Skip to content

Commit

Permalink
remote update file
Browse files Browse the repository at this point in the history
  • Loading branch information
@OWASPFoundation
OWASPFoundation committed Jan 10, 2024
1 parent d4b99eb commit da9613d
Showing 1 changed file with 33 additions and 23 deletions.
56 changes: 33 additions & 23 deletions _data/community_events.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -89,6 +89,16 @@
"timezone": "Australia/Brisbane",
"description": "Presentation details coming soon, stay tuned!"
},
{
"group": "Cairo",
"repo": "www-chapter-cairo",
"name": "Introduction to Web Applications Security - OWASP Top 10",
"date": "2024-01-13",
"time": "0:00+02:00",
"link": "https://www.meetup.com/owasp-cairo-chapter/events/298445235",
"timezone": "Africa/Cairo",
"description": "Join the OWASP Cairo Chapter for a hands-on workshop on web application security best practices. Whether you're a developer, security professional, or simply interested in learning more about securing web applications, this event is for you. Through interactive discussions and practical exercises, we'll cover topics such as secure coding practices, secure authentication and authorization, input validation, and defense against common web vulnerabilities. By the end of the workshop, you'll gain a solid understanding of web application security and be equipped with the knowledge to secure your own applications effectively.\n\nDon't miss out on this opportunity to network with like-minded professionals, exchange ideas, and learn from industry experts. All skill levels are welcome, from beginners to experienced practitioners. Bring your laptops and be ready to dive into the exciting world of web application security. Join us at the OWASP Cairo Chapter and take your web security skills to the next level."
},
{
"group": "Chennai",
"repo": "www-chapter-chennai",
Expand All @@ -99,6 +109,16 @@
"timezone": "Asia/Kolkata",
"description": "**Title**: Unveiling Vulnerabilities: Hacking Adult entertainment and dating sites\n\n**Abstract:** Explore the hidden world of cybersecurity exploits in adult entertainment and dating sites. Our presentation reveals bug bounty findings, exposing vulnerabilities like SSRF, Authentication Bypass, BAC and much more. Real-world case studies shed light on security gaps, providing insights into bug bounty challenges. Beyond exploits, gain practical strategies for stability and persistence in theme-based bug bounty hunting.\n\n**Title:** Attack Surface Management Role in Ransomware Defence\n\n**Abstract:** Amidst rising ransomware threats, this study explores Attack Surface Management (ASM) as a pivotal defense. Delving into ASM's strategies, tools, and real-world successes, it equips organizations to fortify against evolving cyber risks. Covering vulnerabilities, risk mitigation, and future trends, this research empowers proactive defense in today's dynamic threat landscape.\n\n**Registration Form**: https://forms.gle/ER4LesKYrf5ouj7J9"
},
{
"group": "Chile",
"repo": "www-chapter-chile",
"name": "\"Persona+Maquina y Ciberseguridad.\" (Podcast Piloto)",
"date": "2024-01-10",
"time": "1:00-03:00",
"link": "https://www.meetup.com/owasp-chile-meetup-group/events/298449139",
"timezone": "America/Santiago",
"description": "\u00a1Ven al episodio piloto del nuevo podcast donde analizaremos \"Ciberseguridad en escenarios de colaboraci\u00f3n Persona+Maquina\".\n\nEl objetivo es identificar oportunidades de mejora en la ciberseguridad requerida para habilitar procesos de negocio apoyados en IA.\n\nEl equipo de panelistas se compone de:\n\n* Don-ISO un asistente virtual, entrenada en procesos ISO-9000 y ciberseguridad (experimental)\n* Hugo Gonz\u00e1lez en representaci\u00f3n de la Comunidad Auditores Lideres en TI.\n* Carlos Allendes presidente de OwaspChile y dise\u00f1ador de entidades.\n\nJuntos identificaremos lo positivo, lo negativo y las oportunidades de mejora en los siguientes casos.\n\n**UserStory001: Alimentos perecibles y el servicio al cliente.**\nUn reclamo por alimentos perecibles en mal estado, se hizo en paralelo al supermercado y a la av\u00edcola, estas fueron las reacciones... buenas, malas y mejorables.\n\n**UserStory002: \u00bf Cuanto se ahorra al implementar ISO-9000 antes de ISO-27001?**\nSe analiza un dise\u00f1o de doble acreditaci\u00f3n ISO-9000 e ISO-27001, creando sinergias operativas y de procesos, permitiendo incluso reducir o diluir el costo de \"ISO-9000\" dentro del plan de ISO-27001. Y reducir los riesgos de implantaci\u00f3n de ISO-27001.\n\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\n\\*(Inscr\u00edbete y el d\u00eda de la charla recibir\u00e1s el link de conexi\u00f3n via e-mail).\n\nLos esperamos."
},
{
"group": "Colorado Springs",
"repo": "www-chapter-colorado-springs",
Expand Down Expand Up @@ -149,6 +169,16 @@
"timezone": "Asia/Dubai",
"description": "OWASP Dubai Chapter is announcing an upcoming event about \"OWASP IoT Top 10\"\nEveryday, technology gets more helpful yet more complex\nEveryday, we relay more and more on technology and software solutions\nEveryday, new cyber threats and attacks are created and activated.\nIn this session, we will discuss:\n\\- The new Era of IoT and how it is changing the daily life of people around the globe\n\\- The top 10 security risks associated with IoT and how IoT is expanding the attack surface according to OWASP guide\n\\- How to mitigate IoT associated security risks to design and build more resilient IoT products\nEvent Speaker is [Mahmoud Hussein](https://www.linkedin.com/company/90810901/admin/#), OWASP Dubai Chapter Leader.\nEvent is online and Free on Monday, 20th March 2023 @ 9:00am - 11:00am Dubai time.\nRegistration is now open on the link below\nJoin our meetup group to keep up with all updates and events.\n**#IoT** **#security** **#design** **#events** **#software** **#cybersecurity** **#technology** **#cyber** **#business** **#business** **#dubai** **#safety** **#event**"
},
{
"group": "Dubai",
"repo": "www-chapter-dubai",
"name": "[InterSec] Secure Digital Transformation in the Al Era",
"date": "2024-01-17",
"time": "5:35+04:00",
"link": "https://www.meetup.com/meetup-group-svgchist/events/298436726",
"timezone": "Asia/Dubai",
"description": "Embark on a transformative exploration at our session titled \"Secure Digital Transformation in the AI Era,\" where cutting-edge insights and strategies converge to illuminate the path towards a secure and resilient digital future.\nThis session will bring together industry leaders, cybersecurity experts, and pioneers in artificial intelligence to delve into the intricacies of navigating the evolving landscape of digital transformation while prioritizing security imperatives.\nParticipants can expect in-depth discussions on leveraging the potential of AI in transformative initiatives, while concurrently addressing the escalating challenges related to cyber threats, data privacy, and ethical considerations.\nEngage in a dynamic exchange of ideas, best practices, and case studies, as we collectively forge a roadmap to harness the benefits of digital transformation without compromising on the paramount importance of security in this AI-driven era."
},
{
"group": "Dubai",
"repo": "www-chapter-dubai",
Expand All @@ -174,10 +204,10 @@
"repo": "www-chapter-israel",
"name": "OWASP IL Meetup - February 2023",
"date": "2024-02-06",
"time": "8:30+02:00",
"time": "8:00+02:00",
"link": "https://www.meetup.com/owasp-israel/events/296831820",
"timezone": "Asia/Jerusalem",
"description": " OWASP IL happy to invite you to our upcoming Meetup!\nJoin us for another AppSec community event and enjoy food, drinks, mingling, and great talks about security.\n\nThe event will be hosted by Bright Security!\n\n=====================================================================\n\nThe agenda will be published soon.\n\n=====================================================================\n\nThis event is sponsored by Bright Security in collaboration with OWASP Israel.\n\nJoin us at the event physically as we will not include Zoom or remote participation this time."
"description": " OWASP IL happy to invite you to our upcoming Meetup!\nJoin us for another AppSec community event and enjoy food, drinks, mingling, and great talks about security.\n\nThe event will be hosted by Bright Security!\n\n=====================================================================\nAgenda:\n 18:00 - 18:30 - gathering and food - We will gather at Bright Security Offices for drinks, great treats, mingling. Safe room free zone!\n 18:30 - 18:45 - Keynote + Microphone tuning\n\n 18:45 to 19:15 - Exploring the Risks of ChatGPT and Other Generative AI Applications\n\nBar Hofesh - Co-Founder & CTO @ Bright Security\n\nThe presentation emphasizes the critical need for security in the realm of AI-generated code, spotlighting common vulnerabilities. It presents the three main avenues of attack against Large Language Models (LLMs): direct attacks on the LLMs themselves, compromises in the infrastructure and integrations, and weaknesses in applications. The presentation offers in-depth examples, particularly focusing on \"social engineering\" methods, to illustrate the techniques and consequences of these security breaches.\n\n 19:15 to 19:45 - Top 5 Open Source Tools All Developers Should Know About!\n\nRaz Probstein - Solution Engineer @ Jit\n\nThe Minimum Viable Security (MVS) approach simplifies the integration of security measures into config files, apps, and CI/CD processes using open source tools. This talk focuses on incorporating five key security controls into the CI/CD pipeline, utilizing tools like Bandit, Gitleaks, OSV-Scanner, KICS, and OWASP\u2019s ZAP. These controls, along with custom measures for enforcing Multi-Factor Authentication via Github Security, establish a foundational security framework from the initial code, allowing continuous improvement as applications evolve over time. Code examples and demos will be presented in the session.\n\n 19:45 - 20:15 - Recent Supply Chain Code Attacks\n\nYoad Fekete - Co-Founder & CEO @ Myrror Security\n\nJoin us for a deep-dive into the world of recent software supply chain attacks and how to defend against them.\nIn this lecture, we will discuss the difference between a supply chain attack and a vulnerability, and explore why there has been a significant increase in these types of attacks in the past couple of years.\nWe will showcase various vectors for these attacks with recent attacks examples.\nThe highlight? A technical demo of an attack, similar to the UA-Parser/Ledger Connect kit malicious package attacks.\n\n=====================================================================\n\nThis event is sponsored by Bright Security in collaboration with OWASP Israel.\n\nJoin us at the event physically as we will not include Zoom or remote participation this time."
},
{
"group": "Ljubljana",
Expand Down Expand Up @@ -207,7 +237,7 @@
"time": "7:30-08:00",
"link": "https://www.meetup.com/owasp-los-angeles/events/297383153",
"timezone": "America/Los_Angeles",
"description": "**TOPIC**: Privacy by Design for Web Developers\nJoin us for great networking, dinner and drinks, and see a presentation by **Miguel (Mike) O. Villegas**, President and Founder of iSecurePrivacy, LLC.\n\n**ABSTRACT**: In today's digital landscape, the protection of user privacy has become a paramount concern. As web developers, it is our responsibility to ensure that the websites and applications we create not only deliver exceptional user experiences but also prioritize the privacy and security of user data. This lecture, \"Privacy by Design for Web Developers,\" explores the foundational principles and practical strategies that empower web developers to integrate privacy into every facet of their work.\nIn this lecture, we will delve into the concept of Privacy by Design (PbD) and its significance in the context of web development. We will examine how PbD serves as a proactive approach to safeguarding user data, fostering trust, and complying with evolving privacy regulations such as the GDPR and CCPA/CPRA.\n\n**SPONSORSHIP Opportunities Available**\n*Vendors interested in sponsoring please send an email to sponsorship.la@owasp.org*\n\n**CODE OF CONDUCT**\nWe hope you enjoy the event, we care deeply about inclusivity and diversity so that OWASP is a comfortable and welcoming community for everyone. Please reach out to one of our chapter leaders if you have any feedback/concerns or would like to speak to us, we take these matters very seriously. You can find out more about our policies here:\n[https://owasp.org/www-policy/operational/conferences-events.html#conference-and-event-anti-harassment-policy](https://owasp.org/www-policy/operational/conferences-events.html#conference-and-event-anti-harassment-policy)"
"description": "**TOPIC**: Privacy by Design for Web Developers\nIn partnership with **CSA So Cal Chapter**, join us for great networking, dinner and drinks, and see a presentation by **Miguel (Mike) O. Villegas**, President and Founder of iSecurePrivacy, LLC.\n\n**ABSTRACT**: In today's digital landscape, the protection of user privacy has become a paramount concern. As web developers, it is our responsibility to ensure that the websites and applications we create not only deliver exceptional user experiences but also prioritize the privacy and security of user data. This lecture, \"Privacy by Design for Web Developers,\" explores the foundational principles and practical strategies that empower web developers to integrate privacy into every facet of their work.\nIn this lecture, we will delve into the concept of Privacy by Design (PbD) and its significance in the context of web development. We will examine how PbD serves as a proactive approach to safeguarding user data, fostering trust, and complying with evolving privacy regulations such as the GDPR and CCPA/CPRA.\n\n**SPONSORSHIP Opportunities Available**\n*Vendors interested in sponsoring please send an email to sponsorship.la@owasp.org*\n\n**CODE OF CONDUCT**\nWe hope you enjoy the event, we care deeply about inclusivity and diversity so that OWASP is a comfortable and welcoming community for everyone. Please reach out to one of our chapter leaders if you have any feedback/concerns or would like to speak to us, we take these matters very seriously. You can find out more about our policies here:\n[https://owasp.org/www-policy/operational/conferences-events.html#conference-and-event-anti-harassment-policy](https://owasp.org/www-policy/operational/conferences-events.html#conference-and-event-anti-harassment-policy)"
},
{
"group": "Manchester",
Expand Down Expand Up @@ -289,16 +319,6 @@
"timezone": "America/Los_Angeles",
"description": "*Hacking a SaaS: A Practical Guide to Understanding Attackers and Defending Against Them*\n\nIn this talk, we will delve into the mindset of an attacker and explore the vulnerabilities they exploit in SaaS systems. We will cover the following topics:\n\n* What motivates hackers to target SaaS systems (5%)\n* How hackers conduct reconnaissance on SaaS systems (50%)\n* The anatomy of exploit chains (40%)\n* Strategies for defending against attacks (5%)\n\nOur goal is to provide a practical guide to understanding attackers and defending against them. We will share lots of hacker tips and tricks, and provide plenty of quiz moments to train your intuition. Our focus will be on vulnerabilities that hackers actually care about, rather than theoretical ones. All of our examples will be based on real-world exploit chains, and we will explore multiple vulnerabilities chained together to create media-news-headline-worthy outcomes. By the end of this talk, you will have a better understanding of how attackers think and operate, and you will be better equipped to defend against their attacks.\n\nOur January host and sponsor is Solutional Inc, and the talk will take place in their Portland office at 301 SE 2nd Ave.\n\nPlease RSVP here if you are planning to attend.\n\nThis is a monthly event of OWASP's Portland chapter."
},
{
"group": "Riyadh",
"repo": "www-chapter-riyadh",
"name": "Exploiting Windows Architecture",
"date": "2024-01-09",
"time": "9:30+03:00",
"link": "https://www.meetup.com/owasp-riyadh-meetup-group/events/298401481",
"timezone": "Asia/Riyadh",
"description": "**Topics covered:**\n\nWindows privilege escalation refers to the process of gaining higher levels of access or control on a Windows system than what is initially granted to a user or application. This is often exploited by attackers or security researchers to elevate their privileges and access sensitive resources or execute privileged operations. Privilege escalation can occur through various vulnerabilities or misconfigurations in the Windows operating system."
},
{
"group": "Salt Lake City",
"repo": "www-chapter-salt-lake-city",
Expand Down Expand Up @@ -328,15 +348,5 @@
"link": "https://www.meetup.com/owasp-stockholm/events/297944649",
"timezone": "Europe/Stockholm",
"description": "Artificial Intelligence is reshaping nearly every sector and will influence our society in ways that we are only now starting to comprehend. Rapid evolvement of tools, methods, and novel approaches is prompting businesses to swiftly adopt fresh solutions to harness the potential of this emerging paradigm. However, as new technologies, methodologies, and work practices are introduced, hackers also adapt and innovate, always staying one step ahead.\nThis session led by cybersecurity specialist Krister Hedfors will explore the techniques that hackers use to leverage, manipulate, and exploit GenAI systems, such as ChatGPT and Code Llama. He will also give an introduction to OWASP top 10 list for Large Language Models (LLM).\n\nThe meeting will start with a mingle at 18:00, the main presentation beginning (with online attendees) at 18:30"
},
{
"group": "Security Integration System",
"repo": "www-project-security-integration-system",
"name": "Exploiting Windows Architecture",
"date": "2024-01-09",
"time": "9:30+03:00",
"link": "https://www.meetup.com/owasp-riyadh-meetup-group/events/298401481",
"timezone": "Asia/Riyadh",
"description": "**Topics covered:**\n\nWindows privilege escalation refers to the process of gaining higher levels of access or control on a Windows system than what is initially granted to a user or application. This is often exploited by attackers or security researchers to elevate their privileges and access sensitive resources or execute privileged operations. Privilege escalation can occur through various vulnerabilities or misconfigurations in the Windows operating system."
}
]

0 comments on commit da9613d

Please sign in to comment.