From 488b4a289ae863a32597ac3cc3c6447f47ec8c7b Mon Sep 17 00:00:00 2001 From: OWASP Foundation Date: Mon, 25 Nov 2024 00:04:01 -0500 Subject: [PATCH] remote update file --- _data/community_events.json | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/_data/community_events.json b/_data/community_events.json index 9852714ad..572f3e5e2 100644 --- a/_data/community_events.json +++ b/_data/community_events.json @@ -187,7 +187,17 @@ "time": "18:00Z", "link": "https://www.meetup.com/owasp-london/events/304531909", "timezone": "Europe/London", - "description": "**This event is kindly hosted by Civo Tech Junction and sponsored by Security Compass. There is limited seating available for in-person attendees. Registration required.**\n\n**This event will be live-streamed on YouTube. Watch the live-stream here: [https://youtube.com/live/MhQhKa38Ea4](https://youtube.com/live/MhQhKa38Ea4)**\n\n**Recordings will be available on the OWASP London YouTube channel.**\n\n**Venue Location**: Civo Tech Junction, First Floor, 32-37 Cowper Street, London, EC2A 4AW\n**Nearest Tube:** Old Street (Northern Line), Cowper Street exit - 1 min walk\n**Doors Open at 6pm** for registration, pizza, drinks and networking. The talks start at 6:30pm (we start on time!).\n\n**TALKS:**\n\n**OWASP Introduction, Welcome and News** \\- Sam Stepanyan\\, Andra Lezza\\, Sherif Mansour \\- OWASP London Chapter Leaders\n\n**\"Security by Design, Not Injection\"** \u2013 Trevor Young\n\nSecurity by Design encompasses a variety of processes and technologies aimed at embedding security and compliance early in the development lifecycle. We know adopting Security by Design culture and processes can lower risk by preventing vulnerabilities in software, however effectively educating and shifting teams to implement these changes is notoriously difficult. It is a paradigm shift for most organizations, and many of them fail on their first attempt before finding\nsomething that works for them. This discussion will highlight how to explain what Security by Design is and will present strategies for communicating the importance and value it delivers.\n\n**\"OWASP Depscan v6 - The SCA Tool For Agile Builders, Creators, And Doers\"** \\- Prabhu Subramanian\n\nMost SCA tools can be best described as simple SBOM scanners with a backing vulnerability database. This naive design can lead to numerous false positive alerts due to a lack of comprehensive context. To accurately assess an application's security posture, it's crucial to consider its entire lifecycle, from pre-build to post-build, and capture the full-stack information in the form of SBOM, SaaSBOM, CBOM, OBOM etc.\nOWASP depscan v6 is a groundbreaking SCA tool that addresses these limitations by leveraging full-stack information. This innovative approach enables more precise vulnerability triage and prioritization, empowering developers to take informed action.\nJoin us to meet the project leader behind depscan v6, explore live demos, and delve into the technical intricacies of an xBOM-based SCA tool.\n\n**Guest Talk: TBC**\n\n**RAFFLE - win a prize kindly donated by our sponsors!**\n\n**SPEAKERS:**\n\n**Trevor Young**\n\nTrevor Young is an entrepreneurial product and technology leader who stays on top of the latest in design, architecture, and creative technologies. Having founded and led companies providing digital offerings, he uncovered his passion for collaborative problem solving, and innovation.He excels at finding inefficiencies in digital markets and disrupting them.\nTrevor combines strategic leadership with technical ability, formed from experience in a broad background of practical applications. Trevor currently serves as Chief Product Officer at Security Compass, where heleads product strategy for the company's Secure by Design platform, and Application Security Training library.\n\n**Prabhu Subramanian (@_prbh)**\n\nPrabhu Subramanian is a distinguished security expert and active contributor to the open-source security community. Prabhu is the author and OWASP Leader behind projects such as OWASP CycloneDX Generator (cdxgen) and OWASP depscan. He specializes in Supply Chain Security and offers consultancy to global clients via his company, AppThreat Ltd.\n\n**TICKETS:**\n\nOWASP meetups are free and open to anyone interested in application security. Please note that you MUST book your place to be admitted to the event by the building security.\n\n**CODE OF CONDUCT:**\n\nWe hope you enjoy the event, we care deeply about inclusivity and diversity so that OWASP is a comfortable and welcoming community for everyone. Please reach out to one of our chapter leaders if you have any feedback/concerns or would like to speak to us, we take these matters very seriously. OWASP Code Of Conduct: [https://owasp.org/www-policy/operational/code-of-conduct](https://owasp.org/www-policy/operational/code-of-conduct)" + "description": "**This event is kindly hosted by Civo Tech Junction and sponsored by Security Compass. There is limited seating available for in-person attendees. Registration required.**\n\n**This event will be live-streamed on YouTube. Watch the live-stream here: [https://youtube.com/live/MhQhKa38Ea4](https://youtube.com/live/MhQhKa38Ea4)**\n\n**Recordings will be available on the OWASP London YouTube channel.**\n\n**Venue Location**: Civo Tech Junction, First Floor, 32-37 Cowper Street, London, EC2A 4AW\n**Nearest Tube:** Old Street (Northern Line), Cowper Street exit - 1 min walk\n**Doors Open at 6pm** for registration, pizza, drinks and networking. The talks start at 6:30pm (we start on time!).\n\n**TALKS:**\n\n**OWASP Introduction, Welcome and News** \\- Sam Stepanyan\\, Andra Lezza\\, Sherif Mansour \\- OWASP London Chapter Leaders\n\n**\"Security by Design, Not Injection\"** \u2013 Trevor Young\n\nSecurity by Design encompasses a variety of processes and technologies aimed at embedding security and compliance early in the development lifecycle. We know adopting Security by Design culture and processes can lower risk by preventing vulnerabilities in software, however effectively educating and shifting teams to implement these changes is notoriously difficult. It is a paradigm shift for most organizations, and many of them fail on their first attempt before finding\nsomething that works for them. This discussion will highlight how to explain what Security by Design is and will present strategies for communicating the importance and value it delivers.\n\n**\"OWASP Depscan v6 - The SCA Tool For Agile Builders, Creators, And Doers\"** \\- Prabhu Subramanian\n\nMost SCA tools can be best described as simple SBOM scanners with a backing vulnerability database. This naive design can lead to numerous false positive alerts due to a lack of comprehensive context. To accurately assess an application's security posture, it's crucial to consider its entire lifecycle, from pre-build to post-build, and capture the full-stack information in the form of SBOM, SaaSBOM, CBOM, OBOM etc.\nOWASP depscan v6 is a groundbreaking SCA tool that addresses these limitations by leveraging full-stack information. This innovative approach enables more precise vulnerability triage and prioritization, empowering developers to take informed action.\nJoin us to meet the project leader behind depscan v6, explore live demos, and delve into the technical intricacies of an xBOM-based SCA tool.\n\n**\"I know what you did last summer\"** \\- Shruti Kulkarni\nLearn how cookies and client side storage may impact privacy of end users\n\n**RAFFLE - win a prize kindly donated by our sponsors!**\n\n**SPEAKERS:**\n\n**Trevor Young**\n\nTrevor Young is an entrepreneurial product and technology leader who stays on top of the latest in design, architecture, and creative technologies. Having founded and led companies providing digital offerings, he uncovered his passion for collaborative problem solving, and innovation.He excels at finding inefficiencies in digital markets and disrupting them.\nTrevor combines strategic leadership with technical ability, formed from experience in a broad background of practical applications. Trevor currently serves as Chief Product Officer at Security Compass, where heleads product strategy for the company's Secure by Design platform, and Application Security Training library.\n\n**Prabhu Subramanian (@_prbh)**\n\nPrabhu Subramanian is a distinguished security expert and active contributor to the open-source security community. Prabhu is the author and OWASP Leader behind projects such as OWASP CycloneDX Generator (cdxgen) and OWASP depscan. He specializes in Supply Chain Security and offers consultancy to global clients via his company, AppThreat Ltd.\n\n**Shruti Kulkarni (@[shruti-s-kulkarni](https://github.com/shruti-s-kulkarni))**\n\nShruti is a cyber security / enterprise security architect with experience in ISO27001, PCI-DSS, policies, standards, security tools, threat modelling, risk assessments. Shruti works on security strategies and collaborates with cross-functional groups to implement information security controls in software development life-cycle, service operations, service delivery such that security controls support business requirements.\n\n**TICKETS:**\n\nOWASP meetups are free and open to anyone interested in application security. Please note that you MUST book your place to be admitted to the event by the building security.\n\n**CODE OF CONDUCT:**\n\nWe hope you enjoy the event, we care deeply about inclusivity and diversity so that OWASP is a comfortable and welcoming community for everyone. Please reach out to one of our chapter leaders if you have any feedback/concerns or would like to speak to us, we take these matters very seriously. OWASP Code Of Conduct: [https://owasp.org/www-policy/operational/code-of-conduct](https://owasp.org/www-policy/operational/code-of-conduct)" + }, + { + "group": "Los Angeles", + "repo": "www-chapter-los-angeles", + "name": "OWASP LA Monthly [VIRTUAL] Meeting - DEC 12, 2024", + "date": "2024-12-12", + "time": "11:30-08:00", + "link": "https://www.meetup.com/owasp-los-angeles/events/304689555", + "timezone": "America/Los_Angeles", + "description": "/\\*\\* VIRTUAL \\*\\*/\n**TOPIC**: AI and OWASP \u2013 a guide to Artificial Intelligence for security professionals\nJoin us for our last meeting of 2024 for an amazing talk by **Rob van der Veer**\\, founder of OWASP AI Exchange\\, a pioneer and veteran in AI\\, security\\, and software engineering \\| Senior principal expert at SIG\\.\n\n**ABSTRACT**:\nOWASP is on the forefront of AI security, with the AI Exchange directly contributing to international standards and the LLM top 10 gaining broad adoption. Let\u2019s go over these OWASP projects to see what they offer, and what is important for you as security professional when it comes to protecting and red teaming AI systems.\n\n**SPONSORSHIP Opportunities Available**\n*Vendors interested in sponsoring please send an email to sponsorship.la@owasp.org*\n\n**CODE OF CONDUCT**\nWe hope you enjoy the event, we care deeply about inclusivity and diversity so that OWASP is a comfortable and welcoming community for everyone. Please reach out to one of our chapter leaders if you have any feedback/concerns or would like to speak to us, we take these matters very seriously. You can find out more about our policies here:\n[https://owasp.org/www-policy/operational/conferences-events.html#conference-and-event-anti-harassment-policy](https://owasp.org/www-policy/operational/conferences-events.html#conference-and-event-anti-harassment-policy)\n\n**SPONSORSHIP Opportunities Available**\n*Vendors interested in sponsoring please send an email to sponsorship.la@owasp.org*" }, { "group": "Minneapolis St Paul",