Skip to content

Commit

Permalink
remote update file
Browse files Browse the repository at this point in the history
  • Loading branch information
@OWASPFoundation
OWASPFoundation committed Nov 12, 2024
1 parent 1b71933 commit eb7feaf
Showing 1 changed file with 31 additions and 1 deletion.
32 changes: 31 additions & 1 deletion _data/community_events.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@
"time": "17:30-08:00",
"link": "https://www.meetup.com/bay-area-owasp/events/304430938",
"timezone": "America/Los_Angeles",
"description": "Join us for Bay Area OWASP's upcoming event, Great talks, delicious food Courtesy our sponsors Endor Labs. Get ready for insightful discussions and the chance to network with some of the brightest minds in the industry.\n\n**Agenda:**\n5:30 - 6:00: Doors open, networking and food\n6:00 - 6:45: **Start Clean with AI: Select Safer LLMs**\n6:45 - 7:30: **AI && Patterns for SAST Automation.**\n\n**Talk#1 Start Clean with AI: Select Safer LLMs**\nThis talk will cover practical information that every developer that works with AI and AI models needs to be aware of. AI models have both similarities as well as important differences than OSS package dependencies. We will discuss ways that AI models can introduce both operational and security risk, and practical ways of managing this risk. As well as cover why it is really difficult to gain visibility into an AI model and some nascent industry efforts to address the problem.\n\n**Speaker:- George Apostolopoulos - Endor Labs Engineering**\n20+ years of experience in building and delivering networking and security products with emphasis on innovation. 6+ years of hands-on experience in large scale security analytics and machine learning for cybersecurity including a key role in one of the first machine learning based security products in the market.\n\nTalk#2 **AI && Patterns for SAST Automation.**\nDescription:- TBD\n\nSpeaker: Bogdan Barchuk, SSCP. CISP. CISM. OSCP. OSCE.. OSCW. WAPT. CREST and OSWE. Bogdan is a seasoned pentester with keen interest in Offesive security"
"description": "Join us for Bay Area OWASP's upcoming event, Great talks, delicious food Courtesy our sponsors Endor Labs. Get ready for insightful discussions and the chance to network with some of the brightest minds in the industry.\n\n**Agenda:**\n5:30 - 6:00: Doors open, networking and food\n6:00 - 6:45: **Start Clean with AI: Select Safer LLMs**\n6:45 - 7:30: **AI && Patterns for SAST Automation.**\n\n**Talk#1 Start Clean with AI: Select Safer LLMs**\nThis talk will cover practical information that every developer that works with AI and AI models needs to be aware of. AI models have both similarities as well as important differences than OSS package dependencies. We will discuss ways that AI models can introduce both operational and security risk, and practical ways of managing this risk. As well as cover why it is really difficult to gain visibility into an AI model and some nascent industry efforts to address the problem.\n\n**Speaker:- George Apostolopoulos - Endor Labs Engineering**\n20+ years of experience in building and delivering networking and security products with emphasis on innovation. 6+ years of hands-on experience in large scale security analytics and machine learning for cybersecurity including a key role in one of the first machine learning based security products in the market.\n\nTalk#2 **AI && Patterns for SAST Automation.**\nDescription: Whether you're building a security toolkit or looking to enhance an existing SAST implementation, this session will provide actionable strategies for integrating AI to bolster your static code analysis, streamline your workflows, and catch vulnerabilities before they become exploits.\n\nSpeaker: Bogdan Barchuk, SSCP. CISP. CISM. OSCP. OSCE.. OSCW. WAPT. CREST and OSWE. Bogdan is a seasoned pentester with keen interest in Offesive security"
},
{
"group": "Belgium",
Expand Down Expand Up @@ -259,6 +259,26 @@
"timezone": "America/New_York",
"description": "This is an In-Person OWASP Orlando Chapter Meeting\n\nFood to be provided (Typically pizza or sandwiches)\n\nIntroductions\n\nMore details to be provided soon!\n\nSpeaker 1: **Tony Turner**\nTopic: Five Elements of Trust - Tony with present on 5 elements of trustworthy software, useful in establishing software and technology assurance in your supply chains.\n\nSpeaker 2: **TBD**\nTopic: TBD"
},
{
"group": "Oslo",
"repo": "www-chapter-oslo",
"name": "Bug Bounty Bonanza",
"date": "2024-11-27",
"time": "17:30+01:00",
"link": "https://www.meetup.com/owasp-oslo/events/304502608",
"timezone": "Europe/Oslo",
"description": "Velkommen til OWASP temakveld om bug bounty! Finnerl\u00f8nn for s\u00e5rbarheter burde v\u00e6rt obligatorisk for viktige publikumsl\u00f8sninger p\u00e5 internett, men i Norge er det unntaket heller enn regelen. Vi har gleden av \u00e5 invitere til to erfaringsforedrag om innf\u00f8ring og drift av bug bounty-programmer, og et foredrag om hvordan det er \u00e5 delta som tester.\n\nDet serveres mat kl 17:30, og foredragene starter kl 18:00. Vi vil ha tid til sp\u00f8rsm\u00e5l og diskusjoner.\n\nTemakvelden arrangeres i SpareBank 1 Utviklings m\u00f8teromssenter. Vi ber om at dere oppgir telefonnummer under p\u00e5melding, s\u00e5 vi kan forh\u00e5ndsregistrere dere som bes\u00f8kende.\n\n**Sett skuddpremie p\u00e5 s\u00e5rbarhetene dine - Jon Are Rakv\u00e5g, SpareBank 1 Utvikling**\n\nSpareBank 1 Utvikling lager nettbank, og vi gj\u00f8r alt vi kan for \u00e5 gj\u00f8re den sikker. Likevel var vi overbevist om at vi hadde s\u00e5rbarheter vi ikke hadde funnet enn\u00e5. Det stemte!\n\nLa oss snakke om hva SpareBank 1 l\u00e6rte av \u00e5 innf\u00f8re finnerl\u00f8nn for s\u00e5rbarheter, og hvorfor du er spr\u00f8 om du ikke gj\u00f8r det samme. Hva gj\u00f8r bug bounties unikt, og hvordan reddet det rumpa til foredragsholderen?\n\n30 min\n\n**FINN.no's Secret Sauce: how we went from finding 15 vulnerabilities to over 100 per year! - Emil Vaagland, FINN.no**\n\nSince 2019 FINN.no has tried a lot of different appsec tools and processes to improve our security. In this talk you will learn about the most effective of them all, namely our private bug bounty program. In terms of finding real vulnerabilities, this activity outshines any other appsec tool or process by a large margin, it enables us to find a lot more vulnerabilities than before at a fraction of the cost of traditional pen-testing. We will talk about how to run an effective bug bounty program and why it should be the key ingredient of your appsec program. We will also show-case some high impact vulnerability reports we have received to show the real impact you can get from a bug bounty program.\n\n20-30 min\n\n**S\u00e5rbarheter som hobby - Joakim Harbitz**\n\n\u00c5 jakte etter s\u00e5rbarheter kan v\u00e6re b\u00e5de spennende og utfordrende, men hvordan starter man egentlig?\n\nJoakim er pentester p\u00e5 dagtid og en dedikert bug bounty hunter p\u00e5 kveldstid. I dette foredraget deler han sine beste tips og triks for \u00e5 komme i gang, og hvordan man utvikler et tankesett som \u00f8ker sjansene for \u00e5 finne den neste s\u00e5rbarheten.\n\nEnten du er nybegynner eller har litt erfaring, vil dette foredraget gi deg innsikt i hvordan du kan skille deg ut i en konkurransepreget arena. Hvordan sm\u00e5 detaljer kan avsl\u00f8re store muligheter og lede deg til s\u00e5rbarheter ingen andre ser.\n\n20-30 min"
},
{
"group": "Ottawa",
"repo": "www-chapter-ottawa",
"name": "OWASPOttawa November 20th 2024: DevSecOps Worst Practices/The OWASP Top 10 Intro",
"date": "2024-11-20",
"time": "18:00-05:00",
"link": "https://www.meetup.com/owasp-ottawa/events/304507525",
"timezone": "America/Toronto",
"description": "**Welcome to our in-Person Meetup at the University of Ottawa**\n\nIn-Person Location:\n150 Louis-Pasteur Private, Ottawa,\nUniversity of Ottawa\nRoom 117\n\nWe will continue to Live Stream on our YouTube channel. (https://www.youtube.com/@OWASP_Ottawa). Subscribe to our YouTube channel, set a reminder and you\u2019ll get a notification as soon as we go live!\n\n**YouTube Live Stream Link**: TBA\n\n**6:00 PM EST** Arrival, setup, mingle, PIZZA!!!\n\n**6:30 PM EST** Technical Talks\n\n1. Introduction to OWASP Ottawa, Public Announcements.\n2. **A Brief Overview of the OWASP Top 10 with Gabriel Kronfeld.**\n3. **DevSecOps Worst Practices with Tanya Janca.**\n\n**Abstract:**\n*A Brief Overview of the OWASP Top 10 with Gabriel Kronfeld.*\nThe OWASP Top 10 reveals the most critical security vulnerabilities facing modern web applications. This talk will walk attendees through each item on the 2021 list, from broken access control to server-side request forgery. Each vulnerability is explored in detail\u2014understanding how it works, why it\u2019s dangerous, and what\u2019s needed to prevent it. With real examples to bring these threats to life, this session is an accessible introduction for beginners and a useful refresher for seasoned practitioners.\nJoin us to get a solid foundation in web security essentials.\n\n*DevSecOps Worst Practices with Tanya Janca.*\nQuite often when we read best practices we are told \u2018what\u2019 to do, but not the \u2018why\u2019. When we are told to ensure there are no false positives in the pipeline, the reason seems obvious, but not every part of DevOps is that intuitive, and not all \u2018best practices\u2019 make sense on first blush. Let\u2019s explore tried, tested, and failed methods, and then flip them on their head, so we know not only what to do to avoid them, but also why it is important to do so, with these DevSecOps WORST practices.\n\n**Speakers:**\n**Gabriel Kronfeld** is a graduate from the University of Ottawa with a degree in Computer Engineering. With experience spanning backend programming, DevOps, system administration, and database management, Gabriel has collaborated with various Ottawa-based companies on technical projects. Although new to cybersecurity, he brings a strong technical foundation and is keen to expand his knowledge in this field. Outside of work, Gabriel enjoys cycling, photography, and building drones as hands-on hobbies.\n\n**Tanya Janca**, aka SheHacksPurple, is the best-selling author of 'Alice and Bob Learn Secure Coding', 'Alice and Bob Learn Application Security\u2019 and \u2018Cards Against AppSec'. Over her 28-year IT career she has won countless awards (including OWASP Lifetime Distinguished Member and Hacker of the Year), spoken all over the planet, and is a prolific blogger. Tanya has trained thousands of software developers and IT security professionals, via her online academies (We Hack Purple and Semgrep Academy), and her live training programs. Having performed counter-terrorism, led security for the 52nd Canadian general election, developed or secured countless applications, Tanya Janca is widely considered an international authority on the security of software. Tanya currently leads education and community for Semgrep."
},
{
"group": "Peterborough",
"repo": "www-chapter-peterborough",
Expand All @@ -279,6 +299,16 @@
"timezone": "America/New_York",
"description": "Last Call!! Woah has it been (almost) a year?! You'd forgive me if I am confused while we experience May weather in November. Anyhow, this will in fact be our last in person meeting for the good year 2024. Please join us for comradery, security, and our final speaker - Mike Briley! There's been quite a buzz (not an OWASP joke) around this one since we announced it way back in September. Close down the year with us with this engaging speaker. Lite refreshments will be served.\n\nThis talk will explore many elements of the cyber insurance industry. Security controls have failed, leading to a system compromise. So now what?! He will discuss what a cyber policy covers and how the process unfolds while taking a deep dive into a real-life claims example."
},
{
"group": "Seattle",
"repo": "www-chapter-seattle",
"name": "Security Social Lunch Hours",
"date": "2024-12-11",
"time": "12:00-08:00",
"link": "https://www.meetup.com/owasp-seattle-chapter/events/300539102",
"timezone": "America/Los_Angeles",
"description": "At noon on the 2nd Wednesday of every month we host a social meeting on Zoom with mini talks and breakout rooms. The main room will always be open for social time but we plan to have 1-2 topic breakouts you can join. If the breakout session topic interests you, join that discussion. Feeling more like a casual chat and exploring other topics? Visit the main room to strike up a conversation.\n\nSuggest topics you\u2019d like to see breakout rooms for and let us know if you\u2019d like to sign up to lead one.\n\nSlack @ #chapter-seattle (https://bit.ly/owasp-seattle-slack)\n\nseattle-chapter@owasp.org (https://groups.google.com/a/owasp.org/g/seattle-chapter)"
},
{
"group": "Seattle",
"repo": "www-chapter-seattle",
Expand Down

0 comments on commit eb7feaf

Please sign in to comment.