Skip to content

Commit

Permalink
remote update file
Browse files Browse the repository at this point in the history
  • Loading branch information
@OWASPFoundation
OWASPFoundation committed Jan 21, 2025
1 parent ab06a9e commit 91ab15c
Showing 1 changed file with 33 additions and 3 deletions.
36 changes: 33 additions & 3 deletions _data/community_events.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -79,6 +79,16 @@
"timezone": "Asia/Kolkata",
"description": "Join us for the OWASP Bhopal Chapter Meetup to explore the latest trends in Cybersecurity. Our event will focus on topics such as Computer Security, Application Security, Penetration Testing, and Web Application Security. Dive deep into discussions on Software Security and Web Technology, while staying updated on Information Security best practices.\n\nThis meetup will also include interactive sessions on Capture the Flag challenges and Machine Learning applications in cybersecurity. Whether you are a seasoned professional or a newbie in the field, this event is a great opportunity to network with fellow enthusiasts and learn from industry experts. Don't miss out on this chance to enhance your knowledge and skills in the ever-evolving realm of cybersecurity."
},
{
"group": "Bogota",
"repo": "www-chapter-bogota",
"name": "Asado Owasp Bogota - Inicio 2025",
"date": "2025-01-25",
"time": "13:30-05:00",
"link": "https://www.meetup.com/owasp-bogota-meetup-group/events/305717888",
"timezone": "America/Bogota",
"description": "Encuentro inicial para arrancar el 2025\nNetworking, beber, comer, planear lo que viene para el grupo este 2025 y hablar de Hacking.\nIncluye Carne + Papas + 2 Cervezas\nCharla de **Juan Wilches** (Pwn de un dummy para dummies)\nPara confirmar su asistencia es necesario consignar el valor de 40.000:\nNequi\n3057067139\nConserve el pantallazo de su transferencia"
},
{
"group": "Boulder",
"repo": "www-chapter-boulder",
Expand All @@ -87,7 +97,7 @@
"time": "18:00-07:00",
"link": "https://www.meetup.com/owasp-boulder/events/305589815",
"timezone": "America/Denver",
"description": "Boulder OWASP is back for 2025 and looking forward to welcoming everyone! We\u2019ll be changing our format this month to a more hands-on approach to Application Security with a Capture the Flag event. Whether you\u2019re an experienced Application Penetration Tester or brand new for the AppSec world, there will be something for everyone.\n\nOWASP Boulder\u2019s own Mark Hoopes has found a truly insecure CRM application ready to be exploited. Entry level participants can explore a poorly designed authorization system and mid-level hackers will have plenty of opportunities to run SQL and JavaScript Injection attacks. For the experts, there is even a pathway to shell, but it will take some real dedication to get there.\n\nTo ensure everyone has a good time, we'll be encouraging experienced participants to team up with those who are new to web exploitation. On top of that, a walkthrough document will be available and exploit demos will be given gradually throughout the evening.\n\nBring your own laptop with an intercepting proxy (Burp, ZAP, etc.) installed to participate as an attacker, but if you\u2019re not comfortable at that level, feel free to just bring yourself and plan to shadow, watch, and learn.\n\nInstallation instructions can be found here:\n[https://www.meristeminfosec.com/resources/boulder-ctf](https://www.meristeminfosec.com/resources/boulder-ctf)\n\nTo make sure everyone comes prepared, a Q&A session will be held on the Monday before the event at 7pm: [https://meet.google.com/ddn-zozh-ysv](https://meet.google.com/ddn-zozh-ysv)\n\nSpecial thanks to the Rule4 Team for hosting and sponsoring, we couldn't do these events without our sponsors. If you're interested in sponsoring the #1 AppSec organization and our Boulder Chapter meetings, please reach out to alex.brown@owasp.org.\n\nPlease follow us on LinkedIn: https://www.linkedin.com/company/owasp-boulder\n\nAnd join our Slack: https://join.slack.com/t/boulder-owasp/shared_invite/zt-2qnxnmmts-IQDaobNC1rcUbpaH1ip8Lg\n\n**AGENDA**\n6:00 - 6:30 Food, Drinks, Networking\n6:30 - 7:30ish CTF Time\n7:30 - 8:00 More Networking"
"description": "Reminder! Tonight, Monday, 1/20, at 7PM, we'll be hosting a virtual prep session for Wednesday's CTF. Talk to you all tonight here: [https://meet.google.com/ddn-zozh-ysv](https://meet.google.com/ddn-zozh-ysv)\n\nBoulder OWASP is back for 2025 and looking forward to welcoming everyone! We\u2019ll be changing our format this month to a more hands-on approach to Application Security with a Capture the Flag event. Whether you\u2019re an experienced Application Penetration Tester or brand new for the AppSec world, there will be something for everyone.\n\nOWASP Boulder\u2019s own Mark Hoopes has found a truly insecure CRM application ready to be exploited. Entry level participants can explore a poorly designed authorization system and mid-level hackers will have plenty of opportunities to run SQL and JavaScript Injection attacks. For the experts, there is even a pathway to shell, but it will take some real dedication to get there.\n\nTo ensure everyone has a good time, we'll be encouraging experienced participants to team up with those who are new to web exploitation. On top of that, a walkthrough document will be available and exploit demos will be given gradually throughout the evening.\n\nBring your own laptop with an intercepting proxy (Burp, ZAP, etc.) installed to participate as an attacker, but if you\u2019re not comfortable at that level, feel free to just bring yourself and plan to shadow, watch, and learn.\n\nInstallation instructions can be found here:\n[https://www.meristeminfosec.com/resources/boulder-ctf](https://www.meristeminfosec.com/resources/boulder-ctf)\n\nTo make sure everyone comes prepared, a Q&A session will be held on the Monday before the event at 7pm: [https://meet.google.com/ddn-zozh-ysv](https://meet.google.com/ddn-zozh-ysv)\n\nSpecial thanks to the Rule4 Team for hosting and sponsoring, we couldn't do these events without our sponsors. If you're interested in sponsoring the #1 AppSec organization and our Boulder Chapter meetings, please reach out to alex.brown@owasp.org.\n\nPlease follow us on LinkedIn: https://www.linkedin.com/company/owasp-boulder\n\nAnd join our Slack: https://join.slack.com/t/boulder-owasp/shared_invite/zt-2qnxnmmts-IQDaobNC1rcUbpaH1ip8Lg\n\n**AGENDA**\n6:00 - 6:30 Food, Drinks, Networking\n6:30 - 7:30ish CTF Time\n7:30 - 8:00 More Networking"
},
{
"group": "Cincinnati",
Expand Down Expand Up @@ -184,10 +194,10 @@
"repo": "www-chapter-nashville",
"name": "Secure Coding Tournament with Security Journey",
"date": "2025-01-22",
"time": "16:30-06:00",
"time": "17:00-06:00",
"link": "https://www.meetup.com/owasp-nashville-chapter/events/299885971",
"timezone": "America/Chicago",
"description": "TBD"
"description": "We'll have a coding game to play from Security Journey! Supported languages are:\n\n* Ruby\n* Python\n* Java\n* Javascript\n* C#"
},
{
"group": "Netherlands",
Expand All @@ -199,6 +209,16 @@
"timezone": "Europe/Amsterdam",
"description": "See [https://owasp.org/www-chapter-netherlands/upcomingevents](https://owasp.org/www-chapter-netherlands/upcomingevents) for more information about the OWASP Netherlands chapter.\n\n18:00 - 18:15 - **Reception of attendees**\n18:15 - 19:00 - **Pizza**\n19:00 - 19:15 - **Welcome and OWASP updates**\n19:15 - 20:00 - **The AI Who Shagged Me!** by **Ali Abdollahi**\n20.00 - 20:15 - **Break with drinks**\n20:15 - 21:00 - **Behind the Breach: Understanding and Preventing Web Vulnerabilities** by **Mitchel Koster**\n\n**The AI Who Shagged Me!**\n*Abstract:*\nIn today\u2019s ever-changing world of cybersecurity, bringing AI into red teaming exercises is an exciting way to boost how we assess our organizational defenses. This approach fits well with frameworks like TIBER, which focus on creating realistic simulations of cyber threats. It\u2019s all about making our defenses stronger and more effective! AI algorithms effectively analyze large datasets to identify emerging threats and tactics, aiding in realistic attack simulations. AI-driven tools help replicate complex attacks, providing red teams with thorough assessments of security measures. Using AI-generated anomalies enhances detection capabilities and strengthens incident response plans. However, the integration of AI into red teaming is not without challenges. This discussion aims to provide a nuanced overview of the application of AI in red teaming exercises, examining its potential benefits and limitations within established frameworks like TIBER. By critically evaluating this integration, we can better understand how to harness AI\u2019s capabilities to strengthen cybersecurity offense and defense.\n*Bio:*\nAli is a cybersecurity researcher with over 12 years of experience. Currently, he is the application and offensive security manager at Canon EMEA. He studied computer engineering, published articles, and holds several professional certificates. Ali is a Microsoft MVP and regular speaker or trainer at industry conferences and events.\n\n**Behind the Breach: Understanding and Preventing Web Vulnerabilities**\n*Abstract:*\n\u201cBehind the Breach: Understanding and Preventing Web Vulnerabilities delves into the transformation of modern web applications and architecture, showcasing how advancements in frameworks and browser technologies have revolutionized security. Yet, even with these innovations, attackers persist in uncovering and exploiting vulnerabilities. Drawing from real-world case studies across industries\u2014from agile startups to global enterprises\u2014this presentation not only demonstrates how a deeper understanding of security can thwart these threats, but also highlights how effectively conveying the potential impact of vulnerabilities is key to prioritizing security efforts.\u201d\n*Bio:*\nMitchel Koster is the Chief Security Researcher at Breachlock, where he leads the development of new security products and conducts research and engagements for high-profile clients. His work includes Red and Purple Team exercises and addressing custom security requirements across diverse sectors, including Aviation and Healthcare. With a background in computer science, embedded systems, and programming, Mitchel bridges the gap between modern software development practices and robust security measures.\n\nFor parking, there\u2019s a (paid) parking space less than 5 minutes away at the Q-Park Hermitage. ([ https://maps.app.goo.gl/XpJzhnj4BP6Kw9T88](https://maps.app.goo.gl/XpJzhnj4BP6Kw9T88) )\n\nAlso a 5 minute walk is the Zaandam station. ([ https://maps.app.goo.gl/3emKrp4ygx41SoN67](https://maps.app.goo.gl/3emKrp4ygx41SoN67) )"
},
{
"group": "Newcastle Uk",
"repo": "www-chapter-newcastle-uk",
"name": "OWASP Newcastle February 2025",
"date": "2025-02-19",
"time": "18:00Z",
"link": "https://www.meetup.com/owasp-newcastle-chapter/events/305613479",
"timezone": "Europe/London",
"description": "We're back with our first event of 2025! We\u2019ll be doing our usual two talks and pizza format.\n\nLocation: Opencast Software, Unit 2, The Kiln, Hoults Yard, Newcastle\u2011upon\u2011Tyne NE6 1AB.\nThere is free onsite registered parking. To register, attendees must enter their details into an iPad upon entering the Opencast office otherwise a parking fine may be issued.\nNeither OWASP Newcastle or Opencast can assist with or be responsible for parking issues, you do so at your own risk.\n\nRough schedule:\n\n1800 - 1815 Arrival and networking\n1815 - 1830 OWASP Newcastle Welcome\n1830 - 1915 Talk one\n1915 - 2000 Pizza and networking\n2000 - 2045 Talk two\n2045 - onwards Pub?\n\nTalk overviews:\n\nTalk one\n**Title:** Harassed by Hamas: Israel\u2019s Cyberwar\n**Speaker:** Andy Pannell\n**Speaker Bio:** Andy Pannell is an accomplished application security lead with a keen focus on safeguarding product and cloud security for a prominent mobile ride-hailing company. His expertise lies in identifying vulnerabilities, implementing robust security measures, and ensuring the integrity of critical systems.\nOutside the digital realm, Andy indulges in a passion that balances the binary code: endurance racing. Andy spends hours at racetracks, appreciating the symphony of precision engineering and adrenaline-fueled competition.\n**Talk Synopsis:** This presentation examines (in my opinion) one of the most recently overused phrases in the media \u201ccyber war\u201d, and what it actually means in reality for us cyber security practitioners.\nWe will start by examining warfare, and review previous nation states attacks that have crossed the boundary into offensive cyber operations.\nWe will then focus on October 2023 and the tactics deployed by both Hamas and the IDF during the war, from a cyber perspective. To do this we will discuss reverse engineering malware samples, API security and DDoS attacks in detail.\nLastly we will conclude by looking at what the future of cyber warfare looks like, and what we can do to best protect ourselves / our organisations in such events.\n\nTalk two\n**Title:** Scaling Security Through Collaboration: The Role of Security Champions in Modern Organisations.\n**Speaker:** Kimberley Graham\n**Speaker Bio:** Kimberley is the Manager of People-Centered Security at Sage, headquartered in Newcastle. She is responsible for promoting and championing security within Sage.\n**Talk Synopsis:** TBC\n\nThere is a capacity limit on the venue so ticket numbers for the event have been restricted so please cancel your ticket if you are unable to attend.\n\n**Live Stream Info:** We're hoping to be able to live stream the event on our [playeur channel](https://playeur.com/c/OWASPNewcastle/)"
},
{
"group": "Orange County",
"repo": "www-chapter-orange-county",
Expand Down Expand Up @@ -269,6 +289,16 @@
"timezone": "Europe/Berlin",
"description": "**AI Security & Insights into OWASP Top 10 LLM**\n\nAs artificial intelligence systems become increasingly integrated into our daily lives, the importance of securing these systems grows exponentially. This keynote introduces the core principles of AI security, highlighting the unique challenges and risks posed by large language models (LLMs). Explore the recently introduced OWASP Top 10 for LLMs\u2014a comprehensive framework that identifies the most critical vulnerabilities and provides actionable guidance for securing AI applications. We'll finish with an oversight of all the initiatives at the OWASP Top 10 LLM community.\n\n**Agenda (Subject to Change):**\n\n* **6:00 PM**: Arrival\n* **6:30 PM - 7:30 PM**: Presentation\n* **7:30 PM - approximately 9:00 PM**: Barbecue, drinks, discussion, and networking"
},
{
"group": "Switzerland",
"repo": "www-chapter-switzerland",
"name": "OWASP Switzerland Community Meetup, February 2025",
"date": "2025-02-19",
"time": "17:10+01:00",
"link": "https://www.meetup.com/owaspswitzerland/events/305296964",
"timezone": "Europe/Zurich",
"description": "Join us at the OWASP Switzerland Community Meetup to kick off the year 2025! This meetup will feature two exciting talks on application security. It\u2019s a fantastic opportunity to network with like-minded professionals, exchange ideas, and expand your knowledge in a friendly and collaborative environment.\n\n**Program:**\n**17:10** - **Doors open**: Grab a drink, meet old and new friends from the OWASP Switzerland community\n\n**17:35** - **Uninstallable by Design**: The Role of Pre-installed Apps in Android\u2019s Security Landscape - (Thomas Sutter, PhD Student @ University of Bern)\n\n**18:30** - **Coffee Break**\n\n**18:45** - **Continuous Security with DevSecOps**: How Platform Engineering Transforms Modern Application Security\u200b - (Romano Roth, Chief of DevOps / Partner @ Z\u00fchlke)\n\n**19:40 - 20:10 - Drinks, Fingerfood and Networking:** Grab a bite and chat with old and new friends\n\n**Talk details:**\n\n* **Uninstallable by Design - by Thomas Sutter**: The competitive smartphone market is keen to prevent its intellectual property from being analysed by competitors and the public. As a result, most smartphones are locked when distributed, and anti-reversing techniques are widely used. Consequently, millions of users use smartphones daily without a clear understanding of the software\u2019s functionality and purpose. To lower the bar for security researcher to analyze Android firmware, we developed a novel framework, called FirmwareDroid. In this talk, we discuss the challenges to automate the process of analyzing Android firmware and showcase how we use FirmwareDroid to analyse pre-installed Android apps in academia.\n* **Continuous Security with DevSecOps - by Romano Roth:** Security must be seamlessly integrated into every stage of the software development lifecycle. This talk explores how combining DevSecOps principles with Platform Engineering empowers teams through automation, standardized environments, and reduced complexity. Learn how these approaches transform application security into a proactive, scalable, and collaborative enabler for delivering secure, high-quality software at speed."
},
{
"group": "Tampa",
"repo": "www-chapter-tampa",
Expand Down

0 comments on commit 91ab15c

Please sign in to comment.