OWASP Community Meetings

Description: **Hey Everyone,** We're excited to announce our second annual **Off-Grid Campout** this July! Join us for the weekend and enjoy the Aldo site in Provo Canyon. We've reserved a campground for **July 26th-27th**. **Please RSVP**, as our group site has room for 10 cars. **Details:** * **Location:** [Aldo site, Provo Canyon](https://www.recreation.gov/camping/campsites/15948) * **Check-in:** As early as 3 PM, (but come whenever makes sense) on July 26th * **Checkout:** By 12 PM on July 27th Bring your own dinner and breakfast, and enjoy some downtime, and connect with fellow AppSec engineers at the base of the beautiful Cascade mountain. Looking forward to seeing you there!

Description: In today's rapidly evolving digital landscape, securing applications is a critical concern for enterprises. This joint event, organized by the OWASP Cairo Chapter and ISACA Cairo Chapter, aims to equip security professionals, developers, and IT leaders with the knowledge and tools necessary to integrate security throughout the application development lifecycle. The event will feature two key sessions: [10:00 AM - 10:45 AM]⁠ ⁠Integrating Security into the Development Lifecycle: Governance Frameworks and Best Practices [Speaker: Mohamed Alfateh] \- Discover strategies for embedding security within Agile\, Waterfall\, and DevSecOps methodologies \- Explore the security manager's role in fostering collaboration\, driving security awareness\, and measuring the effectiveness of security initiatives [10:45 AM - 11:30 AM]⁠ ⁠Secure Coding Practices for Web Applications [Speaker: Mohammed Sherif] \- Explore secure coding principles and techniques to mitigate common application vulnerabilities \- Learn about secure coding standards\, code review best practices\, and automated security testing Through a combination of expert presentations, interactive discussions, and real-world case studies, attendees will gain a comprehensive understanding of secure application development and the essential role of security governance in empowering enterprises to build secure, resilient, and compliant software solutions.

Description: **Note:** **1\. Participants can attend the event by invitation only\, as we have limited seating\. Venue details will be sent to selected participants\.** **2\. This workshop is intended for peoples who already have basic knowledge in AWS environment only\, not for newbies/beginners\.** **Hacking AWS** An immersive 8-hour workshop designed for Blackbox Pentesters looking to enhance their skills in attacking and exploiting AWS resources. This beginner-friendly session dives deep into AWS security, focusing on identifying and exploiting vulnerabilities in various AWS services. **What You Will Learn** Throughout the workshop, attendees will gain hands-on experience in: \- Enumerating and Reconnaissance: Identifying and mapping AWS resources\. \- IAM Misconfigurations: Exploiting flaws in IAM roles and policies\. \- S3 Bucket Exploitation: Accessing and exfiltrating data from misconfigured S3 buckets\. \- EC2 Instance Attacks: Gaining unauthorized access to EC2 instances\. \- Other Common Misconfigurations: Identifying and exploiting other prevalent AWS vulnerabilities\. **Capture the Flag (CTF) Event** The workshop will conclude with a Capture the Flag (CTF) event, allowing attendees to apply what they've learned in a simulated AWS environment. The CTF event will end on the same day, but the labs will remain accessible for 48 hours post-session for further practice. **Ideal Audience** This workshop is best suited for individuals aiming to work on breaking into AWS environments, including: \- Offensive Security Engineers \- Pentesters Specializing in Cloud Security \- Security Engineers \- Technical Cloud Security Consultants **Not Suitable For** Red Teamers: This session does not cover advanced attack tactics, defense evasion, C2 hosting, or advanced data exfiltration. Blue Teamers & Defenders: Defensive strategies against these attacks are not covered. Beginners to AWS: Basic understanding of AWS and cloud computing concepts is required. Requirements for Participation AWS Account: Each attendee must have their own AWS account with root/admin access. Free tier accounts are sufficient. AWS CLI v2: Must be installed on the attendee's system. Hardware: Attendees must bring their own laptops with internet connectivity. Knowledge Base: Basic familiarity with AWS services and concepts like IAM, Lambda, EC2, etc., is needed. **Kindly Fill this form for registration :** [https://forms.gle/GSTZZmfpEUHiDYHN6](https://forms.gle/GSTZZmfpEUHiDYHN6)

Description: Join us for our 3rd mixer with participating cybersecurity communities in Southern California, enjoy beautiful weather, amazing sunset, great conversations, network with your peers, make new friends! You **don't** have to be a member of any group to participate. Mark your calendars; see you there!! **VENDOR Opportunities Available** *Vendors interested in attending please send an email to [email protected]* **CODE OF CONDUCT** We hope you enjoy the event, we care deeply about inclusivity and diversity so that OWASP is a comfortable and welcoming community for everyone. Please reach out to one of our chapter leaders if you have any feedback/concerns or would like to speak to us, we take these matters very seriously. You can find out more about our policies here: [https://owasp.org/www-policy/operational/conferences-events.html#conference-and-event-anti-harassment-policy](https://owasp.org/www-policy/operational/conferences-events.html#conference-and-event-anti-harassment-policy)

Description: **Topic Details** Data management and data governance are two interrelated concepts that are crucial for organizations in today’s data-driven world. Data management is the execution, putting the practices in place to handle data effectively. Data governance sets the direction, outlining the policies and procedures that guide data management activities. In this talk, we will explore in details how data management and data governance play an important role for any application.

Description: **Topic Details** Data management and data governance are two interrelated concepts that are crucial for organizations in today’s data-driven world. Data management is the execution, putting the practices in place to handle data effectively. Data governance sets the direction, outlining the policies and procedures that guide data management activities. In this talk, we will explore in details how data management and data governance play an important role for any application.

Description: 30 minutes of meet-and-greet and Chapter information, then the Presentation! Presentation begins at 12 CDT! Presentation: **Cyber Resilience - Findings from the 2024 Futures Report** We are poised on the precipice of a new era of computing underpinned by new networks, new apps, and a digital-first experience. Hear the latest findings from AT&T Cybersecurity research and learn about: \- What high\-priority edge computing use cases are across seven industry markets \- How to secure and work with the edge ecosystem \- How the attack surface is changing \- How endpoints are diversifying The data from this research helps audiences understand challenges and opportunities of the future and examines: \- Balanced investment strategies \- Collaboration and communication needs \- Building with dynamic cyber resilience in mind Security is now a critical part of business - learn how to move your team to the future!

Description: Przed nami kolejne spotkanie naszej grupy. Mamy dla Was wykład Maćka Kofela o bezpieczeństwie API a w drugiej części proponujemy dyskusję o karierze w IT security. * **Bezpieczeństwo API (Maciej Kofel)** Podczas tworzenia i testowania API często priorytetem są wydajność i funkcjonalność. Ale co z bezpieczeństwem? Czy wiesz, że hakerzy mogą wykorzystać API do wyciągnięcia cennych informacji z Twojej aplikacji lub uzyskania dostępu do Twojego serwera, co umożliwia im dalsze eksplorowanie zasobów Twojej firmy? Na nadchodzącym spotkaniu OWASP zaprezentuję takie przykłady. W mojej prezentacji dowiesz się o lukach z listy OWASP API Top10, które mogą wystąpić w API, poznasz narzędzia i techniki testowania bezpieczeństwa API oraz dowiesz się, gdzie szukać pomocy lub rekomendacji dotyczących łatania tych luk. Ta sesja będzie pełna praktycznych przykładów. Po tej prezentacji, już nigdy nie spojrzysz na API w ten sam sposób. * * **Kariera w branży IT security (dyskusja)** W drugiej części naszego spotkania porozmawiamy o tym jak wejść do branży IT security i jak planować swoją karierę. Zapraszamy zarówno tych którzy dopiero planują rozpoczęcie pracy, tych którzy mają już kilka lat doświadczenia, jak i managerów prowadzących rekrutację. Porozmawiamy o tym co działa a co nie, jaki jest obecny stan rynku pracy, jakie specjalności są dzisiaj a jakie będą w przyszłości, na co warto zwracać uwagę planując swoją karierę w IT security.

Description: Únete a nosotros para una conversación en modo conspiranoico, acerca de los riesgos y oportunidades que ofrecen nuestro sw y herramientas cotidianas. A priori, analizaremos los super-poderes del navegador CHROME, BRAVE, y otras funciones de tu notebook y smartphone. Aprende y previene, para evitar posibles vulnerabilidades y malas prácticas que podrían comprometer tus proyectos.

Description: Hello everyone, we're excited to invite you to our OWASP Chapter meeting #66! Our Chapter serves central Germany, particularly within the Rhine-Main (Hesse) region, as a platform to discuss and share information and application security topics. Anyone who is interested and enthusiastic about application security or security in general is welcome. All meetings are free and open. You do not have to be an OWASP member. There will also be plenty of time to socialize before and after the event. _What are we going to talk about? **1\. Talk:** **Security at Scale - Mastering Cloud Security in the Cyberwar Era** *Dominik Sowinski, Cybersecurity Architect & Cybersecurity Community Lead, Siemens* In the midst of rapid cloud transformation, industrial organisations face an ever-evolving cyber threat landscape, exacerbated by global events such as the war in Ukraine. This presentation will address the latest APT activities and the significant risks they pose to cloud infrastructures and critical industrial operations. We will explore cutting-edge strategies, technical considerations and essential processes to rapidly adapt and secure cloud environments at scale against these relentless threats. The presentation will help you understand how to fortify cloud applications and infrastructure in this dynamic threat landscape. **2\. Talk: Let's talk vulnerabilities** *Vinit K., Independent security research and threat hunting* A talk and live demo on cybersecurity threats involving terminal emulators and SSH. We will explore how URL handling in iTerm2 and Hyper can be abused for code execution, as well as delve into the recent CVE-2023-51385 vulnerability, which allows unexpected code execution via SSH ProxyCommand. The session will include interactive segments where the audience can contribute exploit ideas and deepen their understanding of these critical security issues. _Afterwards? We will pre- and conclude the evening with the possibility of **socializing** at the venue with **free food and cold & hot drinks**. For everyone who's interested, we will continue socializing at the Bockenheimer Weinkontor afterward. _When? Our Meetup takes place on 31.07.2024 from 18.00 to 21.30 o'clock CEST. _Where? CHECK24 Frankfurt is located at Speicherstraße 55 in Frankfurt am Main, ca. 15min within walking distance of Frankfurt Hauptbahnhof. _Interested in **giving a talk** yourself? Submit your talk here: https://www.papercall.io/owasp-chapter-frankfurt _And now? Save the date, **spread the word,** and bring your friends and colleagues along to our event. _Follow Us! Also, follow us here and refer to our [OWASP Frankfurt site](https://owasp.org/www-chapter-germany/stammtische/frankfurt/) for information, including slides and recordings of previous presentations We're looking forward to seeing you at our event!

Description: G'day all, We had a great meetup last month. Thank you to those that attended. To make it easier, let's call this new format "Practitioner's Roundtable". We'll keep this going for the rest of this year. Following the survey last month of when you'd like to have these meetings, 66.7% of you told us you'd prefer the last Wednesday of the month - so, it shall be. In our last meetup, attendees voted for [Dr. Watson's Bar in the CBD](https://www.thesherlockholmes.com.au/dr-watsons-bar/) as our location this month. On 31st July 2024 6PM, there we shall meet. *There's NO BOOKING. If you're the first to arrive, please grab a table for the group and post a picture of the table's location in the comments of this meetup event. We'll use it to locate each other. (If you don't see a post, you're lucky first. Please grab us a table and post a pic.* \*)\* Please remember to update your RSVP if you can no longer attend. Even if it's just 30 minutes prior. It'll help whomever that arrives first know how big a table to get. We're looking forward to the discussions we had once again. See you there. More details on the format, and what to expect below: **The Practitioner's Roundtable** It's a monthly meetup, for AppSec/ProdSec practitioners to participate discussing AppSec/ProdSec topics and share knowledge. There's no speakers, or sponsors; just a facilitator, with the expectation that you'll join the conversations. Broadly, the idea is that you're swinging by after work, for a regular catch-up with our peers over dinner (with F&B at your own cost) with a known format. \-\-\- **So, what's happening?** The format: 1. At 6pm all attendees arrive, and order (and pay for) their own meals - we'll do the rest while waiting for the meals to arrive and as we eat. 2. All attendees write down on a card 1-2 AppSec/ProdSec related topics they'd like to discuss. 3. We'll all each cast 3 votes on the cards we'd like to discuss. 4. We'll sort the cards, and discuss the topics with the top 3-4 highest votes. Starting with the topic with the highest votes. 5. After 5(?) minutes, we all decide if we'd like to continue or move on to the next topic. 6. If we continue, after 15(?) minutes, we all move on to the next topic of discussion. 7. At 7pm, we wrap up and officially end. Before everyone leaves, we vote on the next restaurant that we'll meet at. This is [inspired by Lean Coffee](https://agilecoffee.com/leancoffee/), and intended for participants to be collaborators in the conversation focused on AppSec & ProdSec topics. For the location selection, here are the considerations we work with: 1. It must be within 1 "city block" of the Melbourne Free Tram Zone. 2. The typical price for a whole meal (without alcohol) should be under $50 per person. 3. It must allow individual orders - you'd be ordering and paying for your own meal. 4. It will need to have seating space for the group to say, just walk-in to the restaurant ( this may change if it grows beyond 10 regular attendees ). 5. It must be quiet enough for us to have meaningful conversations. 6. It must not be a restaurant we've been to in the past 6 months. (Just to keep things fresh ) Also, although we use the word “restaurant” this is used broadly to mean food establishment - if we’re all keen on hitting up a decent kebab place, that works. As a courtesy to the venue, there's an expectation that you'd order something there. See you there. Thank you.

Description: OWASP Yerevan July meetup agenda: 1. LETS NOT GET HACKED: some vulnerabilities and how to avoid them - Davit Karapetyan 2. Details about the cameras draft law - Artur Papyan Location: American University of Armenia Room number 314W in Paramaz Avedisian building (PAB, second/new building).

Description: Hello everyone, we're excited to invite you to our OWASP Chapter meeting #66! Our Chapter serves central Germany, particularly within the Rhine-Main (Hesse) region, as a platform to discuss and share information and application security topics. Anyone who is interested and enthusiastic about application security or security in general is welcome. All meetings are free and open. You do not have to be an OWASP member. There will also be plenty of time to socialize before and after the event. _What are we going to talk about? **1\. Talk:** **Security at Scale - Mastering Cloud Security in the Cyberwar Era** *Dominik Sowinski, Cybersecurity Architect & Cybersecurity Community Lead, Siemens* In the midst of rapid cloud transformation, industrial organisations face an ever-evolving cyber threat landscape, exacerbated by global events such as the war in Ukraine. This presentation will address the latest APT activities and the significant risks they pose to cloud infrastructures and critical industrial operations. We will explore cutting-edge strategies, technical considerations and essential processes to rapidly adapt and secure cloud environments at scale against these relentless threats. The presentation will help you understand how to fortify cloud applications and infrastructure in this dynamic threat landscape. **2\. Talk: Let's talk vulnerabilities** *Vinit K., Independent security research and threat hunting* A talk and live demo on cybersecurity threats involving terminal emulators and SSH. We will explore how URL handling in iTerm2 and Hyper can be abused for code execution, as well as delve into the recent CVE-2023-51385 vulnerability, which allows unexpected code execution via SSH ProxyCommand. The session will include interactive segments where the audience can contribute exploit ideas and deepen their understanding of these critical security issues. _Afterwards? We will pre- and conclude the evening with the possibility of **socializing** at the venue with **free food and cold & hot drinks**. For everyone who's interested, we will continue socializing at the Bockenheimer Weinkontor afterward. _When? Our Meetup takes place on 31.07.2024 from 18.00 to 21.30 o'clock CEST. _Where? CHECK24 Frankfurt is located at Speicherstraße 55 in Frankfurt am Main, ca. 15min within walking distance of Frankfurt Hauptbahnhof. _Interested in **giving a talk** yourself? Submit your talk here: https://www.papercall.io/owasp-chapter-frankfurt _And now? Save the date, **spread the word,** and bring your friends and colleagues along to our event. _Follow Us! Also, follow us here and refer to our [OWASP Frankfurt site](https://owasp.org/www-chapter-germany/stammtische/frankfurt/) for information, including slides and recordings of previous presentations We're looking forward to seeing you at our event!

Description: Since 4/25/24: discussions on AI and LLM's generally and the Coursera Prompt Engineering series from Vanderbilt specifically. We are now studying ChatGPT Advanced Data Analysis.... For General Study Group info, see #studygroup in OWASPAustin Slack For topic specific info, see #ai in the OWASPAustin Slack

Description: No dia 03 de agosto, a **OWASP Belém** é um dos capítulos brasileiros entre os mais de 200 capítulos ativos em todo o mundo. Nosso objetivo é disseminar a missão da OWASP, tornando a segurança das aplicações visível, para que as pessoas e organizações possam tomar decisões conscientes sobre os verdadeiros riscos de segurança das aplicações. Além disso, estamos empenhados em promover práticas de computação forense, ajudando a identificar, preservar, analisar e apresentar evidências digitais de forma adequada. A computação forense é essencial para a investigação de incidentes de segurança, permitindo que as organizações compreendam as origens e impactos de ataques, além de reforçar suas defesas contra futuras ameaças. **Data:** 03/08/2024 * **Horário:** 8h30m. * **Local:** UEPA * **Endereço**: Tv. Dr. Enéas Pinheiro, 2626 - Marco - UEPA * Inscrição: https://bit.ly/owaspuepa Confira a programação: **08h30m:** Abertura **09h00:** Apresentação OWASP **09h15 - 09h45:** Em breve. **10h - 10h45:** Em breve**.** **10h45 - 11h00:** Intervalo / Networking **11h15 - 11h45:** Em breve.

Description: Hello hackers, security enthusiasts, and the like. For this upcoming OWASP meetup we are going to do things a little different. Over the past few years, we have presented on numerous web /API vulnerabilities, this time we are going to exploit some of these weaknesses!! Yes, that’s right, less talking more hacking! As we have a mixed group of attendees, including executives, students, developers, security experts and enthusiasts, and to stay on brand :D, let’s focus on exploiting vulnerabilities present within Try Hack Me’s OWASP Juice Shop. Listed below are the things you will need to participate: · Laptop (one that can be used for exploiting weaknesses (Try Hack Me’s OWASP Juice Shop), perhaps not a corporate laptop :D) · Internet (Mobile hotspot in case the venue’s Wi-Fi cannot be used for any reason) · Try Hack Me account (Can be a free version) · Optional – Linux based VM + Try Hack Me VPN if you prefer to test from a local machine. Otherwise, you can spin up a cloud based Try Hack Me Linux based VM to conduct testing from. For those that have already completed this room well done!! Feel free to attend and perhaps pick another room or HTB to focus on, attend for the vibes/social aspect For those who have never performed pen testing of any kind, no stress, we can provide support/answer any questions that you may have. This is a judgement free zone, there are no dumb questions!! Hope to see you all there Venue will be announced soon (Brisbane CBD)

Description: **Introduction to DevSecOps with GitHub Actions** (45 min) GitHub Actions are a powerful way to automate your development pipelines. This talk will give you a foundational understanding of GitHub Actions with enough knowledge to start integrating security scans. We will start with the fundamentals of GitHub Actions and put those into practice with a Hello World test. Then we will look at how to create a dashboard that displays the current state of your repository. Finally, we will resolve one of the failing dashboard metrics by implementing an automated scan. This is intended to be a hands-on talk. Bring your laptop and set up a GitHub account before the meeting begins.

Description: Interested in application security? Or have you been wanting to get into open source but aren't sure where to start? Come to our Bug Bash! We'll provide an overview of the [OWASP Cheat Sheet Series](https://cheatsheetseries.owasp.org/) project, a collection of articles on specific application security topics. Then we'll dive into the project's GitHub repository and start hacking away at issues. We'll have mentors on hand to help you get started and answer any questions you have. All skill levels are welcome! Never submitted a pull request before? No problem! We'll walk you through the process and help you get your first open source contribution under your belt. Are you an expert in one specific area of application security? Come contribute to the project by writing a new cheat sheet or improving an existing one. Just getting started? Come and learn from experts, and contribute by fixing typos, improving formatting, or adding examples to existing cheat sheets. You don't need to be a technical expert to participate in open source! Have tons of experience? Come help mentor others and review their pull requests. We'll unleash the group on the project and see how much we can accomplish in a couple hours. There will be food for all attendees, and we'll have special **awards** for the top contributors in various categories. **Bring your laptop! Make sure you're set up with a GitHub account, and ideally have Git installed on your laptop.** **This meeting will be in-person! Thank you to Kroger for hosting at their Kroger Blue Ash Technology Center. For security, RSVP by 2 days prior to the meeting is required. Include your first and last name with your RSVP.** **Sponsored by [Traceable](https://www.traceable.ai/)**

Description: **When:** Thursday, August 8th, 5:30 pm - 7:30 pm **Where:** Lavaca Street Bar at the Domain Northside (Rock Rose District), 11420 Rock Rose Ave #100, Austin, TX 78758. We will have tables reserved inside the bar, to the right as you enter. Parking: nearest parking in the Red Garage located off of Rock Rose Ave ([map of Domain](https://domainnorthside.com/map/)). **What:** The Austin Security Professionals Happy Hour is a monthly event coordinated by the OWASP Austin Chapter and sponsored by various companies. We try to meet every second Thursday of the month from January to September (but occasionally we make schedule adjustments when needed). The event is an informal social gathering of local information security professionals. If you're involved with InfoSec or even if you have an interest, come on out for drinks, good food and conversation. **Sponsor:** [Trellix](https://www.trellix.com) *Trellix is a global company redefining the future of cybersecurity. The company’s open and native extended detection and response (XDR) platform helps organizations confronted by today’s most advanced threats to gain confidence in the protection and resilience of their security operations. Trellix, along with an extensive partner ecosystem, accelerates technology innovation through machine learning, automation, and actionable real-time intelligence to empower over 40,000 customers with living security. Trellix is committed to accelerating the inclusion of all communities in the industry, bringing together talented professionals with diverse backgrounds and experiences to have a meaningful impact on the evolution of cybersecurity.*

Description: Since 4/25/24: discussions on AI and LLM's generally and the Coursera Prompt Engineering series from Vanderbilt specifically. We are now studying ChatGPT Advanced Data Analysis.... For General Study Group info, see #studygroup in OWASPAustin Slack For topic specific info, see #ai in the OWASPAustin Slack

Description: This is an In-Person OWASP Orlando Chapter Meeting Food to be provided (Typically pizza or sandwiches) Introductions More details to be provided soon! Speaker 1: **TBD** Topic: TBD Speaker 2: **TBD** Topic: TBD

Description: Thank you to everyone who joined us last month. We’ll be meeting again on Tuesday, 8/13 at Market Avenue Wine Bar to discuss and share knowledge on information/application security topics. There won’t be any dedicated speakers this time—just come ready meet others and join the conversation!

Description: Join us in-person for an exciting day of hacking a cyber range! Thanks to the folks at Security Innovation, we'll host attackers of all skill levels and background to have some fun networking and learning about the mindset, skills and methodologies used in the seemingly growing number of breaches we hear about in the news.

Description: At noon on the 2nd Wednesday of every month we host a social meeting on Zoom with mini talks and breakout rooms. The main room will always be open for social time but we plan to have 1-2 topic breakouts you can join. If the breakout session topic interests you, join that discussion. Feeling more like a casual chat and exploring other topics? Visit the main room to strike up a conversation. Suggest topics you’d like to see breakout rooms for and let us know if you’d like to sign up to lead one. Slack @ #chapter-seattle (https://bit.ly/owasp-seattle-slack) [email protected] (https://groups.google.com/a/owasp.org/g/seattle-chapter)

Description: Em agosto voltaremos com nossos encontros PRESENCIAIS, com apoio da **AZION** cedendo o espaço para nossa a comunidade, teremos um encontro presencial na sede da empresa. VAGAS **LIMITADAS** **Confira nossa agenda:** 18:30 - Credenciamento e wellcome coffee 19:00 - "Hackers a favor: Como Programas de Bug Bounty Protegem Empresas” - Raphael Estima [https://www.linkedin.com/in/raphael-e-m/](https://www.linkedin.com/in/raphael-e-m/) 19:45 - "Segurança digital no contexto da Indústria 4.0” - Marcos Rodrigues de Carvalho [https://www.linkedin.com/in/marcos-rodrigues-de-carvalho-8ab2381b7/](https://www.linkedin.com/in/marcos-rodrigues-de-carvalho-8ab2381b7/) Para este encontro iremos emitir certificado de participação, esperamos vocês na Praça Dr. Maurício Cardoso, 71 - 4º andar - Porto Alegre - RS.

Description: TBD

Description: OWASP topic TBA

Description: In this talk, we will take a hands-on look at some of the latest OWASP MAS developments, in particular the new MASWE (Mobile Application Security Weakness Enumeration). This talk will introduce the concepts of "weaknesses", "atomic tests" and "demos" that are the basis of the upcoming MASTG v2. Attendees will gain practical knowledge through detailed examples that show the journey from definition to implementation using both static and dynamic analysis techniques available in MASTG. In addition, discover the newly developed MAS test apps designed to streamline research and improve the development of robust MAS tests. Don't miss this opportunity to improve your mobile app security skills and make your apps hack-proof. Whether you're looking to bolster your defenses or learn how to uncover vulnerabilities, this session will provide you with the cutting-edge resources you need to stay ahead in mobile security!