve software security in the Tampa area!
OWASP Tampa Chapter 2025-May Lunch and Learn
Crowdsourced Security in Practice: Lessons from the Frontlines
- by: Bugcrowd
Date:
- Friday, May 16, 2025
Venue:
- 3030 N Rocky Point Drive W, Ste 600 · Tampa, FL
- Free Parking available
Time:
- 11:15am to 1:15pm
Registration: https://www.meetup.com/owasp-tampa/events/307289782
Description: Crowdsourced Security in Practice: Lessons from the Frontlines
As threats evolve faster than ever, traditional security models struggle to keep pace. Enter crowdsourced security—a model that taps into the global hacker community to uncover vulnerabilities before adversaries do. In this session, we’ll explore how Bugcrowd is helping organizations—from startups to the federal government—scale their security programs through managed bug bounty, vulnerability disclosure, and penetration testing. We’ll walk through real-world lessons learned, common pitfalls, and how aligning with frameworks like OWASP Top 10 enhances outcomes. Whether you’re an AppSec professional, pentester, or just curious about the power of ethical hacking at scale, this session will provide insights you can take back to your own environment.
Agenda:
- 11:15am - Registration and Lunch
- 12:15pm - Speaker - Jason Mueller - Crowdsourced Security in Practice: Lessons from the Frontlines
- 1:15pm - Depart
Speakers
Jason Mueller is a cybersecurity professional and former U.S. Navy cryptologist with over 20yrs of hands-on experience in cyber operations. Having worked across government, defense, and commercial sectors, Jason brings a unique perspective on the evolving threat landscape and how organizations can stay ahead of it. At Bugcrowd, he helps security teams harness the power of crowdsourced security to identify and remediate risk at scale. With a background rooted in operational security and a deep appreciation for the hacker mindset, Jason is passionate about helping organizations adopt modern, proactive approaches to cybersecurity that are both practical and impactful.
Location
- This is an in-person and streaming events is available.
- GuidePoint Security 3030 N Rocky Point Drive W, Ste 600 · Tampa, FL
- Free Parking available
Past Events and Presentation Archives
2025-March - AI is here for business users. What does that mean for AppSec? - Sponsor - Zenity and OWASP Tampa Chapter
2025-Q1 - API Security Blunders: Tales from the Cyber Trenche - Sponsor - Traceable and OWASP Tampa Chapter
2024-Q3 - SCA in the world of AI: With the rise in AI, there is more focus on Python dependency management and SCA scanning. - Sponsor - Endor Labs and OWASP Tampa Chapter
2024-Q2 - OWASP Tampa Chapter 2024-Q2 Lunch and Learn: From Reactive to Effective: Building Application Security that Works - Sponsor - Mend and OWASP Tampa Chapter
2024-Q1 - OWASP Tampa Chapter 2024-Q1 Lunch and Learn: Appsec in an AI-powered world - Sponsor - Qwiet.AI and OWASP Tampa Chapter
2023-Q4 - OWASP Tampa Chapter Q4 End of Year Minicon: The Future of Cybersecurity and Beyond - Sponsor - Tampa Bay ISSA Chapter and OWASP Tampa Chapter
2019-Q1 - Application Security in an Ever Changing Digital Landscape - Trace Hollifield - Presentation Slides here
2016-Q4 - Mark Villinski, Kaspersky - Unlock the Key to Repel Ransomware, Major General Oleg D. Kalugin, Formerly with KGB and author of “Spymaster”, John Ford- Defend Trade Secrets Act of 2016, Steve Obeck, Tanium- Security Hygiene, Jeremy Rasmussen, Cybersecurity Director of Abacode - “Incident Response and Investigations: Tales from the Trenches”
2016-Q3 - Red Team Operating in a modern environment - Jonathan Echavarria - Presentation Slides here
2016-Q2 - OpenSAMM Software Assurance Maturity Model - Eoin Fitzpatrick
- Presentation Slides here
2016-Q1 - AppSec Pipeline: Application Security in a world of Agile Development, Continuous Change and DevOps - Doug Morato - Presentation Slides here
2015-Q4 - Care & Feeding of Programmers-Addressing App Sec Gaps with Headers - Sunny Wear - Presentation Slides here
2015-Q4 - Secure Session Management - Brian Beaudry - Presentation Slides here
OWASP Tampa Day 2014 - Shadow IT Does Not Have To Be Shady - Scott VanWart - Presentation Slides here
OWASP Tampa Day 2014 - Offensive Mobile Forensics - Joey Peloquin - Presentation Slides here
OWASP Tampa Day 2014 - OWASP Top 10 for MVC 4 and Greater - James Davis
- Presentation Slides here
OWASP Tampa Day 2014 - Application Centric Mobile Application Security Model - Daniel Bender - Presentation Slides here
OWASP Tampa Day 2014 - Intern down for what? - Tony Turner - Presentation Slides here
2014-Q3 - Do we really know the OWASP Top 10? - Jon Singer - Presentation Slides here
2014-Q1 - Herding Cats - Carl Brothers - Presentation Slides here
2014-Q1 - The Enemy Within - Ramece Cave - Presentation Slides here
OWASP Tampa Day 2013 - Securing Your Applications’ Data With Web Application Firewalls - Dennis K. Usle - Presentation Slides here
OWASP Tampa Day 2013 - Bring Your Own Service - Doug Maul - Presentation Slides here
OWASP Tampa Day 2013 - Design Consideration & Guiding Principles for Implementing Cloud Security - Bill Sterns - Presentation Slides here
OWASP Tampa Day 2013 - Let’s Get Right To The Endpoint - Mel Pless - Presentation Slides here
OWASP Tampa Day 2013 - Vulnerability Management That Works - Tony Turner
- Presentation Slides here
2012-Q3 - Taming the B.E.A.S.T. - Richard Newman - Presentation Slides [https://www.owasp.org/images/1/10/Taming_the_B.E.A.S.T..pdf here]
OWASP Tampa Day 2012 - Changing the Game - Jason Kent - Presentation Slides here
OWASP Tampa Day 2012 - MDM Technical Presentation - Keith Katz - Presentation Slides here
OWASP Tampa Day 2012 - Federated Identities in the Real World - Nathan Sargent - Presentation Slides here
OWASP Tampa Day 2012 - Define and Optimize Your Approach to Application Security - Bruce Jenkins - Presentation Slides here
OWASP Tampa Day 2012 - Anonymous: Lessons Learned - Bill Church - Presentation Slides here
2012-Q1 - Protecting Against SQLi in Real-Time - Stuart Hancock - Presentation Slides here
2011-Q4 - How Not to Build Android Apps - Jack Mannino - Presentation Slides here
2011-Q4 - Behind Enemy Lines: Practical & Triage Approaches to Mobile Security Abroad - Justin Morehouse - Presentation Slides here
2011-Q3 - Hiding in Plain Sight - Ramece Cave - Presentation Slides here
2011-Q3 - PCI Compliance 2.0 - Kate Mullin - Presentation Slides here
OWASP Tampa Day 2011 - PCI for Developers: Lessons from the Real World - Trevor Hawthorn - Presentation Slides here
OWASP Tampa Day 2011 - Top Website Vulnerabilities: Trends, Business Effects and How to Fight Them - Rinaldi Rampen - Presentation Slides here
OWASP Tampa Day 2011 - How to Defend the Universe from Evil-doers: A Guide for Software Developers and Security Teams - Bruce Jenkins - Presentation Slides here
OWASP Tampa Day 2011 - Analysis of Deadly Combination of XSS and CSRF - Sherif Koussa - Presentation Slides here
2011-Q1 - Real Lessons of Deploying Static Analysis in Development Groups - Jeff LoSapio - Presentation Slides here
2011-Q1 - Intelligence Gathering for Penetration Testers: Opening Doors with Metadata - Chris Patten - Presentation Slides here
2011-Q1 - Vulnerability Management in an IPv6 World - Richard Newman & Brett McKinney - Presentation Slides here
2010-Q4 - Nessus Bridge for Metasploit - Zate Berg - Presentation Slides here
2010-Q2 - Stealing Guests…The VMware Way - Justin Morehouse & Tony Flick - Presentation slides here
2010-Q1 - The New World of Smartphone Security - Trevor Hawthorn - Presentation slides here
2009-Q3 - Hacking the Smart Grid - Tony Flick - Presentation slides here
2009-Q2 - Open SAMM - Zate Berg - Presentation slides here
2009-Q1 - XSS Anonymous Browser - Matt Flick - Presentation slides here
2008-Q4 - Google Code Search : The pitfalls of Copy/Paste - Tony Flick - Presentation slides here