From 7f41046d9a2f7ed35ed3473735e6ffdd44518377 Mon Sep 17 00:00:00 2001 From: OWASP Foundation Date: Sat, 13 Jan 2024 23:04:31 -0600 Subject: [PATCH] remote update file --- _data/community_events.json | 30 ++++++++++-------------------- 1 file changed, 10 insertions(+), 20 deletions(-) diff --git a/_data/community_events.json b/_data/community_events.json index bac7932a97..d64fca0648 100644 --- a/_data/community_events.json +++ b/_data/community_events.json @@ -79,16 +79,6 @@ "timezone": "Australia/Brisbane", "description": "Presentation details coming soon, stay tuned!" }, - { - "group": "Cairo", - "repo": "www-chapter-cairo", - "name": "Introduction to Web Applications Security - OWASP Top 10", - "date": "2024-01-13", - "time": "0:00+02:00", - "link": "https://www.meetup.com/owasp-cairo-chapter/events/298445235", - "timezone": "Africa/Cairo", - "description": "Join the OWASP Cairo Chapter for a hands-on workshop on web application security best practices. Whether you're a developer, security professional, or simply interested in learning more about securing web applications, this event is for you. Through interactive discussions and practical exercises, we'll cover topics such as secure coding practices, secure authentication and authorization, input validation, and defense against common web vulnerabilities. By the end of the workshop, you'll gain a solid understanding of web application security and be equipped with the knowledge to secure your own applications effectively.\n\nDon't miss out on this opportunity to network with like-minded professionals, exchange ideas, and learn from industry experts. All skill levels are welcome, from beginners to experienced practitioners. Bring your laptops and be ready to dive into the exciting world of web application security. Join us at the OWASP Cairo Chapter and take your web security skills to the next level." - }, { "group": "Chennai", "repo": "www-chapter-chennai", @@ -99,16 +89,6 @@ "timezone": "Asia/Kolkata", "description": "**Title**: Unveiling Vulnerabilities: Hacking Adult entertainment and dating sites\n\n**Abstract:** Explore the hidden world of cybersecurity exploits in adult entertainment and dating sites. Our presentation reveals bug bounty findings, exposing vulnerabilities like SSRF, Authentication Bypass, BAC and much more. Real-world case studies shed light on security gaps, providing insights into bug bounty challenges. Beyond exploits, gain practical strategies for stability and persistence in theme-based bug bounty hunting.\n\n**Title:** Attack Surface Management Role in Ransomware Defence\n\n**Abstract:** Amidst rising ransomware threats, this study explores Attack Surface Management (ASM) as a pivotal defense. Delving into ASM's strategies, tools, and real-world successes, it equips organizations to fortify against evolving cyber risks. Covering vulnerabilities, risk mitigation, and future trends, this research empowers proactive defense in today's dynamic threat landscape.\n\n**Registration Form**: https://forms.gle/ER4LesKYrf5ouj7J9" }, - { - "group": "Colorado Springs", - "repo": "www-chapter-colorado-springs", - "name": "OWASP CoS January 2024 - SPECIAL EVENT HANDS-ON LAB", - "date": "2024-01-13", - "time": "0:00-07:00", - "link": "https://www.meetup.com/owasp-colorado-springs-meetup/events/297982531", - "timezone": "America/Denver", - "description": "**HANDS-ON LAB**: James Smith will lead us in creating a hands-on web application security testing lab\n\n**Bring your own laptop**; hardware requirements:\n\\- Intel chipset \\(no ARM\\, no Mac silicon\\)\n\\- 60GB free diskspace\n\\- Administrator account access \\(to install virtualization software\\)\n\nCoffee / donuts / pizza provided\n\nLocation: National Cyber Center (NCC):\n\nhttps://cyber-center.org/" - }, { "group": "Columbus", "repo": "www-chapter-columbus", @@ -199,6 +179,16 @@ "timezone": "Asia/Jerusalem", "description": " OWASP IL happy to invite you to our upcoming Meetup!\nJoin us for another AppSec community event and enjoy food, drinks, mingling, and great talks about security.\n\nThe event will be hosted by Bright Security!\n\n=====================================================================\nAgenda:\n 18:00 - 18:30 - gathering and food - We will gather at Bright Security Offices for drinks, great treats, mingling. Safe room free zone!\n 18:30 - 18:45 - Keynote + Microphone tuning\n\n 18:45 to 19:15 - Exploring the Risks of ChatGPT and Other Generative AI Applications\n\nBar Hofesh - Co-Founder & CTO @ Bright Security\n\nThe presentation emphasizes the critical need for security in the realm of AI-generated code, spotlighting common vulnerabilities. It presents the three main avenues of attack against Large Language Models (LLMs): direct attacks on the LLMs themselves, compromises in the infrastructure and integrations, and weaknesses in applications. The presentation offers in-depth examples, particularly focusing on \"social engineering\" methods, to illustrate the techniques and consequences of these security breaches.\n\n 19:15 to 19:45 - Top 5 Open Source Tools All Developers Should Know About!\n\nRaz Probstein - Solution Engineer @ Jit\n\nThe Minimum Viable Security (MVS) approach simplifies the integration of security measures into config files, apps, and CI/CD processes using open source tools. This talk focuses on incorporating five key security controls into the CI/CD pipeline, utilizing tools like Bandit, Gitleaks, OSV-Scanner, KICS, and OWASP\u2019s ZAP. These controls, along with custom measures for enforcing Multi-Factor Authentication via Github Security, establish a foundational security framework from the initial code, allowing continuous improvement as applications evolve over time. Code examples and demos will be presented in the session.\n\n 19:45 - 20:15 - Recent Supply Chain Code Attacks\n\nYoad Fekete - Co-Founder & CEO @ Myrror Security\n\nJoin us for a deep-dive into the world of recent software supply chain attacks and how to defend against them.\nIn this lecture, we will discuss the difference between a supply chain attack and a vulnerability, and explore why there has been a significant increase in these types of attacks in the past couple of years.\nWe will showcase various vectors for these attacks with recent attacks examples.\nThe highlight? A technical demo of an attack, similar to the UA-Parser/Ledger Connect kit malicious package attacks.\n\n=====================================================================\n\nThis event is sponsored by Bright Security in collaboration with OWASP Israel.\n\nJoin us at the event physically as we will not include Zoom or remote participation this time." }, + { + "group": "Jacksonville", + "repo": "www-chapter-jacksonville", + "name": "OWASP Monthly meeting ", + "date": "2024-02-12", + "time": "8:45-05:00", + "link": "https://www.meetup.com/owasp-jacksonville-chapter/events/298399889", + "timezone": "America/New_York", + "description": "The OWASP Foundation came online on December 1st, 2001 it was established as a not-for-profit charitable organization in the United States on April 21, 2004, to ensure the ongoing availability and support for our work at OWASP. OWASP is an international organization and the OWASP Foundation supports OWASP efforts around the world. OWASP is an open community dedicated to enabling organizations to conceive, develop, acquire, operate, and maintain applications that can be trusted. All of the OWASP tools, documents, forums, and chapters are free and open to anyone interested in improving application security. We advocate approaching application security as a people, process, and technology problem because the most effective approaches to application security include improvements in all of these areas. We can be found at www.owasp.org." + }, { "group": "Los Angeles", "repo": "www-chapter-los-angeles",